v3.10.0

v3.10.0

Feat

• Allow updates to resources marked for deletion #2073

Build

• Update commands to match helm v4 #2054

Ci

• Retry build on cache miss #2103
• Enable cache again #2097
• Update tested k8s versions #2056
• Update helm to v4 #2054

Docs

• Updated signing instructions for multi arch #2049
• Update nv1/nv2 mentions following notation support #2082
• Document advanced considerations/information #2073
• Update metrics docs to reflect go instead of python #2075
• Remove mention of python in security.md #2074
• Remove reference to old dockerfile #2055
• Fix link to testing documentation #2055
• Update helm commands to match v4 #2054

Update

• Bump the gomod-packages group across 1 directory with 5 updates #2099
• Bump the gh-actions-packages group across 1 directory with 2 updates
• Bump the gomod-packages group across 1 directory with 13 updates
• Bump the gh-actions-packages group across 1 directory with 7 updates
• Bump the gomod-packages group across 1 directory with 8 updates
• Bump golang in /build in the docker-packages group
• Bump the gh-actions-packages group across 1 directory with 10 updates
• Update theupdateframework/go-tuf/v2@v2.4.1 funkypenguin#21
• Update transitive dependencies #2105

---

What's Changed

• update: update theupdateframework/go-tuf/v2@v2.4.1 by @phbelitz in #2048
• Develop by @phbelitz in #2047
• Update to Helm v4 by @Starkteetje in #2054
• Docs: fix references to old tests folder by @Starkteetje in #2055
• ci: Update tested k8s versions by @Starkteetje in #2056
• docs: Remove mention of Python in SECURITY.md by @Starkteetje in #2074
• docs: Update metrics docs to reflect Go instead of Python by @Starkteetje in #2075
• feat: Allow updates to resources marked for deletion by @Starkteetje in #2073
• update: bump the gh-actions-packages group across 1 directory with 10 updates by @dependabot[bot] in #2076
• update: bump golang from 1.25-alpine to 1.26-alpine in /build in the docker-packages group by @dependabot[bot] in #2057
• update: bump the gomod-packages group across 1 directory with 8 updates by @dependabot[bot] in #2077
• docs: Update nv1/nv2 mentions following notation support by @Starkteetje in #2082
• update: bump the gh-actions-packages group across 1 directory with 7 updates by @dependabot[bot] in #2096
• update: bump the gomod-packages group across 1 directory with 13 updates by @dependabot[bot] in #2093
• update: bump the gh-actions-packages group across 1 directory with 2 updates by @dependabot[bot] in #2102
• update: bump the gomod-packages group across 1 directory with 5 updates by @dependabot[bot] in #2099
• ci: enable cache again by @phbelitz in #2097
• docs: updated signing instructions for multi arch by @phbelitz in #2049
• ci: retry build on cache miss by @phbelitz in #2103

Full Changelog: v3.9.1...v3.10.0

v3.9.1

v3.9.1

Build

• Build multi-arch docker image for connaisseur #2027

Ci

• Disable multi-arch in ci #2027

Docs

• Updated releasing with multi arch #2041

Update

• Bump the gomod-packages group across 1 directory with 3 updates #2045
• Bump the gh-actions-packages group across 1 directory with 3 updates #2046
• Version bump and updated mails #2042
• Bump the gomod-packages group across 1 directory with 17 updates #2039
• Bump the gh-actions-packages group across 1 directory with 7 updates #2037
• Bump the gh-actions-packages group across 1 directory with 7 updates #2028
• update theupdateframework/go-tuf/v2@v2.4.1 #2048

---

What's Changed

• update: bump the gh-actions-packages group across 1 directory with 7 updates by @dependabot[bot] in #2028
• update: bump the gh-actions-packages group across 1 directory with 7 updates by @dependabot[bot] in #2037
• update: bump the gomod-packages group across 1 directory with 17 updates by @dependabot[bot] in #2039
• feat: build multi-arch docker image for connaisseur by @junydania in #2027
• Feat/multi arch by @phbelitz in #2040
• docs: updated releasing with multi arch by @phbelitz in #2041
• update: version bump and updated mails by @phbelitz in #2042
• update: bump the gh-actions-packages group across 1 directory with 3 updates by @dependabot[bot] in #2046
• update: bump the gomod-packages group across 1 directory with 3 updates by @dependabot[bot] in #2045

New Contributors

• @junydania made their first contribution in #2027

Full Changelog: v3.9.0...v3.9.1

v3.9.0

v3.9.0

Feat

• Notation support #1885

Ci

• Update go version used in ci #1985
• Update helm installation routine funkypenguin#19

Docs

• Fix error showing trustroot as required in policy for cosign validator #2014

Update

• Version bump #2013
• Bump the gomod-packages group across 1 directory with 5 updates #2012
• Bump the gh-actions-packages group across 1 directory with 2 updates #2010
• Bump github/codeql-action #2007
• Bump github.com/redis/go-redis/v9 in the gomod-packages group #2006
• Bump the gomod-packages group with 2 updates #2003
• Bump the gh-actions-packages group across 1 directory with 4 updates #2005
• Bump the gh-actions-packages group across 1 directory with 6 updates #2000
• Bump the gomod-packages group across 1 directory with 4 updates
• Bump the gomod-packages group across 1 directory with 11 updates
• Bump the gh-actions-packages group across 1 directory with 5 updates #1985

---

What's Changed

• ci: Update Helm installation routine by @Starkteetje in #1992
• Develop by @Starkteetje in #1993
• update: bump the gh-actions-packages group across 1 directory with 5 updates by @dependabot[bot] in #1985
• update: bump the gomod-packages group across 1 directory with 11 updates by @dependabot[bot] in #1994
• update: bump the gomod-packages group across 1 directory with 4 updates by @dependabot[bot] in #2002
• update: bump the gh-actions-packages group across 1 directory with 6 updates by @dependabot[bot] in #2000
• update: bump the gh-actions-packages group across 1 directory with 4 updates by @dependabot[bot] in #2005
• update: bump the gomod-packages group with 2 updates by @dependabot[bot] in #2003
• update: bump github.com/redis/go-redis/v9 from 9.14.0 to 9.14.1 in the gomod-packages group by @dependabot[bot] in #2006
• update: bump github/codeql-action from 4.30.8 to 4.30.9 in the gh-actions-packages group across 1 directory by @dependabot[bot] in #2007
• wip: notation implementation by @phbelitz in #1885
• update: bump the gh-actions-packages group across 1 directory with 2 updates by @dependabot[bot] in #2010
• update: bump the gomod-packages group across 1 directory with 5 updates by @dependabot[bot] in #2012
• update: version bump by @phbelitz in #2013
• docs: Fix error showing trustRoot as required in policy for Cosign va… by @Starkteetje in #2014
• V3.9.0 by @phbelitz in #2015

Full Changelog: v3.8.5...v3.9.0

v3.8.5

v3.8.5

Fix

• Allow redis image to be deployed by digest and only allow current digest by default #1988

Ci

• Separate categories for scanning result upload #1976

Test

• Replace official docker images with custom images #1976

Docs

• Upgrade docs announcement #1991

Update

• Bump golang in /build in the docker-packages group #1972
• Bump the gomod-packages group with 5 updates #1974
• Bump the gh-actions-packages group across 1 directory with 8 updates #1975
• Bump the gomod-packages group across 1 directory with 11 updates #1970

---

What's Changed

• update: bump the gomod-packages group across 1 directory with 11 updates by @dependabot[bot] in #1970
• test: Replace official Docker images with custom images by @Starkteetje in #1976
• update: bump the gh-actions-packages group across 1 directory with 8 updates by @dependabot[bot] in #1975
• update: bump the gomod-packages group with 5 updates by @dependabot[bot] in #1974
• update: bump golang from 1.24-alpine to 1.25-alpine in /build in the docker-packages group by @dependabot[bot] in #1972
• fix: Allow redis image to be deployed by digest and only allow current digest by default by @Starkteetje in #1988
• docs: Upgrade docs announcement by @Starkteetje in #1991
• Develop by @Starkteetje in #1989

Full Changelog: v3.8.4...v3.8.5

v3.8.4

v3.8.4

Fix

• Fix timeout error message during alerting

Ci

• Move services into k3s cluster

Test

• Correctly clean up self-hosted state when running locally
• Use absolute path in alerting dockerfile
• Fix unset variable during local integration test

Update

• Bump github.com/go-viper/mapstructure/v2
• Bump the gh-actions-packages group across 1 directory with 10 updates
• Bump the gomod-packages group across 1 directory with 15 updates

---

What's Changed

• Move CI services to k8s, multiple test fixes, alerting log error message fix by @Starkteetje in #1951
• update: bump the gomod-packages group across 1 directory with 15 updates by @dependabot in #1957
• update: bump the gh-actions-packages group across 1 directory with 10 updates by @dependabot in #1955
• update: bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.3.0 by @dependabot in #1956
• Develop by @Starkteetje in #1958

Full Changelog: v3.8.3...v3.8.4

v3.8.3

v3.8.3

Update

• Bump version #1938
• Bump the gomod-packages group across 1 directory with 6 updates #1937
• Bump the gh-actions-packages group across 1 directory with 4 updates #1935
• Bump the gomod-packages group across 1 directory with 15 updates #1934

---

What's Changed

• update: bump the gomod-packages group across 1 directory with 15 updates by @dependabot in #1934
• update: bump the gh-actions-packages group across 1 directory with 4 updates by @dependabot in #1935
• update: bump the gomod-packages group across 1 directory with 6 updates by @dependabot in #1937
• update: bump version by @phbelitz in #1938
• v3.8.3 by @phbelitz in #1939

Full Changelog: v3.8.2...v3.8.3

v3.8.2

v3.8.2

Fix

• Linting issue #1904

Ci

• Fix linting issues #1923

Update

• Bump version #1924
• Bump golang in /build in the docker-packages group #1895
• Manual update of packages #1923
• Bump the gh-actions-packages group across 1 directory with 6 updates #1917
• Bump the gomod-packages group across 1 directory with 12 updates #1920
• Bump the gh-actions-packages group across 1 directory with 6 updates #1906
• Bump the gomod-packages group across 1 directory with 16 updates #1905
• Bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5 #1904
• Bump the gh-actions-packages group across 1 directory with 2 updates #1884
• Bump the gomod-packages group with 2 updates #1882

---

What's Changed

• update: bump the gomod-packages group with 2 updates by @dependabot in #1882
• update: bump the gh-actions-packages group across 1 directory with 2 updates by @dependabot in #1884
• update: bump github.com/go-jose/go-jose/v4 from 4.0.4 to 4.0.5 by @dependabot in #1904
• update: bump the gomod-packages group across 1 directory with 16 updates by @dependabot in #1905
• update: bump the gh-actions-packages group across 1 directory with 6 updates by @dependabot in #1906
• update: bump the gomod-packages group across 1 directory with 12 updates by @dependabot in #1920
• update: bump the gh-actions-packages group across 1 directory with 6 updates by @dependabot in #1917
• update: manual update of packages by @phbelitz in #1923
• update: bump golang from 1.23-alpine to 1.24-alpine in /build in the docker-packages group by @dependabot in #1895
• upadte: bump version by @phbelitz in #1924
• Develop by @phbelitz in #1925

Full Changelog: v3.8.1...v3.8.2

v3.8.1

v3.8.1

Ci

• Remove docker package installation #1877

Docs

• Updated badges #1878

Update

• Bump the gomod-packages group across 1 directory with 13 updates #1876
• Bump the gh-actions-packages group across 1 directory with 6 updates #1875
• Bump docker/setup-buildx-action #1863
• Bump the gomod-packages group across 1 directory with 8 updates #1865
• Fix golang.org/x/net vuln #1866

---

What's Changed

• update: fix golang.org/x/net vuln by @phbelitz in #1866
• update: bump the gomod-packages group across 1 directory with 8 updates by @dependabot in #1865
• update: bump docker/setup-buildx-action from 3.7.1 to 3.8.0 in the gh-actions-packages group across 1 directory by @dependabot in #1863
• ci: remove docker package installation by @phbelitz in #1877
• update: bump the gh-actions-packages group across 1 directory with 6 updates by @dependabot in #1875
• update: bump the gomod-packages group across 1 directory with 13 updates by @dependabot in #1876
• docs: updated badges by @phbelitz in #1878
• Develop by @phbelitz in #1879

Full Changelog: v3.8.0...v3.8.1

v3.8.0

v3.8.0

Feat

• Pod disruption budget #1851
• Support single-line json as log format #1846

Ci

• Fix trivy exit code #1858
• Rework ci #1801
• Removed grype action #1841
• Rework integration test step #1841
• Rework sca step #1838
• Rework sast step #1837
• Rework compliance step #1836
• Rework build step #1835

Update

• Bump golang.org/x/crypto from 0.28.0 to 0.31.0 #1860
• Bump the gomod-packages group across 1 directory with 6 updates #1857
• Bump github/codeql-action #1859
• Bump the gh-actions-packages group across 1 directory with 4 updates #1855
• Bump the gomod-packages group with 4 updates #1830
• Bump the gh-actions-packages group across 5 directories with 11 updates #1834
• Bump golang in /build in the docker-packages group #1725

---

What's Changed

• update: bump golang from 1.22-alpine to 1.23-alpine in /build in the docker-packages group by @dependabot in #1725
• update: bump the gh-actions-packages group across 5 directories with 11 updates by @dependabot in #1834
• update: bump the gomod-packages group with 4 updates by @dependabot in #1830
• ci: rework build step by @phbelitz in #1835
• ci: rework compliance step by @phbelitz in #1836
• ci: rework sast step by @phbelitz in #1837
• ci: rework sca step by @phbelitz in #1838
• ci: rework integration test step by @phbelitz in #1841
• Ci/rework by @phbelitz in #1801
• feat: support single-line json as log format by @czenker @phbelitz in #1846
• feat: pod disruption budget by @phbelitz in #1851
• update: bump the gh-actions-packages group across 1 directory with 4 updates by @dependabot in #1855
• ci: fix trivy exit code by @phbelitz in #1858
• update: bump github/codeql-action from 3.27.7 to 3.27.9 in the gh-actions-packages group across 1 directory by @dependabot in #1859
• update: bump the gomod-packages group across 1 directory with 6 updates by @dependabot in #1857
• update: bump golang.org/x/crypto from 0.28.0 to 0.31.0 by @phbelitz in #1860
• Develop by @phbelitz in #1861

Full Changelog: v3.7.1...v3.8.0

v3.7.1

v3.7.1

Fix

• Validation mode lower case #1823
• Change security context of redis image to match redis user #1824

Ci

• Make self-hosted notary test setup more robust #1832
• Enable dependabot for local actions #1810
• Set fallback aws repository for ratelimited trivy dbs #1808
• Update trivy actions to v0.28.0 #1808
• Fix parameter value for container-retention-policy action #1807
• Improve output and runtime of changelog creation script #1800
• Deparallelize publish jobs #1799

Test

• Replace self-hosted notary certificates #1832

Update

• Bump the gh-actions-packages group across 1 directory with 4 updates #1831
• Bump github.com/go-playground/validator/v10 #1825
• Bump the gh-actions-packages group across 1 directory with 4 updates #1827
• Bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 #1812

---

What's Changed

• ci: Deparallelize publish jobs by @Starkteetje in #1799
• ci: Improve output and runtime of changelog creation script by @Starkteetje in #1800
• ci: Fix parameter value for container-retention-policy action by @Starkteetje in #1807
• ci: Set fallback AWS repository for ratelimited trivy DBs by @Starkteetje in #1808
• Fix nightlies on master by @Starkteetje in #1809
• ci: Enable dependabot for local actions by @Starkteetje in #1810
• update: bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 by @dependabot in #1812
• fix: Change security context of Redis image to match redis user by @Starkteetje in #1824
• fix: validation mode lower case by @phbelitz in #1823
• update: bump the gh-actions-packages group across 1 directory with 4 updates by @dependabot in #1827
• update: bump github.com/go-playground/validator/v10 from 10.22.1 to 10.23.0 in the gomod-packages group by @dependabot in #1825
• Fix self-hosted notary test and make setup more robust by @Starkteetje in #1832
• update: bump the gh-actions-packages group across 1 directory with 4 updates by @dependabot in #1831
• Develop by @phbelitz in #1833

Full Changelog: v3.7.0...v3.7.1