Skip to content

v0.16.3
Compare
Choose a tag to compare
@github-actions github-actions released this 17 May 05:35
· 9 commits to develop since this release
v0.16.3
c6e1222
This commit was created on github.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

Installation and signature verification

Verify checksums file signature

Install cosign on your system https://docs.sigstore.dev/system_config/installation/

The checksums file provided within the artifacts attached to this release is signed using Cosign with GitHub OIDC. To validate the signature of this file, run the following commands:

# Download the checksums file, certificate, and signature
curl -LO https://github.com/carvel-dev/secretgen-controller/releases/download/v0.16.3/checksums.txt
curl -LO https://github.com/carvel-dev/secretgen-controller/releases/download/v0.16.3/checksums.txt.pem
curl -LO https://github.com/carvel-dev/secretgen-controller/releases/download/v0.16.3/checksums.txt.sig

### Verify the checksums file
cosign verify-blob checksums.txt --certificate checksums.txt.pem --signature checksums.txt.sig --certificate-identity-regexp=https://github.com/carvel-dev --certificate-oidc-issuer=https://token.actions.githubusercontent.com

Installation of secretgen-controller

secretgen-controller can be installed by using kapp

kapp deploy -a sg -f https://github.com/carvel-dev/secretgen-controller/releases/v0.16.3/download/release.yml

or by using kubectl

kubectl deploy -f https://github.com/carvel-dev/secretgen-controller/releases/v0.16.3/download/release.yml

Container Images

secretgen-controller and secretgen-controller-package-bundle images are available in Github Container Registry.

OCI Image URLs

  • ghcr.io/carvel-dev/secretgen-controller@sha256:5f369a7629643b0e8cf2c16d0df0e6d84d4bd84c7d0d303cd1824dd4d7f72c02
  • ghcr.io/carvel-dev/secretgen-controller-package-bundle@sha256:e5a898a284c222e44b00f2609e2fd321d3156558383fd619804328d5b0226d30

Verify container image signature

The container images are signed using Cosign with GitHub OIDC. To validate the signature of OCI images, run the following commands:

# Verifying secretgen-controller image
cosign verify ghcr.io/carvel-dev/secretgen-controller@sha256:5f369a7629643b0e8cf2c16d0df0e6d84d4bd84c7d0d303cd1824dd4d7f72c02 --certificate-identity-regexp=https://github.com/carvel-dev --certificate-oidc-issuer=https://token.actions.githubusercontent.com -o text

# Verifying secretgen-controller-package-bundle image
cosign verify ghcr.io/carvel-dev/secretgen-controller-package-bundle@sha256:e5a898a284c222e44b00f2609e2fd321d3156558383fd619804328d5b0226d30 --certificate-identity-regexp=https://github.com/carvel-dev --certificate-oidc-issuer=https://token.actions.githubusercontent.com -o text

What's Changed

  • Set seccompProfile to RuntimeDefault for secretgen-controller container by @rohitagg2020 in #531

Full Changelog: v0.16.2...v0.16.3

📂 Files Checksum

f46c51ff511d0a0628037879e5f95f6e33e476546e17471efc350abcee932261  ./release.yml
7e1ecfaae6a76405056e2b71c48c2856ef203fdae71285dca37de32163de7ed4  ./package.yml
8f185deaa02964663bc3cedcb7c0af46151676e7c2abc2b69ff04178f87f28fe  ./package-metadata.yml

Contributors

rohitagg2020
Assets 8