Skip to content

v0.8.2
Compare
Choose a tag to compare
@saschagrunert saschagrunert released this 19 Dec 10:56
· 1081 commits to main since this release
v0.8.2
44dbcbb

Release notes

Welcome to our glorious v0.8.2 release of the security-profiles-operator! The general usage and setup can be found in our documentation. πŸ₯³ πŸ‘―

To install the operator, run:

$ kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/security-profiles-operator/v0.8.2/deploy/operator.yaml

You can also verify the container image signature by using cosign:

$ cosign verify \
    --certificate-identity krel-trust@k8s-releng-prod.iam.gserviceaccount.com \
    --certificate-oidc-issuer https://accounts.google.com \
    registry.k8s.io/security-profiles-operator/security-profiles-operator:v0.8.2

Beside the operator image, we now also ship spoc, the official Security Profiles Operator Command Line Interface! Binaries for amd64 and arm64 are attached to this release.

To verify the signature of spoc. download all release artifacts and run for amd64 (works in the same way for arm64:

$ cosign verify-blob \
    --certificate-identity sgrunert@redhat.com \
    --certificate-oidc-issuer https://github.com/login/oauth \
    --certificate spoc.amd64.cert \
    --signature spoc.amd64.sig \
    spoc.amd64

To verify the Bill of Materials (BOM) using the bom tool, download the artifacts into a build directory and run:

> bom validate -e spoc.spdx -d build/
+-------------------+-------+-----------------------------+----------------+
|     FILENAME      | VALID |           MESSAGE           | INVALID HASHES |
+-------------------+-------+-----------------------------+----------------+
| spoc.amd64        | OK    | File validated successfully | -              |
| spoc.amd64.cert   | OK    | File validated successfully | -              |
| spoc.amd64.sha512 | OK    | File validated successfully | -              |
| spoc.amd64.sig    | OK    | File validated successfully | -              |
| spoc.arm64        | OK    | File validated successfully | -              |
| spoc.arm64.cert   | OK    | File validated successfully | -              |
| spoc.arm64.sha512 | OK    | File validated successfully | -              |
| spoc.arm64.sig    | OK    | File validated successfully | -              |
+-------------------+-------+-----------------------------+----------------+

The .spdx file is signed as well and we also provide .sha512 sum files for the binaries.

Feel free to provide us any kind of feedback in the official Kubernetes Slack #security-profiles-operator channel.

Changes by Kind

Failing Test

Dependencies

Added

  • github.com/DATA-DOG/go-sqlmock: v1.5.0
  • github.com/Khan/genqlient: v0.6.0
  • github.com/alexflint/go-arg: v1.4.2
  • github.com/alexflint/go-scalar: v1.0.0
  • github.com/aws/aws-sdk-go-v2/feature/s3/manager: v1.11.76
  • github.com/buildkite/go-pipeline: v0.2.0

Changed

  • cloud.google.com/go/compute: v1.23.2 β†’ v1.23.3
  • cloud.google.com/go/iam: v1.1.4 β†’ v1.1.5
  • cloud.google.com/go/kms: v1.15.4 β†’ v1.15.5
  • cloud.google.com/go: v0.110.9 β†’ v0.110.10
  • github.com/Azure/azure-sdk-for-go/sdk/azcore: v1.8.0 β†’ v1.9.0
  • github.com/Azure/azure-sdk-for-go/sdk/internal: v1.4.0 β†’ v1.5.0
  • github.com/DataDog/datadog-agent/pkg/obfuscate: v0.48.1 β†’ v0.48.0
  • github.com/DataDog/datadog-agent/pkg/remoteconfig/state: v0.48.1 β†’ 2549ba9
  • github.com/DataDog/sketches-go: v1.4.3 β†’ v1.4.2
  • github.com/andybalholm/brotli: v1.0.6 β†’ v1.0.1
  • github.com/aws/aws-sdk-go-v2/config: v1.19.1 β†’ v1.25.11
  • github.com/aws/aws-sdk-go-v2/credentials: v1.13.43 β†’ v1.16.9
  • github.com/aws/aws-sdk-go-v2/feature/ec2/imds: v1.13.13 β†’ v1.14.9
  • github.com/aws/aws-sdk-go-v2/internal/configsources: v1.1.43 β†’ v1.2.8
  • github.com/aws/aws-sdk-go-v2/internal/endpoints/v2: v2.4.37 β†’ v2.5.8
  • github.com/aws/aws-sdk-go-v2/internal/ini: v1.3.45 β†’ v1.7.1
  • github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding: v1.9.14 β†’ v1.10.3
  • github.com/aws/aws-sdk-go-v2/service/internal/presigned-url: v1.9.37 β†’ v1.10.8
  • github.com/aws/aws-sdk-go-v2/service/kms: v1.24.7 β†’ v1.27.2
  • github.com/aws/aws-sdk-go-v2/service/sso: v1.15.2 β†’ v1.18.2
  • github.com/aws/aws-sdk-go-v2/service/ssooidc: v1.17.3 β†’ v1.21.2
  • github.com/aws/aws-sdk-go-v2/service/sts: v1.23.2 β†’ v1.26.2
  • github.com/aws/aws-sdk-go-v2: v1.21.2 β†’ v1.23.5
  • github.com/aws/aws-sdk-go: v1.47.0 β†’ v1.48.11
  • github.com/aws/smithy-go: v1.15.0 β†’ v1.18.1
  • github.com/buildkite/agent/v3: v3.58.0 β†’ v3.59.0
  • github.com/buildkite/bintest/v3: v3.1.1 β†’ v3.2.0
  • github.com/cert-manager/cert-manager: v1.13.2 β†’ v1.13.3
  • github.com/containers/common: v0.57.0 β†’ v0.57.1
  • github.com/ebitengine/purego: v0.5.0 β†’ v0.5.0-alpha.1
  • github.com/felixge/httpsnoop: v1.0.3 β†’ v1.0.4
  • github.com/gabriel-vasile/mimetype: v1.4.3 β†’ v1.4.2
  • github.com/go-openapi/spec: v0.20.9 β†’ v0.20.11
  • github.com/go-openapi/strfmt: v0.21.7 β†’ v0.21.8
  • github.com/go-openapi/validate: v0.22.1 β†’ v0.22.3
  • github.com/go-rod/rod: v0.114.4 β†’ v0.114.5
  • github.com/google/go-tpm-tools: v0.4.1 β†’ v0.4.2
  • github.com/gorilla/mux: v1.8.0 β†’ v1.8.1
  • github.com/hashicorp/go-retryablehttp: v0.7.4 β†’ v0.7.5
  • github.com/jellydator/ttlcache/v3: v3.1.0 β†’ v3.1.1
  • github.com/montanaflynn/stats: v0.6.6 β†’ 1bf9dbc
  • github.com/open-policy-agent/opa: v0.58.0 β†’ v0.59.0
  • github.com/pierrec/lz4/v4: v4.1.18 β†’ v4.1.2
  • github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring: v0.69.1 β†’ v0.70.0
  • github.com/sigstore/cosign/v2: v2.2.1 β†’ v2.2.2
  • github.com/sigstore/rekor: v1.3.3 β†’ v1.3.4
  • github.com/sigstore/sigstore/pkg/signature/kms/aws: v1.7.5 β†’ v1.7.6
  • github.com/sigstore/sigstore/pkg/signature/kms/azure: v1.7.5 β†’ v1.7.6
  • github.com/sigstore/sigstore/pkg/signature/kms/gcp: v1.7.5 β†’ v1.7.6
  • github.com/sigstore/sigstore/pkg/signature/kms/hashivault: v1.7.5 β†’ v1.7.6
  • github.com/sigstore/sigstore: v1.7.5 β†’ v1.7.6
  • github.com/stretchr/objx: v0.5.1 β†’ v0.5.0
  • github.com/theupdateframework/go-tuf: v0.6.1 β†’ v0.7.0
  • github.com/tidwall/pretty: v1.2.1 β†’ v1.2.0
  • github.com/urfave/cli/v2: v2.25.7 β†’ v2.26.0
  • github.com/xanzy/go-gitlab: v0.93.2 β†’ v0.94.0
  • go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc: v0.45.0 β†’ v0.46.0
  • go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp: v0.45.0 β†’ v0.46.1
  • go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc: v1.19.0 β†’ v1.21.0
  • go.opentelemetry.io/otel/exporters/otlp/otlptrace: v1.19.0 β†’ v1.21.0
  • go.opentelemetry.io/otel/metric: v1.19.0 β†’ v1.21.0
  • go.opentelemetry.io/otel/sdk: v1.19.0 β†’ v1.21.0
  • go.opentelemetry.io/otel/trace: v1.19.0 β†’ v1.21.0
  • go.opentelemetry.io/otel: v1.19.0 β†’ v1.21.0
  • go.step.sm/crypto: v0.36.1 β†’ v0.38.0
  • golang.org/x/crypto: v0.16.0 β†’ v0.17.0
  • golang.org/x/exp: 7918f67 β†’ 2478ac8
  • golang.org/x/oauth2: v0.13.0 β†’ v0.15.0
  • golang.org/x/time: v0.3.0 β†’ v0.5.0
  • golang.org/x/tools: v0.14.0 β†’ v0.15.0
  • google.golang.org/api: v0.149.0 β†’ v0.152.0
  • google.golang.org/genproto/googleapis/api: 49dd2c1 β†’ bbf56f3
  • google.golang.org/genproto/googleapis/bytestream: d783a09 β†’ 83a465c
  • google.golang.org/genproto/googleapis/rpc: 49dd2c1 β†’ 83a465c
  • google.golang.org/genproto: 49dd2c1 β†’ bbf56f3
  • google.golang.org/grpc: v1.59.0 β†’ v1.60.1
  • k8s.io/api: v0.28.4 β†’ v0.29.0
  • k8s.io/apiextensions-apiserver: v0.28.3 β†’ v0.28.4
  • k8s.io/apimachinery: v0.28.4 β†’ v0.29.0
  • k8s.io/apiserver: v0.28.3 β†’ v0.28.4
  • k8s.io/cli-runtime: v0.28.4 β†’ v0.29.0
  • k8s.io/client-go: v0.28.4 β†’ v0.29.0
  • k8s.io/code-generator: v0.28.3 β†’ v0.28.4
  • k8s.io/component-base: v0.28.3 β†’ v0.28.4
  • k8s.io/kms: v0.28.3 β†’ v0.28.4
  • k8s.io/utils: 3b25d92 β†’ b307cd5
  • sigs.k8s.io/structured-merge-diff/v4: v4.3.0 β†’ v4.4.1

Removed

  • github.com/99designs/gqlgen: v0.17.36
  • github.com/DataDog/gostackparse: v0.7.0
  • github.com/IBM/sarama: v1.40.0
  • github.com/Shopify/sarama: v1.38.1
  • github.com/aws/aws-sdk-go-v2/service/dynamodb: v1.21.4
  • github.com/aws/aws-sdk-go-v2/service/ec2: v1.93.2
  • github.com/aws/aws-sdk-go-v2/service/eventbridge: v1.20.4
  • github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery: v1.7.34
  • github.com/aws/aws-sdk-go-v2/service/kinesis: v1.18.4
  • github.com/aws/aws-sdk-go-v2/service/sfn: v1.19.4
  • github.com/aws/aws-sdk-go-v2/service/sns: v1.21.4
  • github.com/aws/aws-sdk-go-v2/service/sqs: v1.24.4
  • github.com/bradfitz/gomemcache: acc6962
  • github.com/bytedance/sonic: v1.10.0
  • github.com/chenzhuoyu/base64x: 296ad89
  • github.com/chenzhuoyu/iasm: v0.9.0
  • github.com/confluentinc/confluent-kafka-go/v2: v2.2.0
  • github.com/confluentinc/confluent-kafka-go: v1.9.2
  • github.com/decred/dcrd/crypto/blake256: v1.0.1
  • github.com/denisenkom/go-mssqldb: v0.11.0
  • github.com/dimfeld/httptreemux/v5: v5.5.0
  • github.com/dvyukov/go-fuzz: 6a8e9d1
  • github.com/eapache/go-resiliency: v1.4.0
  • github.com/eapache/go-xerial-snappy: c322873
  • github.com/eapache/queue: v1.1.0
  • github.com/elastic/elastic-transport-go/v8: v8.1.0
  • github.com/elastic/go-elasticsearch/v6: v6.8.5
  • github.com/elastic/go-elasticsearch/v7: v7.17.1
  • github.com/elastic/go-elasticsearch/v8: v8.4.0
  • github.com/emicklei/go-restful: v2.16.0+incompatible
  • github.com/garyburd/redigo: v1.6.4
  • github.com/gin-contrib/sse: v0.1.0
  • github.com/gin-gonic/gin: v1.9.1
  • github.com/globalsign/mgo: eeefdec
  • github.com/go-pg/pg/v10: v10.11.1
  • github.com/go-pg/zerochecker: v0.2.0
  • github.com/go-playground/assert/v2: v2.2.0
  • github.com/go-redis/redis/v7: v7.4.1
  • github.com/go-redis/redis/v8: v8.11.5
  • github.com/go-redis/redis: v6.15.9+incompatible
  • github.com/go-stack/stack: v1.8.0
  • github.com/gobuffalo/attrs: a9411de
  • github.com/gobuffalo/depgen: v0.1.0
  • github.com/gobuffalo/envy: v1.7.0
  • github.com/gobuffalo/genny: v0.1.1
  • github.com/gobuffalo/gitgen: cc08618
  • github.com/gobuffalo/gogen: v0.1.1
  • github.com/gobuffalo/logger: 86e12af
  • github.com/gobuffalo/mapi: v1.0.2
  • github.com/gobuffalo/packd: v0.1.0
  • github.com/gobuffalo/packr/v2: v2.2.0
  • github.com/gobuffalo/syncx: 33c2958
  • github.com/gocql/gocql: 0eacd31
  • github.com/gofiber/fiber/v2: v2.50.0
  • github.com/gofrs/uuid: v4.4.0+incompatible
  • github.com/golang-sql/civil: b832511
  • github.com/golang-sql/sqlexp: v0.1.0
  • github.com/gomodule/redigo: v1.8.9
  • github.com/googleapis/gnostic: v0.5.5
  • github.com/graph-gophers/graphql-go: v1.5.0
  • github.com/hailocab/go-hostpool: e80d13c
  • github.com/hashicorp/go-uuid: v1.0.3
  • github.com/hashicorp/golang-lru/v2: v2.0.3
  • github.com/jackc/pgpassfile: v1.0.0
  • github.com/jackc/pgservicefile: 091c0ba
  • github.com/jackc/pgx/v5: v5.3.1
  • github.com/jcmturner/aescts/v2: v2.0.0
  • github.com/jcmturner/dnsutils/v2: v2.0.0
  • github.com/jcmturner/gofork: v1.7.6
  • github.com/jcmturner/gokrb5/v8: v8.4.4
  • github.com/jcmturner/rpc/v2: v2.0.3
  • github.com/jinzhu/gorm: v1.9.16
  • github.com/jinzhu/inflection: v1.0.0
  • github.com/jinzhu/now: v1.1.5
  • github.com/joho/godotenv: v1.3.0
  • github.com/karrick/godirwalk: v1.10.3
  • github.com/klauspost/cpuid/v2: v2.2.5
  • github.com/konsorten/go-windows-terminal-sequences: v1.0.2
  • github.com/labstack/echo/v4: v4.11.1
  • github.com/labstack/echo: v3.3.10+incompatible
  • github.com/labstack/gommon: v0.4.0
  • github.com/markbates/oncer: bf2de49
  • github.com/markbates/safe: v1.0.1
  • github.com/microsoft/go-mssqldb: v0.21.0
  • github.com/richardartoul/molecule: 32cfee0
  • github.com/segmentio/kafka-go: v0.4.42
  • github.com/spaolacci/murmur3: v1.1.0
  • github.com/tidwall/btree: v1.6.0
  • github.com/tidwall/buntdb: v1.3.0
  • github.com/tidwall/gjson: v1.16.0
  • github.com/tidwall/grect: v0.1.4
  • github.com/tidwall/match: v1.1.1
  • github.com/tidwall/rtred: v0.1.2
  • github.com/tidwall/tinyqueue: v0.1.1
  • github.com/tmthrgd/go-hex: 447a304
  • github.com/twitchtv/twirp: v8.1.3+incompatible
  • github.com/twitchyliquid64/golang-asm: v0.15.1
  • github.com/ugorji/go/codec: v1.2.11
  • github.com/valyala/bytebufferpool: v1.0.0
  • github.com/valyala/fasthttp: v1.50.0
  • github.com/valyala/fasttemplate: v1.2.2
  • github.com/valyala/tcplisten: v1.0.0
  • github.com/vmihailenco/bufpool: v0.1.11
  • github.com/vmihailenco/msgpack/v5: v5.3.5
  • github.com/vmihailenco/tagparser/v2: v2.0.0
  • github.com/vmihailenco/tagparser: v0.1.2
  • github.com/zenazn/goji: v1.0.1
  • golang.org/x/arch: v0.4.0
  • gopkg.in/jinzhu/gorm.v1: v1.9.2
  • gopkg.in/olivere/elastic.v3: v3.0.75
  • gopkg.in/olivere/elastic.v5: v5.0.84
  • gorm.io/driver/mysql: v1.0.1
  • gorm.io/driver/postgres: v1.4.6
  • gorm.io/driver/sqlserver: v1.4.2
  • gorm.io/gorm: v1.25.3
  • honnef.co/go/gotraceui: v0.2.0
  • mellium.im/sasl: v0.3.1

Contributors

yuumasato
Assets 14
Loading