Releases: philips-labs/spiffe-vault
Releases · philips-labs/spiffe-vault
v0.6.2
v0.6.2
This tag was signed with the committer’s verified signature.
The key has expired.
marcofranssen
Marco Franssen
Changelog
Other changes
- 24c489a: Bump google.golang.org/protobuf from 1.32.0 to 1.33.0 (@dependabot[bot])
Full Changelog: philips-labs/slsa-provenance-action@v0.6.1...v0.6.2
Contributors
dependabot
Assets 17
- 624 Bytes
2024-03-14T09:13:22Z - 96 Bytes
2024-03-14T09:13:22Z - 178 Bytes
2024-03-14T09:13:24Z - 8.66 MB
2024-03-14T09:13:21Z - 96 Bytes
2024-03-14T09:13:22Z - 8.28 MB
2024-03-14T09:13:21Z - 96 Bytes
2024-03-14T09:13:22Z - 8.63 MB
2024-03-14T09:13:22Z - 96 Bytes
2024-03-14T09:13:23Z - 8.1 MB
2024-03-14T09:13:21Z -
2024-03-14T09:08:56Z -
2024-03-14T09:08:56Z - Loading
v0.6.1
v0.6.1
This tag was signed with the committer’s verified signature.
The key has expired.
marcofranssen
Marco Franssen
Changelog
Other changes
- 0f49b98: Bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 (@dependabot[bot])
Full Changelog: philips-labs/slsa-provenance-action@v0.6.0...v0.6.1
Contributors
dependabot
Assets 17
v0.6.0
v0.6.0
This tag was signed with the committer’s verified signature.
The key has expired.
marcofranssen
Marco Franssen
Changelog
Other changes
- 627190b: Add multi-arch Docker image support (@marcofranssen)
- 1ff5208: Add source label on containers (@marcofranssen)
- 61786a1: Also publish the signatures as part of the release (@marcofranssen)
- f940c26: Bump actions/setup-go from 4.1.0 to 5.0.0 (@dependabot[bot])
- 292d5e0: Bump busybox to latest + bump ca-certificaes and vault-binary to latest (@marcofranssen)
- 1690c2e: Bump codecov/codecov-action from 3.1.4 to 3.1.5 (@dependabot[bot])
- f02eb63: Bump codecov/codecov-action from 3.1.5 to 4.0.2 (@dependabot[bot])
- a5d1270: Bump codecov/codecov-action from 4.0.2 to 4.1.0 (@dependabot[bot])
- 87498db: Bump cosign to v2.2.1 (@marcofranssen)
- dac9a32: Bump cosign to v2.2.3 (@marcofranssen)
- 4fd40a5: Bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1 (@dependabot[bot])
- 3120adc: Bump github.com/hashicorp/vault/api from 1.10.0 to 1.11.0 (@dependabot[bot])
- 34abf28: Bump github.com/hashicorp/vault/api from 1.11.0 to 1.12.0 (@dependabot[bot])
- 5caad64: Bump github.com/spiffe/go-spiffe/v2 from 2.1.6 to 2.1.7 (@dependabot[bot])
- 269629c: Bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (@dependabot[bot])
- d11c1e0: Bump go to 1.22 (@marcofranssen)
- d493d25: Bump google.golang.org/grpc from 1.53.0 to 1.56.3 (@dependabot[bot])
- 8974a99: Bump hashicorp/setup-terraform from 2.0.3 to 3.0.0 (@dependabot[bot])
- 678457b: Bump hashicorp/vault in /example/vault/environments/local (@dependabot[bot])
- 66978ab: Bump hashicorp/vault in /example/vault/environments/local (@dependabot[bot])
- 919defd: Bump hashicorp/vault in /example/vault/environments/local (@dependabot[bot])
- 74eaf9c: Bump hashicorp/vault in /example/vault/environments/local (@dependabot[bot])
- 6dd2763: Bump philips-labs/slsa-provenance-action from 0.8.0 to 0.9.0 (@dependabot[bot])
- d7cfa18: Bump sigstore/cosign-installer from 3.1.2 to 3.2.0 (@dependabot[bot])
- 0408f49: Bump sigstore/cosign-installer from 3.2.0 to 3.3.0 (@dependabot[bot])
- c852cde: Bump sigstore/cosign-installer from 3.3.0 to 3.4.0 (@dependabot[bot])
- c36ca04: Remove the release to dockerhub, only releasing to ghcr.io from now on (@marcofranssen)
Full Changelog: philips-labs/slsa-provenance-action@v0.5.1...v0.6.0
Contributors
marcofranssen and dependabot
Assets 17
v0.5.1
v0.5.1
This tag was signed with the committer’s verified signature.
The key has expired.
marcofranssen
Marco Franssen
Changelog
Other changes
- fbcc09b: Bump actions/checkout from 3 to 4 (@dependabot[bot])
- aecdfa3: Bump golang.org/x/net from 0.7.0 to 0.17.0 (@dependabot[bot])
- 082cdbb: Bump goreleaser/goreleaser-action from 4 to 5 (@dependabot[bot])
- 470f901: Bump hashicorp/vault in /example/vault/environments/local (@dependabot[bot])
Full Changelog: philips-labs/slsa-provenance-action@v0.5.0...v0.5.1
Contributors
dependabot
Assets 18
v0.5.0
v0.5.0
This tag was signed with the committer’s verified signature.
The key has expired.
marcofranssen
Marco Franssen
Changelog
Other changes
- 49323a1: Add .envrc to .gitignore (@marcofranssen)
- 0750306: Auto install goreleaser when binary is missing (@marcofranssen)
- 558e117: Bump Go from 1.18 to 1.21 (@marcofranssen)
- f6c3273: Bump actions/cache from 3.0.11 to 3.2.2 (@dependabot[bot])
- 0e4da7c: Bump actions/cache from 3.2.2 to 3.2.3 (@dependabot[bot])
- 1781146: Bump actions/cache from 3.2.3 to 3.2.4 (@dependabot[bot])
- 945224e: Bump actions/cache from 3.2.4 to 3.2.5 (@dependabot[bot])
- 98fddef: Bump actions/cache from 3.2.5 to 3.3.1 (@dependabot[bot])
- c8b305a: Bump actions/setup-go from 3.3.1 to 3.4.0 (@dependabot[bot])
- a4e9cfc: Bump actions/setup-go from 3.4.0 to 3.5.0 (@dependabot[bot])
- c944e28: Bump actions/setup-go from 3.5.0 to 4.0.1 (@dependabot[bot])
- 409f5f6: Bump actions/setup-go from 4.0.1 to 4.1.0 (@dependabot[bot])
- 83592fe: Bump codecov/codecov-action from 3.1.1 to 3.1.2 (@dependabot[bot])
- d592fb0: Bump codecov/codecov-action from 3.1.2 to 3.1.3 (@dependabot[bot])
- 6e9df25: Bump codecov/codecov-action from 3.1.3 to 3.1.4 (@dependabot[bot])
- ff9c52f: Bump cosign to v2.0.2 (@marcofranssen)
- d3ec4fc: Bump github.com/hashicorp/vault/api from 1.8.2 to 1.9.0 (@dependabot[bot])
- d3411f9: Bump github.com/hashicorp/vault/api from 1.9.0 to 1.9.1 (@dependabot[bot])
- 1646739: Bump github.com/hashicorp/vault/api from 1.9.1 to 1.9.2 (@dependabot[bot])
- 6c451a4: Bump github.com/hashicorp/vault/api from 1.9.2 to 1.10.0 (@dependabot[bot])
- a2e77aa: Bump github.com/peterbourgon/ff/v3 from 3.3.0 to 3.3.1 (@dependabot[bot])
- 7ded13f: Bump github.com/peterbourgon/ff/v3 from 3.3.1 to 3.3.2 (@dependabot[bot])
- e0dd42c: Bump github.com/peterbourgon/ff/v3 from 3.3.2 to 3.4.0 (@dependabot[bot])
- 99ed4f6: Bump github.com/spiffe/go-spiffe/v2 from 2.1.1 to 2.1.2 (@dependabot[bot])
- 093b38f: Bump github.com/spiffe/go-spiffe/v2 from 2.1.2 to 2.1.4 (@dependabot[bot])
- 90d7d24: Bump github.com/spiffe/go-spiffe/v2 from 2.1.4 to 2.1.5 (@dependabot[bot])
- 9307a79: Bump github.com/spiffe/go-spiffe/v2 from 2.1.5 to 2.1.6 (@dependabot[bot])
- 8bf2631: Bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (@dependabot[bot])
- 898f187: Bump github.com/stretchr/testify from 1.8.3 to 1.8.4 (@dependabot[bot])
- 2fdd820: Bump goreleaser/goreleaser-action from 3 to 4 (@dependabot[bot])
- 990678d: Bump hashicorp/vault in /example/vault/environments/local (@dependabot[bot])
- 5c1648d: Bump hashicorp/vault in /example/vault/environments/local (@dependabot[bot])
- 8e01e5f: Bump hashicorp/vault in /example/vault/environments/local (@dependabot[bot])
- e86ba86: Bump hashicorp/vault in /example/vault/environments/local (@dependabot[bot])
- 2e46a22: Bump hashicorp/vault in /example/vault/environments/local (@dependabot[bot])
- c9972a2: Bump runners from ubuntu-20.04 to ubuntu-22.04 (@marcofranssen)
- 34b9ec6: Bump sigstore/cosign-installer from 2.8.1 to 3.0.3 (@dependabot[bot])
- 926a8e7: Bump sigstore/cosign-installer from 3.0.3 to 3.0.5 (@dependabot[bot])
- c01299a: Bump sigstore/cosign-installer from 3.0.5 to 3.1.0 (#144) (@dependabot[bot])
- d2b219e: Bump sigstore/cosign-installer from 3.1.0 to 3.1.1 (#146) (@dependabot[bot])
- a3da63b: Bump sigstore/cosign-installer from 3.1.1 to 3.1.2 (#151) (@dependabot[bot])
- f12cc64: Fix cosign in goreleaser (@marcofranssen)
- 0913cac: Fix opencontainers.image.created label (@marcofranssen)
- 52216bd: Fix terraform formatting (@marcofranssen)
- 430e7d0: Remove caching action as this is integrated in setup-go (@marcofranssen)
- 203c7b6: Remove deprecated replacements config from archives (@marcofranssen)
- 872d494: Replace deprecated --rm-dist flag with --clean (@marcofranssen)
- 628ccef: Tidy Go modules (@marcofranssen)
Full Changelog: philips-labs/slsa-provenance-action@v0.4.1...v0.5.0
Contributors
marcofranssen and dependabot
Assets 18
v0.4.1
v0.4.1
This tag was signed with the committer’s verified signature.
The key has expired.
marcofranssen
Marco Franssen
Changelog
Other changes
- 63c2029: Add configurable socketPath for spire-agent (@marcofranssen)
- 56be1c8: Bump actions/cache from 3.0.10 to 3.0.11 (@dependabot[bot])
- 9990d6d: Bump actions/cache from 3.0.5 to 3.0.6 (@dependabot[bot])
- 6c89c61: Bump actions/cache from 3.0.6 to 3.0.8 (@dependabot[bot])
- b0456ce: Bump actions/cache from 3.0.8 to 3.0.10 (@dependabot[bot])
- 1074d6c: Bump actions/setup-go from 3.2.1 to 3.3.0 (@dependabot[bot])
- 9e6f2db: Bump actions/setup-go from 3.3.0 to 3.3.1 (@dependabot[bot])
- 3fd6fdb: Bump codecov/codecov-action from 3.1.0 to 3.1.1 (@dependabot[bot])
- 7ebd2b6: Bump cosign from 1.10.1 to 1.11.1 (@marcofranssen)
- 6ee2400: Bump cosign from 1.11.1 to 1.12.1 (@marcofranssen)
- a46b5db: Bump cosign from 1.12.1 to 1.13.0 (@marcofranssen)
- 3359762: Bump cosign from v1.10.0 to v1.10.1 (@marcofranssen)
- ff22aa0: Bump cosign from v1.13.0 to v1.13.1 (@marcofranssen)
- 210d039: Bump cosign to v1.10.0 (@marcofranssen)
- b9b4b83: Bump example to install pinned version of vault (@marcofranssen)
- 6f9b976: Bump example vault terraform provisioning (@marcofranssen)
- d03cdfc: Bump github.com/hashicorp/vault/api from 1.7.2 to 1.8.1 (@dependabot[bot])
- b9fc99c: Bump github.com/hashicorp/vault/api from 1.8.1 to 1.8.2 (@dependabot[bot])
- 70609dd: Bump github.com/peterbourgon/ff/v3 from 3.1.2 to 3.3.0 (@dependabot[bot])
- cccc2f9: Bump github.com/stretchr/testify from 1.8.0 to 1.8.1 (@dependabot[bot])
- a699e40: Bump hashicorp/setup-terraform from 2.0.0 to 2.0.2 (@dependabot[bot])
- 904d422: Bump hashicorp/setup-terraform from 2.0.2 to 2.0.3 (@dependabot[bot])
- 7d5b903: Bump sigstore/cosign-installer from 2.4.1 to 2.5.0 (@dependabot[bot])
- f8876c8: Bump sigstore/cosign-installer from 2.5.0 to 2.5.1 (@dependabot[bot])
- 9bae4a9: Bump sigstore/cosign-installer from 2.5.1 to 2.6.0 (@dependabot[bot])
- 2c3196d: Bump sigstore/cosign-installer from 2.6.0 to 2.7.0 (@dependabot[bot])
- bdd5d54: Bump sigstore/cosign-installer from 2.7.0 to 2.8.0 (@dependabot[bot])
- 7d2f9a7: Bump sigstore/cosign-installer from 2.8.0 to 2.8.1 (@dependabot[bot])
- 3c3dac2: Bump spiffe-vault chart to use spiffe csi driver (@marcofranssen)
- 35041f6: Bump spire chart in example to 0.6.3 (@marcofranssen)
- 0c2b245: Bump spire chart to latest version in example README.md (@marcofranssen)
- 77f90f7: Bump version of cosign and docker for spiffe-vault-cosign example (@marcofranssen)
- f6976a9: Conditionally install traefik if not exists (@marcofranssen)
- 22690f8: Optimize spiffe-vault container and spiffe-vault-cosign example container (@marcofranssen)
- 26e9145: Remove manual step in example (@marcofranssen)
- da1e295: Resolve deprecation warnings in workflow (@marcofranssen)
- 9ea7f3a: Update spiffe-vault-cosign example instructions (@marcofranssen)
Full Changelog: philips-labs/slsa-provenance-action@v0.4.0...v0.4.1
Contributors
marcofranssen and dependabot
Assets 19
v0.4.0
v0.4.0
This tag was signed with the committer’s verified signature.
The key has expired.
marcofranssen
Marco Franssen
76c7f50
This commit was signed with the committer’s verified signature.
The key has expired.
marcofranssen
Marco Franssen
Changelog
Other changes
- 7b997ec: Bump actions/cache from 3.0.4 to 3.0.5 (@dependabot[bot])
- 5ba8cf4: Bump actions/setup-go from 3.2.0 to 3.2.1 (@dependabot[bot])
- 76c7f50: Bump chart appVersion (@marcofranssen)
- 14d6d56: Bump github.com/spiffe/go-spiffe/v2 from 2.1.0 to 2.1.1 (@dependabot[bot])
- 8a13c88: Bump github.com/stretchr/testify from 1.7.5 to 1.8.0 (@dependabot[bot])
- ce2b95f: Bump philips-labs/slsa-provenance-action from 0.7.2 to 0.8.0 (@dependabot[bot])
- 1f6009e: Bump sigstore/cosign-installer from 2.4.0 to 2.4.1 (@dependabot[bot])
- c36c81d: fix: correct cosign version (@developer-guy)
- 4b76d03: some fixes to implement spiffe-vault use-case (@developer-guy)
Full Changelog: philips-labs/slsa-provenance-action@v0.3.0...v0.4.0
Contributors
marcofranssen, developer-guy, and dependabot
Assets 19
v0.3.0
v0.3.0
This tag was signed with the committer’s verified signature.
The key has expired.
marcofranssen
Marco Franssen
f1fb68c
This commit was signed with the committer’s verified signature.
The key has expired.
marcofranssen
Marco Franssen
Changelog
Other changes
- 2bc4aaa: Bump actions/cache from 2.1.7 to 3.0.1 (@dependabot[bot])
- fc39850: Bump actions/cache from 3.0.1 to 3.0.2 (@dependabot[bot])
- 3cfbf24: Bump actions/cache from 3.0.2 to 3.0.3 (@dependabot[bot])
- 13f8c39: Bump actions/cache from 3.0.3 to 3.0.4 (@dependabot[bot])
- 0bca703: Bump actions/checkout from 2.4.0 to 3 (@dependabot[bot])
- c648e73: Bump actions/setup-go from 2.2.0 to 3.0.0 (@dependabot[bot])
- 8c62371: Bump actions/setup-go from 3.0.0 to 3.2.0 (@dependabot[bot])
- 0197c50: Bump codecov/codecov-action from 2.1.0 to 3.0.0 (@dependabot[bot])
- b5d30da: Bump codecov/codecov-action from 3.0.0 to 3.1.0 (@dependabot[bot])
- 0b1fae7: Bump cosign from v1.5.1 to v1.7.2 (@marcofranssen)
- 473c9cc: Bump cosign to v1.8.0 (@marcofranssen)
- cd6fed0: Bump cosign to v1.9.0 (@marcofranssen)
- 6acb0fa: Bump github.com/hashicorp/vault/api from 1.3.1 to 1.4.1 (@dependabot[bot])
- db09808: Bump github.com/hashicorp/vault/api from 1.4.1 to 1.5.0 (@dependabot[bot])
- f8e2014: Bump github.com/hashicorp/vault/api from 1.5.0 to 1.6.0 (@dependabot[bot])
- a7da694: Bump github.com/hashicorp/vault/api from 1.6.0 to 1.7.2 (@dependabot[bot])
- a640ded: Bump github.com/spiffe/go-spiffe/v2 from 2.0.0 to 2.1.0 (@dependabot[bot])
- ccd7110: Bump github.com/spiffe/go-spiffe/v2 from 2.0.0-beta.11 to 2.0.0-beta.12 (@dependabot[bot])
- de961ef: Bump github.com/spiffe/go-spiffe/v2 from 2.0.0-beta.12 to 2.0.0 (@dependabot[bot])
- 32b8f23: Bump github.com/stretchr/testify from 1.7.0 to 1.7.1 (@dependabot[bot])
- c7356ba: Bump github.com/stretchr/testify from 1.7.1 to 1.7.2 (@dependabot[bot])
- eff6885: Bump github.com/stretchr/testify from 1.7.2 to 1.7.4 (@dependabot[bot])
- ebfb6c8: Bump github.com/stretchr/testify from 1.7.4 to 1.7.5 (@dependabot[bot])
- 5a0b514: Bump goreleaser/goreleaser-action from 2 to 3 (@dependabot[bot])
- 2cac5dc: Bump hashicorp/setup-terraform from 1.3.2 to 1.4.0 (@dependabot[bot])
- 7ea40e9: Bump hashicorp/setup-terraform from 1.4.0 to 2.0.0 (@dependabot[bot])
- 0403ed5: Bump philips-labs/slsa-provenance-action from 0.7.0 to 0.7.2 (@dependabot[bot])
- 28180f4: Bump sigstore/cosign-installer from 2.0.0 to 2.0.1 (@dependabot[bot])
- 0e78140: Bump sigstore/cosign-installer from 2.0.1 to 2.1.0 (@dependabot[bot])
- a4a8557: Bump sigstore/cosign-installer from 2.1.0 to 2.2.0 (@dependabot[bot])
- cad9cb8: Bump sigstore/cosign-installer from 2.2.0 to 2.2.1 (@dependabot[bot])
- 72a885b: Bump sigstore/cosign-installer from 2.2.1 to 2.3.0 (@dependabot[bot])
- 812594d: Bump sigstore/cosign-installer from 2.3.0 to 2.4.0 (@dependabot[bot])
- f1fb68c: Bump to Go 1.18 (@marcofranssen)
- b687dba: Move logging to stderr (@marcofranssen)
- a12d431: chore(cosign): upgrade cosign to latest version 1.9.0 (@developer-guy)
Full Changelog: philips-labs/slsa-provenance-action@v0.2.3...v0.3.0
Contributors
marcofranssen, developer-guy, and dependabot
Assets 19
v0.2.3
v0.2.3
This tag was signed with the committer’s verified signature.
The key has expired.
marcofranssen
Marco Franssen
1ae8ad7
This commit was signed with the committer’s verified signature.
The key has expired.
marcofranssen
Marco Franssen
Changelog
- 623068b: Add code signing to release assets (@marcofranssen)
- 052ec4d: Add container provenance (@marcofranssen)
- 24b0d01: Add signing of provenance for github release (@marcofranssen)
- 9f8b373: Few slight improvements on release (@marcofranssen)
- 993fba4: Fix cli version in Docker image (@marcofranssen)
- 1ae8ad7: Fix signature upload (@marcofranssen)
- 50435c9: Improve versioning Docker and labels (@marcofranssen)
- e2d12de: Reuse some variables in Makefile (@marcofranssen)
- 9acf4eb: Utilize new setup-go action 'check-latest' (@marcofranssen)
- 83b3a20: explicitly define permissions for workflow (@marcofranssen)
Version bumps
- 1ef4c36: Bump Go from 1.16 to 1.17 (@marcofranssen)
- ce4e189: Bump actions/cache from 2.1.6 to 2.1.7 (@dependabot[bot])
- a96d112: Bump actions/checkout from 2.3.5 to 2.4.0 (@dependabot[bot])
- 8db2140: Bump actions/setup-go from 2.1.4 to 2.1.5 (@dependabot[bot])
- 565b62d: Bump actions/setup-go from 2.1.5 to 2.2.0 (@dependabot[bot])
- d691c81: Bump cloud.google.com/go indirect dependencies (@marcofranssen)
- 7f74603: Bump github.com/google indirect dependencies (@marcofranssen)
- 0711656: Bump github.com/hashicorp indirect dependencies (@marcofranssen)
- 465654d: Bump github.com/hashicorp/vault/api from 1.1.1 to 1.3.0 (@dependabot[bot])
- 40cbaa8: Bump github.com/hashicorp/vault/api from 1.3.0 to 1.3.1 (@dependabot[bot])
- 77021f1: Bump github.com/spiffe/go-spiffe/v2 from 2.0.0-beta.10 to 2.0.0-beta.11 (@dependabot[bot])
- 4382600: Bump go.opentelemetry.io indirect dependencies (@marcofranssen)
- 9fa4c5c: Bump go.uber.org indirect dependencies (@marcofranssen)
- caf4def: Bump golang.org/x indirect dependencies (@marcofranssen)
- a335021: Bump philips-labs/slsa-provenance-action from 0.2.0 to 0.2.2 (@dependabot[bot])
- a5c9151: Bump philips-labs/slsa-provenance-action from 0.2.2 to 0.4.0 (@dependabot[bot])
- 0a9e574: Bump slsa-provenance-action to v0.7.0 (@marcofranssen)
- 010580f: Bump some more hashicorp/vault indirect dependencies (@marcofranssen)
Full Changelog: philips-labs/slsa-provenance-action@v0.2.2...v0.2.3
Contributors
marcofranssen and dependabot
Assets 19
v0.2.2
v0.2.2
This tag was signed with the committer’s verified signature.
The key has expired.
marcofranssen
Marco Franssen
Changelog
7d5d692 Release docker images also to ghcr.io
Docker images
docker pull philipssoftware/spiffe-vault:v0.2.2docker pull philipssoftware/spiffe-vault:7d5d692528085aaf7a5bf836641e0ffc5d601ca7docker pull ghcr.io/philips-labs/spiffe-vault:v0.2.2docker pull ghcr.io/philips-labs/spiffe-vault:7d5d692528085aaf7a5bf836641e0ffc5d601ca7