mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-10-01 01:36:09 -04:00
parent
3b94a6b620
commit
95e2c91821
62
CHANGELOG.md
62
CHANGELOG.md
@ -1,3 +1,16 @@
|
|||||||
|
<!--
|
||||||
|
|
||||||
|
Styleguide for this document:
|
||||||
|
|
||||||
|
- Sentences should end with a period.
|
||||||
|
- This is the keepachangelog style, whereas the Microsoft Style Guide we use for other docs omits periods for short list items.
|
||||||
|
- Omit the verb if possible.
|
||||||
|
- "Early boot logging ..." instead of "Add early boot logging ...".
|
||||||
|
- If you need a verb, it should usually be imperative mood (Add instead of Added).
|
||||||
|
- Items should start with a capital letter.
|
||||||
|
|
||||||
|
-->
|
||||||
|
|
||||||
# Changelog
|
# Changelog
|
||||||
All notable changes to Constellation will be documented in this file.
|
All notable changes to Constellation will be documented in this file.
|
||||||
|
|
||||||
@ -6,36 +19,44 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|||||||
|
|
||||||
## [Unreleased]
|
## [Unreleased]
|
||||||
### Added
|
### Added
|
||||||
- Early boot logging for Cloud Provider: GCP & Azure
|
|
||||||
- Added `constellation-access-manager`, allowing users to manage SSH users over a ConfigMap. This allows persistent & dynamic management of SSH users on multiple nodes, even after a reboot.
|
|
||||||
- GCP-native Kubernetes load balancing
|
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
- Create `constellation-id.json` when initializing the cluster to save the cluster's unique ID and the owner ID to disk. Verifying will read this file back to use the values for the verification. This is overriden by specifying the command line arguments.
|
|
||||||
|
### Deprecated
|
||||||
|
|
||||||
### Removed
|
### Removed
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
### Security
|
### Security
|
||||||
- GCP WireGuard encryption via cilium
|
- Create Kubernetes CA signed kubelet certificates on activation.
|
||||||
|
|
||||||
### Internal
|
### Internal
|
||||||
- Added `constellation-activation-service`, offloading new Kubernetes node activation from monolithic Coordinator to Kubernetes native micro-service
|
|
||||||
|
## [1.3.0] - 2022-07-05
|
||||||
|
### Added
|
||||||
|
- Early boot logging for GCP and Azure. [[Docs]](https://constellation-docs.edgeless.systems/6c320851-bdd2-41d5-bf10-e27427398692/#/workflows/troubleshooting?id=cloud-logging)
|
||||||
|
- `constellation-access-manager` allows users to manage SSH users over a ConfigMap. Enables persistent and dynamic management of SSH users on multiple nodes, even after a reboot. [[Docs]](https://constellation-docs.edgeless.systems/6c320851-bdd2-41d5-bf10-e27427398692/#/workflows/ssh)
|
||||||
|
- GCP-native Kubernetes load balancing. [[Docs]](https://constellation-docs.edgeless.systems/6c320851-bdd2-41d5-bf10-e27427398692/#/architecture/networking)
|
||||||
|
- `constellation version` prints more information to aid in troubleshooting. [[Docs]](https://constellation-docs.edgeless.systems/6c320851-bdd2-41d5-bf10-e27427398692/#/reference/cli?id=constellation-version)
|
||||||
|
- Standard logging for all services and CLI, allows users to control output in a consistent manner.
|
||||||
|
- `constellation-id.json` in Constellation workspace now holds cluster IDs, to reduce required arguments in Constellation commands, e.g., `constellation verify`.
|
||||||
|
|
||||||
|
### Changed
|
||||||
|
- New `constellation-activation-service` offloads Kubernetes node activation from monolithic Coordinator to Kubernetes native micro-service. [[ReadMe]](https://github.com/edgelesssys/constellation/blob/main/activation/README.md)
|
||||||
|
- Improve user-friendliness of error messages in Constellation CLI.
|
||||||
|
- Move verification from extracting attestation statements out of aTLS handshake to a dedicated `verify-service` in Kubernetes with gRPC and HTTP endpoints.
|
||||||
|
|
||||||
|
### Security
|
||||||
|
- GCP WireGuard encryption via cilium.
|
||||||
|
|
||||||
|
### Internal
|
||||||
|
- Refactore folder structure of repository to better reflect `internal` implementation and public API.
|
||||||
|
- Extend `goleak` checks to all tests.
|
||||||
|
|
||||||
## [1.2.0] - 2022-06-02
|
## [1.2.0] - 2022-06-02
|
||||||
### Added
|
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
replaced flannel CNI with cilium
|
- Replace flannel CNI with Cilium.
|
||||||
|
|
||||||
### Removed
|
|
||||||
|
|
||||||
### Fixed
|
|
||||||
|
|
||||||
### Security
|
|
||||||
|
|
||||||
### Internal
|
|
||||||
|
|
||||||
## [1.1.0] - 2022-06-02
|
## [1.1.0] - 2022-06-02
|
||||||
### Added
|
### Added
|
||||||
@ -85,7 +106,8 @@ replaced flannel CNI with cilium
|
|||||||
## [1.0.0] - 2022-04-28
|
## [1.0.0] - 2022-04-28
|
||||||
Initial release of Constellation. With underlying WireGuard and Kubernetes compliant.
|
Initial release of Constellation. With underlying WireGuard and Kubernetes compliant.
|
||||||
|
|
||||||
[Unreleased]: https://github.com/edgelesssys/constellation/compare/v1.2.0...HEAD
|
[Unreleased]: https://github.com/edgelesssys/constellation/compare/v1.3.0...HEAD
|
||||||
[1.2.0]: https://github.com/edgelesssys/constellation/releases/tag/v1.2.0
|
[1.3.0]: https://github.com/edgelesssys/constellation/compare/v1.2.0...v1.3.0
|
||||||
[1.1.0]: https://github.com/edgelesssys/constellation/releases/tag/v1.1.0
|
[1.2.0]: https://github.com/edgelesssys/constellation/compare/v1.1.0...v1.2.0
|
||||||
|
[1.1.0]: https://github.com/edgelesssys/constellation/compare/v1.0.0...v1.1.0
|
||||||
[1.0.0]: https://github.com/edgelesssys/constellation/releases/tag/v1.0.0
|
[1.0.0]: https://github.com/edgelesssys/constellation/releases/tag/v1.0.0
|
||||||
|
@ -2,10 +2,10 @@ package resources
|
|||||||
|
|
||||||
const (
|
const (
|
||||||
// Constellation images.
|
// Constellation images.
|
||||||
activationImage = "ghcr.io/edgelesssys/constellation/activation-service:v1.2"
|
activationImage = "ghcr.io/edgelesssys/constellation/activation-service:v1.3"
|
||||||
accessManagerImage = "ghcr.io/edgelesssys/constellation/access-manager:v1.2"
|
accessManagerImage = "ghcr.io/edgelesssys/constellation/access-manager:v1.3"
|
||||||
kmsImage = "ghcr.io/edgelesssys/constellation/kmsserver:v1.2"
|
kmsImage = "ghcr.io/edgelesssys/constellation/kmsserver:v1.3"
|
||||||
verificationImage = "ghcr.io/edgelesssys/constellation/verification-service:v1.2"
|
verificationImage = "ghcr.io/edgelesssys/constellation/verification-service:v1.3"
|
||||||
|
|
||||||
// external images.
|
// external images.
|
||||||
clusterAutoscalerImage = "k8s.gcr.io/autoscaling/cluster-autoscaler:v1.23.0"
|
clusterAutoscalerImage = "k8s.gcr.io/autoscaling/cluster-autoscaler:v1.23.0"
|
||||||
|
17
docs/release.md
Normal file
17
docs/release.md
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
# Release Checklist
|
||||||
|
|
||||||
|
This checklist will prepare `v1.3.0` from `v1.2.0`. Adjust your version numbers accordingly.
|
||||||
|
|
||||||
|
1. Merge ready PRs
|
||||||
|
2. Use [Build micro-service manual](https://github.com/edgelesssys/constellation/actions/workflows/build-micro-service-manual.yml) and run the pipeline once for each micro-service with the following parameters:
|
||||||
|
* branch: `main`
|
||||||
|
* Container image tag: `v1.3.0`
|
||||||
|
* Version of the image to build: `1.3.0`
|
||||||
|
3. Create a new branch to prepare the following things:
|
||||||
|
1. Review and update changelog with all changes since last release. [GitHub's diff view](https://github.com/edgelesssys/constellation/compare/v1.2.0...main) helps a lot!
|
||||||
|
2. Update versions [images.go](../coordinator/kubernetes/k8sapi/resources/images.go) to `v1.3`. Omit patch version so containers pick up patch level updates automatically.
|
||||||
|
3. Merge this branch
|
||||||
|
4. Create a new tag in `constellation`
|
||||||
|
* `git tag v.1.3.0`
|
||||||
|
5. Create a new tag in `constellation-docs`
|
||||||
|
* `git tag v.1.3.0`
|
Loading…
Reference in New Issue
Block a user