Skip to content

v0.3.6

Latest
Latest

Choose a tag to compare

View all tags
@github-actions github-actions released this 15 Nov 16:27
· 23 commits to main since this release
v0.3.6
This tag was signed with the committer’s verified signature.
atlet99 Abdurakhman Rakhmankulov
GPG key ID: 6D1619303294BCC9
Verified
Learn about vigilant mode.
b5a2b3f
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

OpenKMS v0.3.6

Release v0.3.6 of OpenKMS - autonomous, easily deployable, opinionated KMS for on-prem/air-gap infrastructures.

Docker Images (signed with Cosign)

Docker images are available at GitHub Container Registry (ghcr.io). All images are signed with Cosign:

  • server:0.3.6 and server:latest
  • cli:0.3.6 and cli:latest

Verify image signatures using the public key from the repository:

export USERNAME=<your-github-username>
cosign login ghcr.io -u "$USERNAME"
cosign verify --key cosign.pub ghcr.io/gosayram/openkms/server:0.3.6

The cosign.pub file is available in the repository root.

Binaries (signed with GPG)

This release includes the following binaries, signed with GPG:

  • openkms-server - OpenKMS server
  • openkms-cli - OpenKMS CLI tool

Installation

Download the appropriate binary or archive for your platform from the assets below.

Verification

Verify checksums:

sha256sum --check openkms_0.3.6_checksums.txt

Verify checksum signature:

gpg --verify openkms_0.3.6_checksums.txt.sig openkms_0.3.6_checksums.txt

Verify binary signatures:

# For Linux amd64
gpg --verify openkms-server_linux_amd64.sig openkms-server
gpg --verify openkms-cli_linux_amd64.sig openkms-cli

# For other platforms, replace linux_amd64 with your platform (e.g., darwin_arm64v8, windows_amd64)

Changelog

New Features

  • 1b300a4: [FEATURE] - Add ABAC support for authorization #16 (@atlet99)
  • ab8c209: [FEATURE] - Add CI/CD integration examples for artifact signing (@atlet99)
  • 23f380f: [FEATURE] - Add PKCS#11 and TPM 2.0 support for master key providers; (@atlet99)
  • 855f8a0: [FEATURE] - Add multi-tenant policies support (@atlet99)
  • 0e1b152: [FEATURE] - Add verification utilities for Cosign signatures (@atlet99)
  • b7c1d1d: [FEATURE] - Implement Cosign v3+ compatible artifact signing (@atlet99)
  • 0983f02: [FEATURE] - Implement artifact signature format for Cosign v3 (@atlet99)
  • 196037a: [FEATURE] - Implement policy inheritance for RBAC and ABAC (@atlet99)

Bug fixes

Updates and Enhancements

Documentation updates

Full Changelog: v0.3.5...v0.3.6

Contributors

atlet99
Assets 22
Loading