Releases: FairwindsOps/pluto
v5.20.2
Changelog
You can verify the signatures of both the checksums.txt file and the published docker images using cosign.
cosign 1.x
cosign verify-blob checksums.txt --signature=checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub
cosign 2.x
cosign verify-blob checksums.txt --signature=checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub --insecure-ignore-tlog
cosign verify us-docker.pkg.dev/fairwinds-ops/oss/pluto:v5 --key https://artifacts.fairwinds.com/cosign.pub
v5.20.1
Changelog
You can verify the signatures of both the checksums.txt file and the published docker images using cosign.
cosign 1.x
cosign verify-blob checksums.txt --signature=checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub
cosign 2.x
cosign verify-blob checksums.txt --signature=checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub --insecure-ignore-tlog
cosign verify us-docker.pkg.dev/fairwinds-ops/oss/pluto:v5 --key https://artifacts.fairwinds.com/cosign.pub
v5.20.0
Changelog
- e7460d3 fix: remove tag annotation requirement (#547)
- 43f2af7 feat: add audit apiversion check (#546)
- c312376 Bensky/kubeconfig flag (#545)
- 56a7b3d docs: update documentation from template (#544)
- 59abfcf fix #432 don't compare when object kind doesn't match kind in last-applied-configuration (#542)
You can verify the signatures of both the checksums.txt file and the published docker images using cosign.
cosign 1.x
cosign verify-blob checksums.txt --signature=checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub
cosign 2.x
cosign verify-blob checksums.txt --signature=checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub --insecure-ignore-tlog
cosign verify us-docker.pkg.dev/fairwinds-ops/oss/pluto:v5 --key https://artifacts.fairwinds.com/cosign.pub
v5.20
Changelog
- 495ed1f fix: remove tag annotation requirement
- 43f2af7 feat: add audit apiversion check (#546)
- c312376 Bensky/kubeconfig flag (#545)
- 56a7b3d docs: update documentation from template (#544)
- 59abfcf fix #432 don't compare when object kind doesn't match kind in last-applied-configuration (#542)
You can verify the signatures of both the checksums.txt file and the published docker images using cosign.
cosign 1.x
cosign verify-blob checksums.txt --signature=checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub
cosign 2.x
cosign verify-blob checksums.txt --signature=checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub --insecure-ignore-tlog
cosign verify us-docker.pkg.dev/fairwinds-ops/oss/pluto:v5 --key https://artifacts.fairwinds.com/cosign.pub
v5.19.4
Changelog
You can verify the signatures of both the checksums.txt file and the published docker images using cosign.
cosign 1.x
cosign verify-blob checksums.txt --signature=checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub
cosign 2.x
cosign verify-blob checksums.txt --signature=checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub --insecure-ignore-tlog
cosign verify us-docker.pkg.dev/fairwinds-ops/oss/pluto:v5 --key https://artifacts.fairwinds.com/cosign.pub
v5.19.3
Changelog
You can verify the signatures of both the checksums.txt file and the published docker images using cosign.
cosign 1.x
cosign verify-blob checksums.txt --signature=checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub
cosign 2.x
cosign verify-blob checksums.txt --signature=checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub --insecure-ignore-tlog
cosign verify us-docker.pkg.dev/fairwinds-ops/oss/pluto:v5 --key https://artifacts.fairwinds.com/cosign.pub
v5.19.2
Changelog
You can verify the signatures of both the checksums.txt file and the published docker images using cosign.
cosign 1.x
cosign verify-blob checksums.txt --signature=checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub
cosign 2.x
cosign verify-blob checksums.txt --signature=checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub --insecure-ignore-tlog
cosign verify us-docker.pkg.dev/fairwinds-ops/oss/pluto:v5 --key https://artifacts.fairwinds.com/cosign.pub
v5.19.1
Changelog
- b7e095e fix(release): fix goreleaesr
- 8375785 fix: goreleaser sign blob fix
- eebd815 fix(release): fix release; fix HIGH vulns (#532)
- 833dc21 fix(release): another attempt to fix the release step (#531)
- 4e7fff1 re-added equals sign (#530)
- 5739b71 Sc/try cosign change (#529)
- be6d45a Accept signature for cosign (#525)
You can verify the signatures of both the checksums.txt file and the published docker images using cosign.
cosign 1.x
cosign verify-blob checksums.txt --signature=checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub
cosign 2.x
cosign verify-blob checksums.txt --signature=checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub --insecure-ignore-tlog
cosign verify us-docker.pkg.dev/fairwinds-ops/oss/pluto:v5 --key https://artifacts.fairwinds.com/cosign.pub
v5.19.0
Changelog
You can verify the signatures of both the checksums.txt file and the published docker images using cosign.
cosign 1.x
cosign verify-blob checksums.txt --signature=checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub
cosign 2.x
cosign verify-blob checksums.txt --signature=checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub --insecure-ignore-tlog
cosign verify us-docker.pkg.dev/fairwinds-ops/oss/pluto:v5 --key https://artifacts.fairwinds.com/cosign.pub
v5.18.6
Changelog
You can verify the signatures of both the checksums.txt file and the published docker images using cosign.
cosign 1.x
cosign verify-blob checksums.txt --signature=checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub
cosign 2.x
cosign verify-blob checksums.txt --signature=checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub --insecure-ignore-tlog
cosign verify us-docker.pkg.dev/fairwinds-ops/oss/pluto:v5 --key https://artifacts.fairwinds.com/cosign.pub