Releases: some-natalie/kubernoodles
v0.15.1
v0.15.0 - add sigstore signing of all images, auto-updating vulnerability summary, and many dependabot bumps
Changes
- add another matrix dimension to container hooks @some-natalie (#281)
- container scaling test uses multiple containers on same runner set @some-natalie (#280)
- bump runner and fix linter nags @some-natalie (#279)
- bump runner to 2.321.0 @some-natalie (#277)
- bump deps @some-natalie (#276)
- try this to push all tags @some-natalie (#272)
- dependency bumps @some-natalie (#269)
- bump deps @some-natalie (#268)
- the better way to dismiss alerts on other architectures @some-natalie (#267)
- only scan on one architecture to dedupe results @some-natalie (#266)
- bump docker and compose @some-natalie (#265)
- readme update script to include architectures @some-natalie (#264)
- bump runner @some-natalie (#262)
- bump runner to 2.319.0 @some-natalie (#261)
- bump dependencies @some-natalie (#259)
- bump docker @some-natalie (#257)
🧰 Maintenance
- Bump anchore/scan-action from 4 to 5 @dependabot (#270)
- Bump super-linter/super-linter from 6 to 7 @dependabot (#263)
- Bump anchore/scan-action from 3 to 4 @dependabot (#258)
Contributors
Assets 2
v0.14.0
f5e7529
some-natalie
Natalie Somersall
What's Changed
The images build themselves on latest once a week. Then the readme file updates itself based on CVE scan results.
Add Ubuntu 24.04 LTS.
Bump deps.
Full Changelog: v0.13.4...v0.14.0
v0.13.4
Changes
Cutting a release to rebuild, but also to see what the new build summary is looking like
🧰 Maintenance
- Bump docker/build-push-action from 5 to 6 @dependabot (#252)
Contributors
Assets 10
v0.13.3 - now with better sbom naming, i think
Changes
- update sbom action and test deployments @some-natalie (#251)
Contributors
Assets 10
v0.13.2
Changes
- bump arc to 0.9.2, ubi9 to 9.4, docker too @some-natalie (#250)
Contributors
Assets 6
v0.13.1
Changes
- bunch of small cleanup tasks @some-natalie (#249)
Contributors
Assets 6
v0.13.0
🐙 Now there's a runner to use based on Wolfi to lower CVEs and bring some ConMon sanity to Feds and Fed-adjacent folks. Given some of the conversations I've had over the years about container security w/i ARC, it makes sense to pave a path towards a sane count of CVEs for use in highly secured environments.
The new wolfi runner image goes from 67 CVEs in the upstream (actions/runner) image to a more-manageable 6 CVEs (according to Grype 0.77.1 on 29 April 2024). It's anticipated that it'll stay significantly lower moving forwards as well.
Changes
- change home paths to match upstream @some-natalie (#248)
- add wolfi dockerfile and helm charts for deployment @some-natalie (#247)
- Wolfi runner addition @some-natalie (#245)
- change test suite to run on a local cluster @some-natalie (#246)
Contributors
Assets 6
v0.12.7
Changes
- bump runner, docker version @some-natalie (#244)
- bump docker @some-natalie (#243)
Contributors
Assets 5
v0.12.6
e064608
some-natalie
Natalie Somersall
Changes
- Not much changed. Just bumped the test-image workflows for Actions to 0.9.1
Happy automating! 🥂