Version 1.4.6

v1.4.6

Docs

• adjust public keys in READMEs to DockerHub Repo (#102)

Fix

• adjust public keys in READMEs to DockerHub Repo (#102)
• Never use non-validated data for validation (#89)

Feat

• Enable Per-Namespace verification (#100)

Refactor

• Reduce complexity of 'process_chain_of_trust' (#89)

Hotfix

• updated pylint (#97)

Ci

• updated pylint (#97)

Version 1.4.5

v1.4.5

Ci

• Add nightly scans with safety and trivy (#92)
• Improve tag detection during release (#78)
• parallelize source code scans (#77)

Docs

• Typos and small reformulations (#88)
• Documentation for image validation (#88)
• Move test images into securesystems DockerHub repository (#79)

Test

• improve validation test coverage (#88)
• Move test images into securesystems DockerHub repository (#79)

Fix

• ensure compatibility with new yq v4 (#80)
• missing delegation files (#81)

Version 1.4.4

v1.4.4

Build

• Added versioning to helm-hook-image (#73)
• reduce docker image sizes and dependencies (#56)

Docs

• add recording of Berlin Crypto Meetup (#72)
• Release concept for Connaisseur image and release check on new tagged commit on master branch (#44)

Fix

• Add installation output and increase sentinel lifetime (#64)
• Fix handling of invalid requests, increase test coverage (#63)
• Fixed JSON validation schema for trust data (#75)
• fixed bandit issues (#68)
• fixed delegation validation behavior (#68)

Ci

• add build step (#56)
• fixed bandit issues (#68)
• Release concept for Connaisseur image and release check on new tagged commit on master branch (#44)

Test

• Fix handling of invalid requests, increase test coverage (#63)

Refactor

• Moved validation code (#68)

Version 1.4.0

v1.4.0

Build

• satisfy hadolint rule DL3042 (#65)

Ci

• Add CodeQL to pipeline (#51)
• Add check for formatting (#50)
• report results of scanners (only) if job failed (#17)

Docs

• add notary url info to azure guide (#60)
• Shell compatibility (#52)
• Fix capitalization and typo (#48)
• add demo
• Document compatibility with K3s and kind (#43)
• update contributing guide for local setup (#39)
• use small caps for repo and image names (#34)
• SysEleven MetaKube compatibility (#33)
• Architecture Decision Record regarding Sentinel (#30)
• Tested compatibility with Google Kubernetes Engine (#32)
• Add issue templates (#28)
• added information on deployment
• update code of conduct to github default (#29)
• add docu for MicroK8s (#26)
• fixed contributing link (#19)
• Add guide for cluster with Docker Hub (#14)
• add and adjust external and mailto links (#16)
• add contributing guideline and security policy (#8)
• improvements to readme, make setup guide less colloquial (#9)

Feat

• Allow configuration of bootstrap sentinel timeout and increase default (#47)
• harden image and deploy with kubernetes security context (#24)
• implement detection mode feature

Fix

• validate images of initContainers (#49)
• set notary auth default to false
• remove BasicAuth for anonymous notary user (#38)
• changes to readiness probe
• Default to Docker Hub notary (#23)
• extend regex schemas for validating trust data (#15)
• allow registry with custom port (#7)
• added subjectAltNames to TLS certificates (#5)

Refactor

• Refactor tests (#57)
• improve ci consistency and report (#55)
• clean setup docs and files

Test

• added health/readiness probe tests