v0.6.0

Notice: The server side remote fetching of resources will be removed in the next release

What's Changed

• attempting to fix codeowners file by @bobcallaway in #653
• Update the warning text for the GA release. by @dlorenc in #654
• Bump github.com/go-openapi/runtime from 0.22.0 to 0.23.0 by @dependabot in #655
• Bump github.com/go-openapi/strfmt from 0.21.1 to 0.21.2 by @dependabot in #656
• Bump go.uber.org/zap from 1.20.0 to 1.21.0 by @dependabot in #660
• Bump github/codeql-action from 1.0.31 to 1.0.32 by @dependabot in #659
• use upstream k8s version lib by @n3wscott in #657
• Bump golang from 301609e to fff998d by @dependabot in #662
• Bump actions/setup-go from 2.1.5 to 2.2.0 by @dependabot in #663
• Bump gopkg.in/ini.v1 from 1.66.3 to 1.66.4 by @dependabot in #664
• Add docs about API stability and deprecation policy by @priyawadhwa in #661
• update cross-build and dockerfile to use go 1.17.7 by @cpanato in #666
• Bump github/codeql-action from 1.0.32 to 1.1.0 by @dependabot in #668
• Bump actions/github-script from 5.1.0 to 6 by @dependabot in #669
• Move k8s objects out of the default namespace by @k4leung4 in #674
• add securityContext to deployment. by @k4leung4 in #678
• Add intoto type documentation by @jspeed-meyers in #679
• create namespace for rekor config in yaml. by @k4leung4 in #680
• Bump github/codeql-action from 1.1.0 to 1.1.2 by @dependabot in #682
• Bump ossf/scorecard-action from 1.0.3 to 1.0.4 by @dependabot in #683
• Set rekor-cli User-Agent header on requests by @bobcallaway in #684
• update security process link by @bobcallaway in #685
• Bump sigstore/cosign-installer from 2.0.0 to 2.0.1 by @dependabot in #686
• explicitly set permissions for github actions by @k4leung4 in #687
• Bump github.com/go-openapi/runtime from 0.23.0 to 0.23.1 by @dependabot in #689
• Bump github/codeql-action from 1.1.2 to 1.1.3 by @dependabot in #690
• Bump golangci/golangci-lint-action from 2.5.2 to 3 by @dependabot in #691
• Bump goreleaser/goreleaser-action from 2.8.1 to 2.9.0 by @dependabot in #692
• Bump golangci/golangci-lint-action from 3.0.0 to 3.1.0 by @dependabot in #693
• Bump github.com/secure-systems-lab/go-securesystemslib from 0.3.0 to 0.3.1 by @dependabot in #695
• Bump actions/setup-go from 2.2.0 to 3.0.0 by @dependabot in #694
• Bump goreleaser/goreleaser-action from 2.9.0 to 2.9.1 by @dependabot in #696
• Bump actions/checkout from 2.4.0 to 3 by @dependabot in #698
• Add documentation about Alpine type by @jspeed-meyers in #697
• Add code coverage to pull requests. by @k4leung4 in #676
• Consistent parenthesis use in Makefile by @k4leung4 in #700
• Go update to 1.17.8 and cosign to 1.6.0 by @cpanato in #705
• Bump actions/upload-artifact from 2.3.1 to 3 by @dependabot in #704
• Use logRangesFlag in API, route reads based on TreeID by @lkatalin in #671
• Generate release yaml for non-CI builds. by @k4leung4 in #702
• Bump sigstore/cosign-installer from 2.0.1 to 2.1.0 by @dependabot in #708
• Bump github.com/go-openapi/runtime from 0.23.1 to 0.23.2 by @dependabot in #710
• Bump anchore/sbom-action from 0.6.0 to 0.7.0 by @dependabot in #709
• Mirror signed release images from GCR to GHCR as part of release by @k4leung4 in #701
• Bump golang from 0168c35 to ca70980 by @dependabot in #707
• build trillian container to existing release. by @k4leung4 in #715
• Bump github/codeql-action from 1.1.3 to 1.1.4 by @dependabot in #716
• Bump github.com/go-playground/validator/v10 from 10.10.0 to 10.10.1 by @dependabot in #717
• Make the loginfo command a bit more future/backwards proof. by @dlorenc in #718
• Switch to using the swag library for pointer manipulation. by @dlorenc in #719
• Change TreeID to be of type string instead of int64 by @priyawadhwa in #712
• Add sharding e2e test to Github Actions by @priyawadhwa in #714
• fix merge conflict by @priyawadhwa in #720
• Bump google.golang.org/grpc from 1.44.0 to 1.45.0 by @dependabot in #723
• Bump golang from ca70980 to c7c9458 by @dependabot in #722
• Clearer logging for createAndInitTree by @priyawadhwa in #724
• Bump github.com/spf13/cobra from 1.3.0 to 1.4.0 by @dependabot in #728
• Return virtual index when creating and getting a log entry by @priyawadhwa in #725
• Fix copy/paste mistake in repo name. by @k4leung4 in #730
• Use reusuable release workflow in sigstore/sigstore by @k4leung4 in #729
• Bump github/codeql-action from 1.1.4 to 1.1.5 by @dependabot in #736
• Get log proofs by Tree ID by @priyawadhwa in #733
• Refactor rekor-cli loginfo by @priyawadhwa in #734
• Bump github.com/go-openapi/runtime from 0.23.2 to 0.23.3 by @dependabot in #740
• Update loginfo API endpoint to return information about inactive shards by @priyawadhwa in #738
• Bump google.golang.org/protobuf from 1.27.1 to 1.28.0 by @dependabot in #744
• Replace trillian_log_server.log_id_ranges flag with a config file by @priyawadhwa in #742
• Bump anchore/sbom-action from 0.7.0 to 0.8.0 by @dependabot in #743
• fix build date format for version command by @cpanato in #745
• Require tlog_id when log_id_ranges is passed in by @lkatalin in #739
• Use active tree on server startup by @lkatalin in #727
• Bump github/codeql-action from 1.1.5 to 2.1.6 by @dependabot in #748
• Specify public key for inactive shards in shard config by @priyawadhwa in #746
• Add support for providing certificate chain for X509 signature types by @haydentherapper in #747
• Bump google-github-actions/auth from 0.6.0 to 0.7.0 by @dependabot in #751
• Bump github/codeql-action from 2.1.6 to 2.1.7 by @dependabot in #752
• Bump codecov/codecov-action from 2.1.0 to 3 by @dependabot in #753
• Bump anchore/sbom-action from 0.8.0 to 0.9.0 by @dependabot in #754
• Bump sigstore/cosign-installer from 2.1.0 to 2.2.0 by @dependabot in #757
• fix typo in filename by @bobcallaway in #758
• Update release jobs and trillian images by @cpanato in #756
• Bump github/codeql-action from 2.1.7 to 2.1.8 by @dependabot in #762
• Bump anchore/sbom-action from 0.9.0 to 0.10.0 by @dependabot in #763
• Add the SHA256 digest of the intoto payload into the rekor entry by @bobcallaway in #764
• Add index to hashed intoto envelope by @asraa in #761
• Fix link in types README by @eddiezane in #765
• set p.Block after parsing in helm provenance type by @bobcallaway in #759
• Bump github.com/go-openapi/spec from 0.20.4 to 0.20.5 by @dependabot in #768
• Fix search without sha prefix by @eddiezane in #767
• Add in configmap to release for sharding config by @priyawadhwa in #766
• Search inactive trees for GET by UUID requests by @lkatalin in #750
• Create EntryID for new artifacts and return EntryID to user by @lkatalin in #623
• Update cloudbuild to not fail when copy the images by @cpanato in #773
• update release job to use go 1.17.9 by @cpanato in #775
• add changelog for v0.6.0 by @cpanato in #772

New Contributors

• @n3wscott made their first contribution in #657
• @k4leung4 made their first contribution in #674
• @jspeed-meyers made their first contribution in #679
• @haydentherapper made their first contribution in #747
• @eddiezane made their first contribution in #765

Full Changelog: v0.5.0...v0.6.0

Thanks for all contributors!