Skip to content

v2.2.0
Compare
Choose a tag to compare
@github-actions github-actions released this 08 Nov 17:33
· 3197 commits to main since this release
v2.2.0
9d3a096
This commit was signed with the committer’s verified signature.
daniel-weisse Daniel Weiße
GPG key ID: 7DD3015F3DDE4B9C
Learn about vigilant mode.

Added

  • Support for Constellation on AWS.
  • Sign generated SBOMs and store container image SBOMs in registry for easier usage.
  • Constellation Kubernetes services are now managed using Helm.
  • Use tags to mark all applicable resources using a Constellation's UID on Azure.
  • Use labels to mark all applicable resources using a Constellation's UID on GCP.

Changed

  • Verify measurements using Rekor transparency log.
  • The constellation create on Azure now uses Terraform to create and destroy cloud resources.
    • This is a breaking change. Cluster created with a CLI at version v2.1.0 or older cannot be terminated using the v2.2.0 CLI
  • Constellation OS images are now based on Fedora directly and are built using mkosi.
  • constellation terminate will now prompt the user for confirmation before destroying any resources (can be skipped with --yes).
  • Use the constellation-role tag instead of role to indicate an instance's role on Azure. This is a breaking change for existing clusters.
  • Use labels instead of metadata to apply the constellation-uid and constellation-role tags on GCP. This is a breaking change for existing clusters.

Deprecated

  • access-manager is no longer deployed.

Removed

  • endpoint flag of constellation init. IP is now always taken from the constellation-id.json file.
  • constellation-state.json file won't be created anymore. Resources are now managed through Terraform.
Assets 16
Loading