Releases: tetrateio/authservice-go
v1.0.2
This version is focused on security fixes and CVE patches. It bumps all dependencies to fix several CVEs, notably:
Upgrades to Go to 1.21.8 to fix the following CVEs:
Upgrade google.golang.org/protobuf to v1.33.0 and github.com/golang/protobuf to v1.5.4 to fix the following CVEs:
It also adds several improvements to the Docker images, such as properly setting the metadata in the multi-arch images and configuring them to run as a non-root user.
Starting from v1.0.2, all the pull requests and commits to the main and release branches will be scanned for vulnerabilities, and CVEs will be detected much earlier.
What's Changed
- FIPS enabled message using the logging framework by @nacx in #77
- Upgrade Go and protobuf to fix several CVEs by @nacx in #78
- Upgrade to latest JWX v2 by @nacx in #80
- Properly set metadata in multi-arch images by @nacx in #81
- Bump dependencies and configure a nonroot user by @nacx in #82
Full Changelog: v1.0.1...v1.0.2
Contributors
Assets 6
v1.0.1
This authservice-go release is a continuation from the v1.0.0 release with the addition of FIPS-compliant builds. There are no code or feature changes, just the addition of FIPS to the build process.
Starting from this release, all the binaries, FIPS, and non-FIPS are uploaded to the release artifacts.
FIPS Docker images are also generated with the -fips suffix in the image tag.
What's Changed
- Upload binaries to releases by @nacx in #72
- Configure FIPS builds by @nacx in #71
- Configure CI to use Docker to build the FIPS binaries by @nacx in #74
- Remove workflow_dispatch to prevent manual pushes of images to the public repo by @nacx in #75
- Compress the binaries for smaller release artifacts by @nacx in #76
Full Changelog: v1.0.0...v1.0.1
Contributors
Assets 6
v1.0.0
authservice-go 1.0.0
This is the first release of the authservice-go! 🚀
This is a full rewrite of the Istio authservice project in pure Go, to improve code readability, testability, quality, and the overall maintainability of the project. It provides feature parity with the original project, and the Docker images that are published on the project's GitHub Docker registry can be used as a drop-in replacement for the old authservice ones.
This project adds extensive code coverage, several end-to-end test suites that verify the correct behaviour of the supported OIDC flows, as well as a compatibility suite that runs with both images, authservice-go and the old authservice to make sure backward-compatibility is not broken.
In addition to the extensive tests and feature parity, this first release of the authservice-go fixes the following issues on the original project:
- Add integration tests that can run in CI
- Allow configuration of endpoints by configuring the OIDC Provider's well-known endpoint
- CI could automatically build container images on every commit to master which passes unit tests
- Update base image of Authservice container image
- Change the inline OIDC client configuration to reference of a k8s secret
- How to set the client secret from an existing kubernetes secret?
Check it out!
- Use the Docker image right away.
- Or read the Development Guide and start contributing!
Initial contributors
The first release of authservice-go has been crafted with a lot of dedication and work from @zhaohuabing, @sergicastro, and @nacx. Thank you all for your contributions!
Full release changelog: https://github.com/tetrateio/authservice-go/commits/v1.0.0
