Skip to content

v0.8.2
Compare
Choose a tag to compare
@saschagrunert saschagrunert released this 19 Dec 10:56
· 849 commits to main since this release
v0.8.2
44dbcbb

Release notes

Welcome to our glorious v0.8.2 release of the security-profiles-operator! The general usage and setup can be found in our documentation. πŸ₯³ πŸ‘―

To install the operator, run:

$ kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/security-profiles-operator/v0.8.2/deploy/operator.yaml

You can also verify the container image signature by using cosign:

$ cosign verify \
    --certificate-identity [email protected] \
    --certificate-oidc-issuer https://accounts.google.com \
    registry.k8s.io/security-profiles-operator/security-profiles-operator:v0.8.2

Beside the operator image, we now also ship spoc, the official Security Profiles Operator Command Line Interface! Binaries for amd64 and arm64 are attached to this release.

To verify the signature of spoc. download all release artifacts and run for amd64 (works in the same way for arm64:

$ cosign verify-blob \
    --certificate-identity [email protected] \
    --certificate-oidc-issuer https://github.com/login/oauth \
    --certificate spoc.amd64.cert \
    --signature spoc.amd64.sig \
    spoc.amd64

To verify the Bill of Materials (BOM) using the bom tool, download the artifacts into a build directory and run:

> bom validate -e spoc.spdx -d build/
+-------------------+-------+-----------------------------+----------------+
|     FILENAME      | VALID |           MESSAGE           | INVALID HASHES |
+-------------------+-------+-----------------------------+----------------+
| spoc.amd64        | OK    | File validated successfully | -              |
| spoc.amd64.cert   | OK    | File validated successfully | -              |
| spoc.amd64.sha512 | OK    | File validated successfully | -              |
| spoc.amd64.sig    | OK    | File validated successfully | -              |
| spoc.arm64        | OK    | File validated successfully | -              |
| spoc.arm64.cert   | OK    | File validated successfully | -              |
| spoc.arm64.sha512 | OK    | File validated successfully | -              |
| spoc.arm64.sig    | OK    | File validated successfully | -              |
+-------------------+-------+-----------------------------+----------------+

The .spdx file is signed as well and we also provide .sha512 sum files for the binaries.

Feel free to provide us any kind of feedback in the official Kubernetes Slack #security-profiles-operator channel.

Changes by Kind

Failing Test

Dependencies

Added

  • github.com/DATA-DOG/go-sqlmock: v1.5.0
  • github.com/Khan/genqlient: v0.6.0
  • github.com/alexflint/go-arg: v1.4.2
  • github.com/alexflint/go-scalar: v1.0.0
  • github.com/aws/aws-sdk-go-v2/feature/s3/manager: v1.11.76
  • github.com/buildkite/go-pipeline: v0.2.0

Changed

  • cloud.google.com/go/compute: v1.23.2 β†’ v1.23.3
  • cloud.google.com/go/iam: v1.1.4 β†’ v1.1.5
  • cloud.google.com/go/kms: v1.15.4 β†’ v1.15.5
  • cloud.google.com/go: v0.110.9 β†’ v0.110.10
  • github.com/Azure/azure-sdk-for-go/sdk/azcore: v1.8.0 β†’ v1.9.0
  • github.com/Azure/azure-sdk-for-go/sdk/internal: v1.4.0 β†’ v1.5.0
  • github.com/DataDog/datadog-agent/pkg/obfuscate: v0.48.1 β†’ v0.48.0
  • github.com/DataDog/datadog-agent/pkg/remoteconfig/state: v0.48.1 β†’ 2549ba9
  • github.com/DataDog/sketches-go: v1.4.3 β†’ v1.4.2
  • github.com/andybalholm/brotli: v1.0.6 β†’ v1.0.1
  • github.com/aws/aws-sdk-go-v2/config: v1.19.1 β†’ v1.25.11
  • github.com/aws/aws-sdk-go-v2/credentials: v1.13.43 β†’ v1.16.9
  • github.com/aws/aws-sdk-go-v2/feature/ec2/imds: v1.13.13 β†’ v1.14.9
  • github.com/aws/aws-sdk-go-v2/internal/configsources: v1.1.43 β†’ v1.2.8
  • github.com/aws/aws-sdk-go-v2/internal/endpoints/v2: v2.4.37 β†’ v2.5.8
  • github.com/aws/aws-sdk-go-v2/internal/ini: v1.3.45 β†’ v1.7.1
  • github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding: v1.9.14 β†’ v1.10.3
  • github.com/aws/aws-sdk-go-v2/service/internal/presigned-url: v1.9.37 β†’ v1.10.8
  • github.com/aws/aws-sdk-go-v2/service/kms: v1.24.7 β†’ v1.27.2
  • github.com/aws/aws-sdk-go-v2/service/sso: v1.15.2 β†’ v1.18.2
  • github.com/aws/aws-sdk-go-v2/service/ssooidc: v1.17.3 β†’ v1.21.2
  • github.com/aws/aws-sdk-go-v2/service/sts: v1.23.2 β†’ v1.26.2
  • github.com/aws/aws-sdk-go-v2: v1.21.2 β†’ v1.23.5
  • github.com/aws/aws-sdk-go: v1.47.0 β†’ v1.48.11
  • github.com/aws/smithy-go: v1.15.0 β†’ v1.18.1
  • github.com/buildkite/agent/v3: v3.58.0 β†’ v3.59.0
  • github.com/buildkite/bintest/v3: v3.1.1 β†’ v3.2.0
  • github.com/cert-manager/cert-manager: v1.13.2 β†’ v1.13.3
  • github.com/containers/common: v0.57.0 β†’ v0.57.1
  • github.com/ebitengine/purego: v0.5.0 β†’ v0.5.0-alpha.1
  • github.com/felixge/httpsnoop: v1.0.3 β†’ v1.0.4
  • github.com/gabriel-vasile/mimetype: v1.4.3 β†’ v1.4.2
  • github.com/go-openapi/spec: v0.20.9 β†’ v0.20.11
  • github.com/go-openapi/strfmt: v0.21.7 β†’ v0.21.8
  • github.com/go-openapi/validate: v0.22.1 β†’ v0.22.3
  • github.com/go-rod/rod: v0.114.4 β†’ v0.114.5
  • github.com/google/go-tpm-tools: v0.4.1 β†’ v0.4.2
  • github.com/gorilla/mux: v1.8.0 β†’ v1.8.1
  • github.com/hashicorp/go-retryablehttp: v0.7.4 β†’ v0.7.5
  • github.com/jellydator/ttlcache/v3: v3.1.0 β†’ v3.1.1
  • github.com/montanaflynn/stats: v0.6.6 β†’ 1bf9dbc
  • github.com/open-policy-agent/opa: v0.58.0 β†’ v0.59.0
  • github.com/pierrec/lz4/v4: v4.1.18 β†’ v4.1.2
  • github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring: v0.69.1 β†’ v0.70.0
  • github.com/sigstore/cosign/v2: v2.2.1 β†’ v2.2.2
  • github.com/sigstore/rekor: v1.3.3 β†’ v1.3.4
  • github.com/sigstore/sigstore/pkg/signature/kms/aws: v1.7.5 β†’ v1.7.6
  • github.com/sigstore/sigstore/pkg/signature/kms/azure: v1.7.5 β†’ v1.7.6
  • github.com/sigstore/sigstore/pkg/signature/kms/gcp: v1.7.5 β†’ v1.7.6
  • github.com/sigstore/sigstore/pkg/signature/kms/hashivault: v1.7.5 β†’ v1.7.6
  • github.com/sigstore/sigstore: v1.7.5 β†’ v1.7.6
  • github.com/stretchr/objx: v0.5.1 β†’ v0.5.0
  • github.com/theupdateframework/go-tuf: v0.6.1 β†’ v0.7.0
  • github.com/tidwall/pretty: v1.2.1 β†’ v1.2.0
  • github.com/urfave/cli/v2: v2.25.7 β†’ v2.26.0
  • github.com/xanzy/go-gitlab: v0.93.2 β†’ v0.94.0
  • go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc: v0.45.0 β†’ v0.46.0
  • go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp: v0.45.0 β†’ v0.46.1
  • go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc: v1.19.0 β†’ v1.21.0
  • go.opentelemetry.io/otel/exporters/otlp/otlptrace: v1.19.0 β†’ v1.21.0
  • go.opentelemetry.io/otel/metric: v1.19.0 β†’ v1.21.0
  • go.opentelemetry.io/otel/sdk: v1.19.0 β†’ v1.21.0
  • go.opentelemetry.io/otel/trace: v1.19.0 β†’ v1.21.0
  • go.opentelemetry.io/otel: v1.19.0 β†’ v1.21.0
  • go.step.sm/crypto: v0.36.1 β†’ v0.38.0
  • golang.org/x/crypto: v0.16.0 β†’ v0.17.0
  • golang.org/x/exp: 7918f67 β†’ 2478ac8
  • golang.org/x/oauth2: v0.13.0 β†’ v0.15.0
  • golang.org/x/time: v0.3.0 β†’ v0.5.0
  • golang.org/x/tools: v0.14.0 β†’ v0.15.0
  • google.golang.org/api: v0.149.0 β†’ v0.152.0
  • google.golang.org/genproto/googleapis/api: 49dd2c1 β†’ bbf56f3
  • google.golang.org/genproto/googleapis/bytestream: d783a09 β†’ 83a465c
  • google.golang.org/genproto/googleapis/rpc: 49dd2c1 β†’ 83a465c
  • google.golang.org/genproto: 49dd2c1 β†’ bbf56f3
  • google.golang.org/grpc: v1.59.0 β†’ v1.60.1
  • k8s.io/api: v0.28.4 β†’ v0.29.0
  • k8s.io/apiextensions-apiserver: v0.28.3 β†’ v0.28.4
  • k8s.io/apimachinery: v0.28.4 β†’ v0.29.0
  • k8s.io/apiserver: v0.28.3 β†’ v0.28.4
  • k8s.io/cli-runtime: v0.28.4 β†’ v0.29.0
  • k8s.io/client-go: v0.28.4 β†’ v0.29.0
  • k8s.io/code-generator: v0.28.3 β†’ v0.28.4
  • k8s.io/component-base: v0.28.3 β†’ v0.28.4
  • k8s.io/kms: v0.28.3 β†’ v0.28.4
  • k8s.io/utils: 3b25d92 β†’ b307cd5
  • sigs.k8s.io/structured-merge-diff/v4: v4.3.0 β†’ v4.4.1

Removed

  • github.com/99designs/gqlgen: v0.17.36
  • github.com/DataDog/gostackparse: v0.7.0
  • github.com/IBM/sarama: v1.40.0
  • github.com/Shopify/sarama: v1.38.1
  • github.com/aws/aws-sdk-go-v2/service/dynamodb: v1.21.4
  • github.com/aws/aws-sdk-go-v2/service/ec2: v1.93.2
  • github.com/aws/aws-sdk-go-v2/service/eventbridge: v1.20.4
  • github.com/aws/aws-sdk-go-v2/service/internal/endpoint-discovery: v1.7.34
  • github.com/aws/aws-sdk-go-v2/service/kinesis: v1.18.4
  • github.com/aws/aws-sdk-go-v2/service/sfn: v1.19.4
  • github.com/aws/aws-sdk-go-v2/service/sns: v1.21.4
  • github.com/aws/aws-sdk-go-v2/service/sqs: v1.24.4
  • github.com/bradfitz/gomemcache: acc6962
  • github.com/bytedance/sonic: v1.10.0
  • github.com/chenzhuoyu/base64x: 296ad89
  • github.com/chenzhuoyu/iasm: v0.9.0
  • github.com/confluentinc/confluent-kafka-go/v2: v2.2.0
  • github.com/confluentinc/confluent-kafka-go: v1.9.2
  • github.com/decred/dcrd/crypto/blake256: v1.0.1
  • github.com/denisenkom/go-mssqldb: v0.11.0
  • github.com/dimfeld/httptreemux/v5: v5.5.0
  • github.com/dvyukov/go-fuzz: 6a8e9d1
  • github.com/eapache/go-resiliency: v1.4.0
  • github.com/eapache/go-xerial-snappy: c322873
  • github.com/eapache/queue: v1.1.0
  • github.com/elastic/elastic-transport-go/v8: v8.1.0
  • github.com/elastic/go-elasticsearch/v6: v6.8.5
  • github.com/elastic/go-elasticsearch/v7: v7.17.1
  • github.com/elastic/go-elasticsearch/v8: v8.4.0
  • github.com/emicklei/go-restful: v2.16.0+incompatible
  • github.com/garyburd/redigo: v1.6.4
  • github.com/gin-contrib/sse: v0.1.0
  • github.com/gin-gonic/gin: v1.9.1
  • github.com/globalsign/mgo: eeefdec
  • github.com/go-pg/pg/v10: v10.11.1
  • github.com/go-pg/zerochecker: v0.2.0
  • github.com/go-playground/assert/v2: v2.2.0
  • github.com/go-redis/redis/v7: v7.4.1
  • github.com/go-redis/redis/v8: v8.11.5
  • github.com/go-redis/redis: v6.15.9+incompatible
  • github.com/go-stack/stack: v1.8.0
  • github.com/gobuffalo/attrs: a9411de
  • github.com/gobuffalo/depgen: v0.1.0
  • github.com/gobuffalo/envy: v1.7.0
  • github.com/gobuffalo/genny: v0.1.1
  • github.com/gobuffalo/gitgen: cc08618
  • github.com/gobuffalo/gogen: v0.1.1
  • github.com/gobuffalo/logger: 86e12af
  • github.com/gobuffalo/mapi: v1.0.2
  • github.com/gobuffalo/packd: v0.1.0
  • github.com/gobuffalo/packr/v2: v2.2.0
  • github.com/gobuffalo/syncx: 33c2958
  • github.com/gocql/gocql: 0eacd31
  • github.com/gofiber/fiber/v2: v2.50.0
  • github.com/gofrs/uuid: v4.4.0+incompatible
  • github.com/golang-sql/civil: b832511
  • github.com/golang-sql/sqlexp: v0.1.0
  • github.com/gomodule/redigo: v1.8.9
  • github.com/googleapis/gnostic: v0.5.5
  • github.com/graph-gophers/graphql-go: v1.5.0
  • github.com/hailocab/go-hostpool: e80d13c
  • github.com/hashicorp/go-uuid: v1.0.3
  • github.com/hashicorp/golang-lru/v2: v2.0.3
  • github.com/jackc/pgpassfile: v1.0.0
  • github.com/jackc/pgservicefile: 091c0ba
  • github.com/jackc/pgx/v5: v5.3.1
  • github.com/jcmturner/aescts/v2: v2.0.0
  • github.com/jcmturner/dnsutils/v2: v2.0.0
  • github.com/jcmturner/gofork: v1.7.6
  • github.com/jcmturner/gokrb5/v8: v8.4.4
  • github.com/jcmturner/rpc/v2: v2.0.3
  • github.com/jinzhu/gorm: v1.9.16
  • github.com/jinzhu/inflection: v1.0.0
  • github.com/jinzhu/now: v1.1.5
  • github.com/joho/godotenv: v1.3.0
  • github.com/karrick/godirwalk: v1.10.3
  • github.com/klauspost/cpuid/v2: v2.2.5
  • github.com/konsorten/go-windows-terminal-sequences: v1.0.2
  • github.com/labstack/echo/v4: v4.11.1
  • github.com/labstack/echo: v3.3.10+incompatible
  • github.com/labstack/gommon: v0.4.0
  • github.com/markbates/oncer: bf2de49
  • github.com/markbates/safe: v1.0.1
  • github.com/microsoft/go-mssqldb: v0.21.0
  • github.com/richardartoul/molecule: 32cfee0
  • github.com/segmentio/kafka-go: v0.4.42
  • github.com/spaolacci/murmur3: v1.1.0
  • github.com/tidwall/btree: v1.6.0
  • github.com/tidwall/buntdb: v1.3.0
  • github.com/tidwall/gjson: v1.16.0
  • github.com/tidwall/grect: v0.1.4
  • github.com/tidwall/match: v1.1.1
  • github.com/tidwall/rtred: v0.1.2
  • github.com/tidwall/tinyqueue: v0.1.1
  • github.com/tmthrgd/go-hex: 447a304
  • github.com/twitchtv/twirp: v8.1.3+incompatible
  • github.com/twitchyliquid64/golang-asm: v0.15.1
  • github.com/ugorji/go/codec: v1.2.11
  • github.com/valyala/bytebufferpool: v1.0.0
  • github.com/valyala/fasthttp: v1.50.0
  • github.com/valyala/fasttemplate: v1.2.2
  • github.com/valyala/tcplisten: v1.0.0
  • github.com/vmihailenco/bufpool: v0.1.11
  • github.com/vmihailenco/msgpack/v5: v5.3.5
  • github.com/vmihailenco/tagparser/v2: v2.0.0
  • github.com/vmihailenco/tagparser: v0.1.2
  • github.com/zenazn/goji: v1.0.1
  • golang.org/x/arch: v0.4.0
  • gopkg.in/jinzhu/gorm.v1: v1.9.2
  • gopkg.in/olivere/elastic.v3: v3.0.75
  • gopkg.in/olivere/elastic.v5: v5.0.84
  • gorm.io/driver/mysql: v1.0.1
  • gorm.io/driver/postgres: v1.4.6
  • gorm.io/driver/sqlserver: v1.4.2
  • gorm.io/gorm: v1.25.3
  • honnef.co/go/gotraceui: v0.2.0
  • mellium.im/sasl: v0.3.1

Contributors

yuumasato
Assets 14
Loading