Skip to content

v0.4.5

Latest
Latest
Compare
Choose a tag to compare
@alexmwu alexmwu released this 27 Feb 17:21
v0.4.5
09bf13f
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Breaking Changes

Populate the SNP/TDX Machine State field with the verified SNP/TDX attestation data + use a stable COS image version #463

  • Removes verifyGceTechnology export
    Support health monitoring mode for NPD #479
  • Changes signature of spec.GetLaunchPolicy

New Features

Add event-log flag to cmd package #423
add custom nonce flag to cmd package token subcommand #451

Bug Fixes

Fix bug dropping CEL in launcher attestations #438
fix invalid check and restore workaround from #72 #435
Error message should return length of digest #436
[launcher] Fix a concurrent TPM access issue #434
Fix releaser.yaml and ci.yml file on macos #444
Refresh SA auth token in signaturediscovery client before fetching container image signatures #449
Fix an uint conversion #452
[launcher] Try to fix cloudbuild for launcher #458
Release lock if generating attestation returns error #475
Add mutex to failing client to prevent concurrent writes #494

Other Changes

Add PKI and LIMITED_AWS token types for VerifyAttestation. #430
Move verifier package to its own submodule #447
Delte files used for AUR packaging #457
Add version information and fix cloudbuild #455
Update go-sev-guest version and API use #445
Update typo in README.md #459
Add SEV-SNP policy for signed UEFI measurements #446
Update gce-tcb-verifier version. #468
[launcher] Optimize serial read in test #470
[launcher] Switch base image to 113 cos #467
Use confidentialcomputing api v1.6.0 to send SEVSNP attestation #472
Adding EV_EVENT_TAG support for PCR9 #471
Update gce-tcb-verifier dependency #485
remove duplicate error check #488
Log detailed errors if refreshing SA credential goes wrong #481
Use confidentialcomputing api v1.6.0 to send TDX attestation #477
Removed experiment flags that we would no longer consider rolling back #483
Add retry to container signature fetch in agent #489
Export function to extract and validate AK from server #492
Override /dev/shm size only when specified #493
Add tempfs experiment and gate mounting behind it #490
Instantiate backoff strategy per goroutine #496
Remove EnableSignedContainerCache + EnableMeasureMemoryMonitor from container launcher #498
Refactor CEL AppendEvent, to support RTMR #486
Change ParseCosCEL* to return an AttestedCosState #501
[launcher] launcher can expose IPv6 ports as well #505
Add the location of the service we are calling to the API error logs #506
Start NPD after LaunchSpec Verification #507
Send client logs with the cloud logging library #474
[launcher] Add DA lockout params when launching #469
[launcher] Merge upstream/tdx_rtmr #513
Bump the go_modules group across 3 directories with 1 update #512
Bump the go_modules group across 4 directories with 1 update #514
Revert "[launcher] Merge upstream/tdx_rtmr (#513)" #516
Apply retry logics in confidential computing API + workload image puller #511
Change container workload's default OOM Score #522
Reduce NPD full config #520
Add client-side experiment for NPD Health Monitoring config #525
Bump go-sev-guest to v0.12.1 #527
Add AWS Principal Tag type to launcher #515

New Contributors

@savely-krasovsky in #435
@hkolvenbach in #436
@liamjm in #459

Contributors

liamjm, savely-krasovsky, and hkolvenbach
Assets 9
Loading