v0.4.4

Changelog

• 59ff02b add annotations for registry @amartin120
• 8b33980 add annotations for key and platform @amartin120

Full Changelog: v0.4.3...v0.4.4

Hauler now allows for the use of key/platform/registry annotations for the image spec of a Hauler manifest. This gives users the ability to provide global overrides without the use of specifying flags via the CLI.

apiVersion: content.hauler.cattle.io/v1alpha1
kind: Images
metadata:
  name: <name>
  annotations:
    hauler.dev/key: <cosign public key>
    hauler.dev/platform: <platform>
    hauler.dev/registry: <registry>

Flags passed from the CLI have a global effect on any image UNLESS it has a (key/platform) specified on the individual image. Individual image key/platform takes precedence.

If you have hauler.dev/key and/or hauler.dev/platform at the annotation level, it would work just like the CLI flag and globally apply for everything except individual images specifying otherwise. Just like above.

If you just so happen to provide both an annotation AND the CLI flag for the same thing, the CLI flag wins.

As for the hauler.dev/registry annotation, it will apply globally unless the provided image reference already has a registry specified in its name.

v0.4.3

Changelog

• 1ae496f dep bumps for security vuln fixes @amartin120
• fc7a19c check tag to determine pre-release @amartin120
• 85d6bc0 Update install.sh for file cleaning @clemenko
• a05d21c add platform flag for image add and sync @amartin120
• 0e6c369 bump cosign version to v2.2.2+carbide.2 @amartin120
• a977cec improve cosign setup @amartin120
• fbafa60 updated archive default name @zackbradys
• b24b25d add license file @amartin120
• d9e298b adjust to make registry and fileserver subcommands @amartin120
• e14453f add fileserver option for store serve @amartin120

Notable updates:

• hauler store add image and hauler store sync now have a --platform flag for better handling of multi-arch images. Omitting the flag will default to pulling/saving the entirety of a multi-arch image just as it's done in previous versions.

  • Hauler manifests provided to the sync command now support a platform attribute for individual images as well. For example:

    apiVersion: content.hauler.cattle.io/v1alpha1
    kind: Images
    metadata:
    name: hauler-content-images-example
    spec:
    images:
      - name: nginx
        key: key.pub
        platform: linux/amd64

• hauler store serve has been broken down into hauler store serve registry/fileserver to handle the addition of the fileserver option.
• cosign has better integration with Hauler. (behind the scenes stuff, but still...)

Full Changelog: v0.4.2...v0.4.3

v0.4.3-rc.1

Changelog

• a05d21c add platform flag for image add and sync @amartin120
• 0e6c369 bump cosign version to v2.2.2+carbide.2 @amartin120
• a977cec improve cosign setup @amartin120
• fbafa60 updated archive default name @zackbradys
• b24b25d add license file @amartin120
• d9e298b adjust to make registry and fileserver subcommands @amartin120
• e14453f add fileserver option for store serve @amartin120

Full Changelog: v0.4.2...v0.4.3-rc.1

v0.4.2

Changelog

• 2174e96 add simple type filter to hauler store info
• 4dbff83 fix for validating foreign blobs
• e229c2a fix for chart tags with a +
• a7cbfcb updated/fixed hauler install.sh

v0.4.2-rc.1

Changelog

• 8cfe443 Merge pull request #149 from amartin120/registry-serve-fix
• f129484 Merge pull request #148 from amartin120/fix-chart-tags
• 4dbff83 fix for validating foreign blobs
• e229c2a fix for chart tags with a +
• 2a93e74 merge pull request #147 from zackbradys/main
• 4d5d9ed updated readme for hauler install
• a7cbfcb updated/fixed hauler install.sh

v0.4.1

Changelog

• 6e3d3fc updated store info to handle multi arch images
• 0f7f363 improved logging for hauler store copy
• 93ae968 add autocompletion
• b0a37d2 performance fix for images
• aa16575 cleaned up version command more
• c497f53 fix hauler version display
• f1fbd7e don't flush store on each sync
• f348fb8 registry auth fix for copy
• fe60b1f add retry logic

Full Changelog: v0.4.0...v0.4.1

v0.4.1-rc.2

Changelog

• 93ae968 add autocompletion
• b0a37d2 performance fix for images
• aa16575 cleaned up version command more

v0.4.1-rc.1

Changelog

• c497f53 fix hauler version display
• f1fbd7e don't flush store on each sync
• f348fb8 registry auth fix for copy
• fe60b1f add retry logic

v0.4.0

v0.4.0 adds cosign functionality for handling image verification for signed images. This update also includes the addition of "hauling" digital signatures, attestations, and SBOMs for any image added containing those artifacts.

Changelog

• 4d950f7 Add OCI hauler manifests. (#136)
• 4772657 Add cosign for handling image functionality. (#134)
• 865afb4 updated readme for extra info
• b616f54 updated readme for deprecated commands
• d46ccd0 updated github templates
• 99288f9 removed old docs
• 2cc5e90 updated readme
• f2b0c44 polish up cosign verify for hauler store sync
• 356c46f update go.mod
• 323b93a fix cosign verify logging
• bb9a088 fixes and logging for cosign verify
• 96d92e3 impl for cosign functions for images & store copy
• 220eeed add cosign drop-in funcs
• 3049846 cli updates to accomodate the cosign additions
• ece463b adjust Makefile to be a little more generic
• 58c55d7 add cosign logic
• 214ed48 updates to OCIL funcs to handle cosign changes
• 7d6bbbc pull back in ocil
• 9862e61 update github action deps as well
• fe7122d update dependencies
• 4beb4d4 deprecation notices for dl and non-store serve
• 4ed1b0a Update walkthrough.md
• 3888e23 reworded code comment to be more accurate
• 425c92e added missing 'cat contents.yaml' to example
• 011a4d8 adding imperative generation of declarative config example to doc
• c60ccc8 Merge pull request #116 from noslzzp/main
• 6ebcd50 Update README.md
• be486df fix carbide cosign repo path and perms

v0.4.0-rc.2

Changelog

• be486df fix carbide cosign repo path and perms