Skip to content

v0.8.2
Compare
Choose a tag to compare
@fitzthum fitzthum released this 09 Feb 21:49
· 301 commits to main since this release
v0.8.2
edc416e

Note

There is no KBS v0.8.1. There was a v0.8.1 of the attestation-service and rvps prior to the repo merge.

Many significant changes have been made to the KBS while general CoCo releases have been suspended. Hence, we have released KBS v0.8.2. Among other things the changes include a significant security fix that squashes a bug where the result of the resource policy was not properly checked.

What's Changed

  • Merge Attestation-Service and KBS by @Xynnn007 in #173
  • docs: fix links inside documents by @Xynnn007 in #222
  • build(deps): Bump rustls-pemfile from 1.0.3 to 1.0.4 by @dependabot in #224
  • build(deps): bump docker/login-action from 2 to 3 by @dependabot in #161
  • build(deps): bump docker/build-push-action from 4 to 5 by @dependabot in #160
  • build(deps): Bump github.com/open-policy-agent/opa from 0.56.0 to 0.58.0 in /attestation-service/attestation-service/src/cgo by @dependabot in #176
  • Fix Azure SNP vTPM attestation (grpc) by @lmilleri in #221
  • k8s-configs: Add Ingress config by @surajssd in #166
  • attestation-service: Fix report signature validation in SNP verifier by @mkulke in #229
  • attestation-service: Reuse SNP verifier logic in az-snp-vtpm by @mkulke in #230
  • attestation: verifier: tdx: Allow equals in kernel param values by @jodh-intel in #227
  • attestation-service: fix checks for VCEK signature by @mkulke in #233
  • Refactor Attestation-Service by @Xynnn007 in #216
  • attestation-agent: fail fast on broken AMD certs by @mkulke in #236
  • Fix cgo mods in AS & RVPS by @Xynnn007 in #239
  • CSV Verifier: Update Evidence format by @jialez0 in #243
  • Rename Amber to Intel Trust Authority by @mythi in #244
  • attestation-service: bump az-snp-vtpm verifier by @mkulke in #245
  • chore: fix some comments around RVPS by @chendave in #247
  • build(deps): Bump github.com/open-policy-agent/opa from 0.58.0 to 0.59.0 in /attestation-service/attestation-service/src/cgo by @dependabot in #249
  • kbs: Build image on merge to main by @kartikjoshi21 in #170
  • build(deps): Bump docker/login-action from 2 to 3 by @dependabot in #252
  • build(deps): Bump docker/setup-buildx-action from 1 to 3 by @dependabot in #251
  • AS: add parsed claims for TDX/SGX and documents by @Xynnn007 in #248
  • Cca: Get the evidence from EAR (EAT Attesation Result) by @chendave in #241
  • kbs: Fix docker registry name in image build workflow by @kartikjoshi21 in #254
  • build(deps): Bump actions/setup-go from 4 to 5 by @dependabot in #257
  • attestation: verifier: tdx: Rework TdShimPlatformConfigInfo try_from by @jodh-intel in #255
  • Fix dependency version when building container image by @Xynnn007 in #261
  • [Attestation Service] Change the API of CoCo-AS by @Xynnn007 in #240
  • build(deps): Bump github.com/open-policy-agent/opa from 0.59.0 to 0.60.0 in /attestation-service/attestation-service/src/cgo by @dependabot in #263
  • Bump kbs-types and kbs_protocol dep version by @Xynnn007 in #266
  • Bump kbs protocol by @Xynnn007 in #267
  • Attestation Service | Add RESTful CoCo-AS Implementation by @Xynnn007 in #262
  • build(deps): Bump anstyle-wincon from 3.0.1 to 3.0.2 by @dependabot in #268
  • build(deps): Bump is-terminal from 0.4.9 to 0.4.10 by @dependabot in #270
  • kbs/tool: remove unless dependency by @Xynnn007 in #271
  • Added e2e test for CoCo-AS using SNP evidence by @Xynnn007 in #264
  • build(deps): Bump rustix from 0.38.26 to 0.38.28 by @dependabot in #273
  • ci: build grpc kbs every merge to main by @Xynnn007 in #272
  • KBS/perf: promote the concurrency performance of KBS by @Lu-Biao in #275
  • KBS: Optimize performance and memory usage by @Xynnn007 in #258
  • AS/Verifier: fix the report/init data comparation by @Xynnn007 in #274
  • build(deps): Bump memchr from 2.6.4 to 2.7.1 by @dependabot in #276
  • Fix RVPS binary building & push image every merge to main by @Xynnn007 in #277
  • build(deps): Bump anyhow from 1.0.75 to 1.0.79 by @dependabot in #278
  • build(deps): Bump schannel from 0.1.22 to 0.1.23 by @dependabot in #280
  • Add end-to-end test with docker compose and sample attester by @fitzthum in #283
  • e2e-test: enable real TEE on self-hosted runners by @mkulke in #284
  • build(deps): Bump actions/checkout from 3 to 4 by @dependabot in #288
  • e2e: reference kbs-e2e.yaml worfklows locally by @mkulke in #291
  • Support X.509 Certificate in Attestation Token. by @jialez0 in #265
  • Add support az-tdx-vtpm tee by @mkulke in #169
  • az-snp-vtpm-verifier: remove report_data padding by @mkulke in #295
  • Fix Verifier CI coverage problem by @Xynnn007 in #299
  • build(deps): Bump actions/cache from 3 to 4 by @dependabot in #296
  • kbs: Update csv-rs dep to rev b74aa8c. by @BaoshunFang in #301
  • Improve Documentation by @fitzthum in #287
  • ci: fetch the head of a PR in kbs TEE runs by @mkulke in #309
  • ci: Add default user for git rebase by @mkulke in #314
  • ci: install libssl-dev for e2e on self-hosted runners by @mkulke in #308
  • docs: Fix typo in cluster documentation by @GabyCT in #316
  • docs: Improve RVPS document by @GabyCT in #317
  • k8s: Add RVPS config to kbs-config by @surajssd in #318
  • Update az snp / tdx vtpm dependency to 0.5 by @surajssd in #293
  • ci: introduce actionlint and fix findings by @mkulke in #315
  • build(deps): Bump github.com/open-policy-agent/opa from 0.60.0 to 0.61.0 in /attestation-service/attestation-service/src/cgo by @dependabot in #305
  • Release: Update KBS for v0.8.2 release by @portersrc in #319

New Contributors

Full Changelog: v0.8.0...v0.8.2

Contributors

mkulke, portersrc, and 13 other contributors
Assets 3
Loading