Releases: chainloop-dev/chainloop
Releases · chainloop-dev/chainloop
v0.81.1
What's Changed
- Bump Helm Chart Version => v0.80.1 by @github-actions in #614
- Improving documentation deployment + adding Chainloop by @danlishka in #610
- Updating references after documentation migration by @danlishka in #611
- chore(deps): Bump google.golang.org/protobuf from 1.31.0 to 1.33.0 by @dependabot in #615
- docs: add dagger demo by @migmartri in #616
- fix(authz): add read permissions in workflow.View by @migmartri in #617
- chore(deps): Bump github.com/jackc/pgx/v5 from 5.4.3 to 5.5.4 by @dependabot in #619
- fix(docs-release) Fixed docs release and chainloop integration by @danlishka in #621
- chore(deps): Bump follow-redirects from 1.15.4 to 1.15.6 in /docs by @dependabot in #620
- fix(docs-release) Fixed docs release and chainloop integration by @danlishka in #623
- chore(api): handle context.Canceled error by @migmartri in #628
- chore(deps): Bump webpack-dev-middleware from 5.3.3 to 5.3.4 in /docs by @dependabot in #631
- chore(deps): Bump github.com/docker/docker from 24.0.7+incompatible to 24.0.9+incompatible by @dependabot in #626
- chore: upgrade dependencies by @migmartri in #630
- chore(ci): bump actions by @migmartri in #632
- fix(cli): allow updating only the contract description by @migmartri in #633
- docs: dependency track parentID field by @sedan07 in #637
- fix(controlplane): handle not-found contract on update by @migmartri in #638
- feat(controlplane): always store the digest of the attestation by @migmartri in #639
- chore(deps): Bump express from 4.18.2 to 4.19.2 in /docs by @dependabot in #634
- fix(cli): send digest to stderr by @migmartri in #642
- feat(controlplane): add extra info to discovery endpoint by @migmartri in #641
- feat(api): support set workflow visibility on creation by @migmartri in #640
- feat(controlplane): add unique name to registered integrations by @migmartri in #643
- chore(ci): bump cosign version on release process by @migmartri in #644
- feat: add contract selection on workflow update by @migmartri in #646
- Bump Helm Chart Version => v0.81.0 by @github-actions in #647
- chore: upgrade aws-sdk by @migmartri in #648
Full Changelog: v0.80.1...v0.81.1
Contributors
danlishka, migmartri, and 2 other contributors
Assets 15
v0.81.0
What's Changed
- Bump Helm Chart Version => v0.80.1 by @github-actions in #614
- Improving documentation deployment + adding Chainloop by @danlishka in #610
- Updating references after documentation migration by @danlishka in #611
- chore(deps): Bump google.golang.org/protobuf from 1.31.0 to 1.33.0 by @dependabot in #615
- docs: add dagger demo by @migmartri in #616
- fix(authz): add read permissions in workflow.View by @migmartri in #617
- chore(deps): Bump github.com/jackc/pgx/v5 from 5.4.3 to 5.5.4 by @dependabot in #619
- fix(docs-release) Fixed docs release and chainloop integration by @danlishka in #621
- chore(deps): Bump follow-redirects from 1.15.4 to 1.15.6 in /docs by @dependabot in #620
- fix(docs-release) Fixed docs release and chainloop integration by @danlishka in #623
- chore(api): handle context.Canceled error by @migmartri in #628
- chore(deps): Bump webpack-dev-middleware from 5.3.3 to 5.3.4 in /docs by @dependabot in #631
- chore(deps): Bump github.com/docker/docker from 24.0.7+incompatible to 24.0.9+incompatible by @dependabot in #626
- chore: upgrade dependencies by @migmartri in #630
- chore(ci): bump actions by @migmartri in #632
- fix(cli): allow updating only the contract description by @migmartri in #633
- docs: dependency track parentID field by @sedan07 in #637
- fix(controlplane): handle not-found contract on update by @migmartri in #638
- feat(controlplane): always store the digest of the attestation by @migmartri in #639
- chore(deps): Bump express from 4.18.2 to 4.19.2 in /docs by @dependabot in #634
- fix(cli): send digest to stderr by @migmartri in #642
- feat(controlplane): add extra info to discovery endpoint by @migmartri in #641
- feat(api): support set workflow visibility on creation by @migmartri in #640
- feat(controlplane): add unique name to registered integrations by @migmartri in #643
- chore(ci): bump cosign version on release process by @migmartri in #644
- feat: add contract selection on workflow update by @migmartri in #646
Full Changelog: v0.80.1...v0.81.0
Contributors
danlishka, migmartri, and 2 other contributors
Assets 15
v0.80.1
What's Changed
- Bump Helm Chart Version => v0.75.2 by @github-actions in #575
- chore: upgrade Dagger module for Chainloop v0.72.2 by @migmartri in #576
- chore(deps): Bump gopkg.in/go-jose/go-jose.v2 from 2.6.1 to 2.6.3 by @dependabot in #579
- chore(deps): Bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 by @dependabot in #580
- feat(api): add workflow run describe API endpoint by @migmartri in #577
- Let's take the Dagger module to the next level :) by @shykes in #581
- chore(ci): disable dagger linter by @migmartri in #583
- feat(metrics): add runs by day and update returned types by @migmartri in #584
- chore: rename pagination options by @migmartri in #585
- chore(docs): migrate Chainloop docs to the main repo by @danlishka in #568
- feat(controlplane): support providing connection string by @migmartri in #592
- chore(docs): upgrading docusaurus by @migmartri in #594
- chore(dagger module): minor follow-up items for dagger module by @migmartri in #586
- chore(deps): Bump the npm_and_yarn group group in /docs with 1 update by @dependabot in #597
- fix(dagger): container authentication by @migmartri in #598
- feat(dagger): sync method by @migmartri in #599
- chore(ci): fix dagger linter by @migmartri in #604
- feat(controlplane): make contract-names unique and DNS1123 compatible by @migmartri in #601
- chore(deps): Bump github.com/jackc/pgx/v4 from 4.18.1 to 4.18.2 by @dependabot in #606
- feat(controlplane): unique workflow name and formatted project by @migmartri in #605
- docs: document dagger module and runner by @migmartri in #607
- feat(controlplane): workflow contract description support by @migmartri in #608
- Bump Helm Chart Version => v0.80.0 by @github-actions in #609
- fix(controlplane): support soft-deleted items on name constraint by @migmartri in #613
New Contributors
Full Changelog: v0.75.2...v0.80.1
Contributors
danlishka, migmartri, and 2 other contributors
Assets 15
v0.80.0
What's Changed
- Bump Helm Chart Version => v0.75.2 by @github-actions in #575
- chore: upgrade Dagger module for Chainloop v0.72.2 by @migmartri in #576
- chore(deps): Bump gopkg.in/go-jose/go-jose.v2 from 2.6.1 to 2.6.3 by @dependabot in #579
- chore(deps): Bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 by @dependabot in #580
- feat(api): add workflow run describe API endpoint by @migmartri in #577
- Let's take the Dagger module to the next level :) by @shykes in #581
- chore(ci): disable dagger linter by @migmartri in #583
- feat(metrics): add runs by day and update returned types by @migmartri in #584
- chore: rename pagination options by @migmartri in #585
- chore(docs): migrate Chainloop docs to the main repo by @danlishka in #568
- feat(controlplane): support providing connection string by @migmartri in #592
- chore(docs): upgrading docusaurus by @migmartri in #594
- chore(dagger module): minor follow-up items for dagger module by @migmartri in #586
- chore(deps): Bump the npm_and_yarn group group in /docs with 1 update by @dependabot in #597
- fix(dagger): container authentication by @migmartri in #598
- feat(dagger): sync method by @migmartri in #599
- chore(ci): fix dagger linter by @migmartri in #604
- feat(controlplane): make contract-names unique and DNS1123 compatible by @migmartri in #601
- chore(deps): Bump github.com/jackc/pgx/v4 from 4.18.1 to 4.18.2 by @dependabot in #606
- feat(controlplane): unique workflow name and formatted project by @migmartri in #605
- docs: document dagger module and runner by @migmartri in #607
- feat(controlplane): workflow contract description support by @migmartri in #608
New Contributors
Full Changelog: v0.75.2...v0.80.0
Contributors
danlishka, migmartri, and 2 other contributors
Assets 15
v0.75.2
This is a security re-build after Go 1.22.1 release
What's Changed
- Bump Helm Chart Version => v0.75.1 by @github-actions in #566
- feat(cli): organization membership by @migmartri in #567
- chore(cli): remove invitation from top-level org cmd by @migmartri in #571
- chore(cli): update allowList message by @migmartri in #570
- chore: upgrade golang to 1.22.1 by @migmartri in #574
- doc: update images in readme by @migmartri in #573
Full Changelog: v0.75.1...v0.75.2
Contributors
migmartri
Assets 15
v0.75.1
Chainloop release cadence is picking up speed this time with a long-awaited feature, role-based access control.
Authorization layer
#552 introduced a role based access control (RBAC) layer where uses can be within three categories viewers, admins or owners. The policy definition of each role is described in this live document.
Now, you can see the role you've assigned in each organization you are part of
$ chainloop organization ls
┌──────────────────────────────────────┬────────────────┬─────────┬───────┬─────────────────────┐
│ ORG ID │ ORG NAME │ CURRENT │ ROLE │ JOINED AT │
├──────────────────────────────────────┼────────────────┼─────────┼───────┼─────────────────────┤
│ 93d02275-853c-4ad6-9d60-8f562b123fd2 │ read-only-demo │ false │ admin │ 10 Jul 23 09:23 UTC │
├──────────────────────────────────────┼────────────────┼─────────┼───────┼─────────────────────┤
│ d3e9f368-495f-4697-910c-b5fe68468552 │ chainloop │ true │ admin │ 03 Jan 23 13:25 UTC │
├──────────────────────────────────────┼────────────────┼─────────┼───────┼─────────────────────┤
│ 9d827670-24e5-40ce-b9ce-f9221f95eff9 │ test-read-only │ false │ owner │ 04 Mar 24 14:31 UTC │
├──────────────────────────────────────┼────────────────┼─────────┼───────┼─────────────────────┤
│ 842f5931-21a4-4e17-98a4-970e95999b08 │ chainloop-test │ false │ admin │ 04 Jan 23 00:05 UTC │
└──────────────────────────────────────┴────────────────┴─────────┴───────┴─────────────────────┘
and invite users to your organization with a specific role in mind.
chainloop organization invitation create --receiver [email protected] --role viewer
┌──────────────────────────────────────┬───────────────────┬────────┬─────────┬─────────────────────┐
│ ID │ RECEIVER EMAIL │ ROLE │ STATUS │ CREATED AT │
├──────────────────────────────────────┼───────────────────┼────────┼─────────┼─────────────────────┤
│ ed3a5ed2-c8fa-4ba8-bbf6-fbfe70ed8ab2 │ [email protected] │ viewer │ pending │ 04 Mar 24 19:17 UTC │
└──────────────────────────────────────┴───────────────────┴────────┴─────────┴─────────────────────┘
and soon, see and manage each member of your organization #558
What's Changed
- Bump Helm Chart Version => v0.70.0 by @github-actions in #549
- feat(authz): implement read-only viewer role by @migmartri in #552
- feat(controlplane): scope invitation system by @migmartri in #553
- feat(controlplane): show role information in API by @migmartri in #554
- chore(db): update workflow_run revision used by @migmartri in #557
- chore(controlplane): continue invite system org scope by @migmartri in #555
- refactor: move membership API service to user by @migmartri in #559
- feat(controlplane): set role during invitation by @migmartri in #556
- feat(controlplane): org membership API by @migmartri in #560
- feat(controlplane): domain based allow-listing by @migmartri in #563
- Bump Helm Chart Version => v0.75.0 by @github-actions in #564
- fix: allow viewers to change or leave the org by @migmartri in #565
Full Changelog: v0.70.0...v0.75.1
Contributors
migmartri
Assets 15
v0.75.0
Changelog
- 9aa4bbf feat(controlplane): domain based allow-listing (#563)
- 5c96736 feat(controlplane): org membership API (#560)
- 94c01b9 feat(controlplane): set role during invitation (#556)
- 7fe4aa9 refactor: move membership API service to user (#559)
- 908a8e6 chore(controlplane): continue invite system org scope (#555)
- ef06a7c chore(db): update workflow_run revision used (#557)
- 5bb14e4 feat(controlplane): show role information in API (#554)
- 1b6c0aa feat(controlplane): scope invitation system (#553)
- aaabbc6 feat(authz): implement read-only viewer role (#552)
- f723f4c Bump Helm Chart Version => v0.70.0 (#549)
v0.70.0
Highlights
Hierarchical Dependency-Track project support
@sedan07 extended the dependency-Track plugin to support attaching automatically created projects to existing parent projects. This enables setting up hierarchical configurations out of the box. More on that #534
To leverage this feature, you must provide parentID alongside the projectName during the integration attachment.
What's Changed
- Bump Helm Chart Version => v0.66.0 by @github-actions in #527
- chore(dagger): upgrade client to v0.66 by @migmartri in #526
- fix(controlplane): handle org update duplicates by @migmartri in #529
- chore(ci): bump chainloop version by @migmartri in #530
- docs(dagger): update module readme by @migmartri in #533
- chore: improve org name error message by @migmartri in #537
- feat(controlplane): add workflow description by @migmartri in #541
- feat(dependency-track): support parent ID for autocreate projects (#534) by @sedan07 in #543
- feat: expose latest_revision on workflow by @migmartri in #542
- chore(dagger): bump module to stable v0.10.0 by @migmartri in #548
- feat(controlplane): filter workflow runs by status by @migmartri in #547
- chore: improvements on org management by @migmartri in #546
New Contributors
Full Changelog: v0.66.0...v0.70.0
Contributors
migmartri and sedan07
Assets 15
v0.66.0
What's Changed
- Bump Helm Chart Version => v0.65.0 by @github-actions in #519
- feat(dagger): support explicit OCI credentials by @migmartri in #514
- fix(controlplane): detect environment in server by @migmartri in #520
- chore(dagger): add description by @migmartri in #522
- feat(controlplane): make organization names unique by @migmartri in #525
Full Changelog: v0.65.0...v0.66.0
Contributors
migmartri
Assets 15
v0.65.0
This is a release focused on improving our Dagger module support.
What's Changed
- Bump Helm Chart Version => v0.60.0 by @github-actions in #500
- feat: dagger module by @migmartri in #502
- chore: upgrade module to support dagger 0.9.9+ by @migmartri in #504
- feat(dagger): leverage secret types by @migmartri in #505
- feat: brings back local attestation protection by @migmartri in #510
- feat(dagger): support non-artifact materials by @migmartri in #512
- feat(attestation): explicit OCI credentials support by @migmartri in #513
- feat(dagger): support attestation of git repositories by @migmartri in #517
- feat: dagger runner context support by @migmartri in #516
- feat(cli): automatically discover runner context by @migmartri in #518
Full Changelog: v0.60.0...v0.65.0
Contributors
migmartri