Release v3.5.0 · kubernetes-sigs/promo-tools

Changes by Kind

Feature

Added all the Artifact Registry locations available in Feb 2023 to the docker credHelpers for future use. (#740, @upodroid) [SIG Release]
New kpromo sigcheck subcommand to verify and optionally fix images that may hay missing or inconsistent signatures. (#745, @puerco) [SIG Release]
Releng: Bump promoter to v3.5.0 (#753, @cpanato) [SIG Release]
kpromo sigcheck now checks the certificate of the signatures and compares it against an expected identity. If an image is signed by a different service account or user, the promoter will now detect it. Both the expected identity and OIDC issuer default to the Kubernetes signer service account and they can be overridden using --certificate-identity and --certificate-oidc-issuer.
- kpromo sigcheck can now act on ranges of days by specifying --from-days=n --to-days=m still defaults to checking all images from 5 days ago to today. For debugging purposes, the number of checked images can now be limited used --limit . (#767, @puerco) [SIG Release]

Other (Cleanup or Flake)

Changed image.ProdRegistry to "registry.k8s.io" (#669, @upodroid) [SIG Release]

Dependencies

Added

cloud.google.com/go/apigeeregistry: v0.5.0
cloud.google.com/go/apikeys: v0.5.0
github.com/bwesterb/go-ristretto: v1.2.0
github.com/cloudflare/circl: v1.1.0
github.com/google/go-github/v48: v48.2.0
github.com/pjbgf/sha1cd: v0.2.3
github.com/skeema/knownhosts: v1.1.0

Changed

cloud.google.com/go/accessapproval: v1.5.0 → v1.6.0
cloud.google.com/go/accesscontextmanager: v1.4.0 → v1.6.0
cloud.google.com/go/aiplatform: v1.27.0 → v1.35.0
cloud.google.com/go/analytics: v0.12.0 → v0.17.0
cloud.google.com/go/apigateway: v1.4.0 → v1.5.0
cloud.google.com/go/apigeeconnect: v1.4.0 → v1.5.0
cloud.google.com/go/appengine: v1.5.0 → v1.6.0
cloud.google.com/go/area120: v0.6.0 → v0.7.0
cloud.google.com/go/artifactregistry: v1.9.0 → v1.11.1
cloud.google.com/go/asset: v1.10.0 → v1.11.1
cloud.google.com/go/assuredworkloads: v1.9.0 → v1.10.0
cloud.google.com/go/automl: v1.8.0 → v1.12.0
cloud.google.com/go/baremetalsolution: v0.4.0 → v0.5.0
cloud.google.com/go/batch: v0.4.0 → v0.7.0
cloud.google.com/go/beyondcorp: v0.3.0 → v0.4.0
cloud.google.com/go/bigquery: v1.44.0 → v1.47.0
cloud.google.com/go/billing: v1.7.0 → v1.12.0
cloud.google.com/go/binaryauthorization: v1.4.0 → v1.5.0
cloud.google.com/go/certificatemanager: v1.4.0 → v1.6.0
cloud.google.com/go/channel: v1.9.0 → v1.11.0
cloud.google.com/go/cloudbuild: v1.4.0 → v1.6.0
cloud.google.com/go/clouddms: v1.4.0 → v1.5.0
cloud.google.com/go/cloudtasks: v1.8.0 → v1.9.0
cloud.google.com/go/contactcenterinsights: v1.4.0 → v1.6.0
cloud.google.com/go/container: v1.7.0 → v1.13.1
cloud.google.com/go/datacatalog: v1.8.0 → v1.12.0
cloud.google.com/go/dataflow: v0.7.0 → v0.8.0
cloud.google.com/go/dataform: v0.5.0 → v0.6.0
cloud.google.com/go/datafusion: v1.5.0 → v1.6.0
cloud.google.com/go/datalabeling: v0.6.0 → v0.7.0
cloud.google.com/go/dataplex: v1.4.0 → v1.5.2
cloud.google.com/go/dataproc: v1.8.0 → v1.12.0
cloud.google.com/go/dataqna: v0.6.0 → v0.7.0
cloud.google.com/go/datastream: v1.5.0 → v1.6.0
cloud.google.com/go/deploy: v1.5.0 → v1.6.0
cloud.google.com/go/dialogflow: v1.19.0 → v1.31.0
cloud.google.com/go/dlp: v1.7.0 → v1.9.0
cloud.google.com/go/documentai: v1.10.0 → v1.16.0
cloud.google.com/go/domains: v0.7.0 → v0.8.0
cloud.google.com/go/edgecontainer: v0.2.0 → v0.3.0
cloud.google.com/go/essentialcontacts: v1.4.0 → v1.5.0
cloud.google.com/go/eventarc: v1.8.0 → v1.10.0
cloud.google.com/go/filestore: v1.4.0 → v1.5.0
cloud.google.com/go/functions: v1.9.0 → v1.10.0
cloud.google.com/go/gaming: v1.8.0 → v1.9.0
cloud.google.com/go/gkebackup: v0.3.0 → v0.4.0
cloud.google.com/go/gkeconnect: v0.6.0 → v0.7.0
cloud.google.com/go/gkehub: v0.10.0 → v0.11.0
cloud.google.com/go/gkemulticloud: v0.4.0 → v0.5.0
cloud.google.com/go/gsuiteaddons: v1.4.0 → v1.5.0
cloud.google.com/go/iam: v0.10.0 → v0.12.0
cloud.google.com/go/iap: v1.5.0 → v1.6.0
cloud.google.com/go/ids: v1.2.0 → v1.3.0
cloud.google.com/go/iot: v1.4.0 → v1.5.0
cloud.google.com/go/language: v1.8.0 → v1.9.0
cloud.google.com/go/lifesciences: v0.6.0 → v0.8.0
cloud.google.com/go/logging: v1.6.1 → v1.7.0
cloud.google.com/go/longrunning: v0.3.0 → v0.4.1
cloud.google.com/go/managedidentities: v1.4.0 → v1.5.0
cloud.google.com/go/maps: v0.1.0 → v0.6.0
cloud.google.com/go/mediatranslation: v0.6.0 → v0.7.0
cloud.google.com/go/memcache: v1.7.0 → v1.9.0
cloud.google.com/go/metastore: v1.8.0 → v1.10.0
cloud.google.com/go/monitoring: v1.8.0 → v1.12.0
cloud.google.com/go/networkconnectivity: v1.7.0 → v1.10.0
cloud.google.com/go/networkmanagement: v1.5.0 → v1.6.0
cloud.google.com/go/networksecurity: v0.6.0 → v0.7.0
cloud.google.com/go/notebooks: v1.5.0 → v1.7.0
cloud.google.com/go/optimization: v1.2.0 → v1.3.1
cloud.google.com/go/orchestration: v1.4.0 → v1.6.0
cloud.google.com/go/orgpolicy: v1.5.0 → v1.10.0
cloud.google.com/go/osconfig: v1.10.0 → v1.11.0
cloud.google.com/go/oslogin: v1.7.0 → v1.9.0
cloud.google.com/go/phishingprotection: v0.6.0 → v0.7.0
cloud.google.com/go/policytroubleshooter: v1.4.0 → v1.5.0
cloud.google.com/go/privatecatalog: v0.6.0 → v0.7.0
cloud.google.com/go/pubsub: v1.27.1 → v1.28.0
cloud.google.com/go/pubsublite: v1.5.0 → v1.6.0
cloud.google.com/go/recaptchaenterprise/v2: v2.5.0 → v2.6.0
cloud.google.com/go/recommendationengine: v0.6.0 → v0.7.0
cloud.google.com/go/recommender: v1.8.0 → v1.9.0
cloud.google.com/go/redis: v1.10.0 → v1.11.0
cloud.google.com/go/resourcemanager: v1.4.0 → v1.5.0
cloud.google.com/go/resourcesettings: v1.4.0 → v1.5.0
cloud.google.com/go/retail: v1.11.0 → v1.12.0
cloud.google.com/go/run: v0.3.0 → v0.8.0
cloud.google.com/go/scheduler: v1.7.0 → v1.8.0
cloud.google.com/go/secretmanager: v1.9.0 → v1.10.0
cloud.google.com/go/security: v1.10.0 → v1.12.0
cloud.google.com/go/securitycenter: v1.16.0 → v1.18.1
cloud.google.com/go/servicecontrol: v1.5.0 → v1.10.0
cloud.google.com/go/servicedirectory: v1.7.0 → v1.8.0
cloud.google.com/go/servicemanagement: v1.5.0 → v1.6.0
cloud.google.com/go/serviceusage: v1.4.0 → v1.5.0
cloud.google.com/go/shell: v1.4.0 → v1.6.0
cloud.google.com/go/spanner: v1.41.0 → v1.44.0
cloud.google.com/go/speech: v1.9.0 → v1.14.1
cloud.google.com/go/storagetransfer: v1.6.0 → v1.7.0
cloud.google.com/go/talent: v1.4.0 → v1.5.0
cloud.google.com/go/texttospeech: v1.5.0 → v1.6.0
cloud.google.com/go/tpu: v1.4.0 → v1.5.0
cloud.google.com/go/trace: v1.4.0 → v1.8.0
cloud.google.com/go/translate: v1.4.0 → v1.5.0
cloud.google.com/go/video: v1.9.0 → v1.12.0
cloud.google.com/go/videointelligence: v1.9.0 → v1.10.0
cloud.google.com/go/vision/v2: v2.5.0 → v2.6.0
cloud.google.com/go/vmmigration: v1.3.0 → v1.5.0
cloud.google.com/go/vmwareengine: v0.1.0 → v0.2.2
cloud.google.com/go/vpcaccess: v1.5.0 → v1.6.0
cloud.google.com/go/webrisk: v1.7.0 → v1.8.0
cloud.google.com/go/websecurityscanner: v1.4.0 → v1.5.0
cloud.google.com/go/workflows: v1.9.0 → v1.10.0
cloud.google.com/go: v0.107.0 → v0.110.0
github.com/Azure/azure-sdk-for-go: v67.3.0+incompatible → v68.0.0+incompatible
github.com/ProtonMail/go-crypto: 04723f9 → cf6655e
github.com/anmitsu/go-shlex: 648efa6 → 38f4b40
github.com/aws/aws-sdk-go-v2/config: v1.18.8 → v1.18.14
github.com/aws/aws-sdk-go-v2/credentials: v1.13.8 → v1.13.14
github.com/aws/aws-sdk-go-v2/feature/ec2/imds: v1.12.21 → v1.12.23
github.com/aws/aws-sdk-go-v2/internal/configsources: v1.1.27 → v1.1.29
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2: v2.4.21 → v2.4.23
github.com/aws/aws-sdk-go-v2/internal/ini: v1.3.28 → v1.3.30
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url: v1.9.21 → v1.9.23
github.com/aws/aws-sdk-go-v2/service/kms: v1.20.0 → v1.20.4
github.com/aws/aws-sdk-go-v2/service/sso: v1.12.0 → v1.12.3
github.com/aws/aws-sdk-go-v2/service/ssooidc: v1.14.0 → v1.14.3
github.com/aws/aws-sdk-go-v2/service/sts: v1.18.0 → v1.18.4
github.com/aws/aws-sdk-go-v2: v1.17.3 → v1.17.5
github.com/aws/aws-sdk-go: v1.44.202 → v1.44.221
github.com/emirpasic/gods: v1.12.0 → v1.18.1
github.com/gliderlabs/ssh: v0.2.2 → v0.3.5
github.com/go-git/go-git-fixtures/v4: v4.2.1 → v4.3.1
github.com/go-git/go-git/v5: v5.4.2 → v5.5.1
github.com/go-rod/rod: v0.112.3 → v0.112.6
github.com/hashicorp/go-plugin: v1.4.6 → v1.4.5
github.com/hashicorp/vault/api: v1.8.2 → v1.9.0
github.com/hashicorp/vault/sdk: v0.6.1 → v0.6.0
github.com/imdario/mergo: v0.3.12 → v0.3.13
github.com/kevinburke/ssh_config: 4977a11 → v1.2.0
github.com/onsi/ginkgo/v2: v2.1.6 → v2.4.0
github.com/sigstore/rekor: v1.0.0 → v1.0.1
github.com/sigstore/sigstore: v1.5.1 → v1.5.2
github.com/stretchr/testify: v1.8.1 → v1.8.2
github.com/xanzy/ssh-agent: v0.3.0 → v0.3.3
go.step.sm/crypto: v0.20.0 → v0.21.0
golang.org/x/crypto: v0.5.0 → v0.6.0
golang.org/x/mod: v0.7.0 → v0.8.0
golang.org/x/net: v0.6.0 → v0.8.0
golang.org/x/oauth2: v0.5.0 → v0.6.0
golang.org/x/sys: v0.5.0 → v0.6.0
golang.org/x/term: v0.5.0 → v0.6.0
golang.org/x/text: v0.7.0 → v0.8.0
golang.org/x/tools: v0.5.0 → v0.6.0
google.golang.org/api: v0.110.0 → v0.112.0
google.golang.org/genproto: 0dfe4f8 → e74f57a
k8s.io/apimachinery: v0.25.3 → v0.26.0
k8s.io/klog/v2: v2.70.1 → v2.80.1
k8s.io/kube-openapi: 67bda5d → 172d655
k8s.io/utils: ee6ede2 → 1a15be2
sigs.k8s.io/release-sdk: 494c291 → v0.9.7

Removed

github.com/google/go-github/v47: v47.1.0

Full Changelog: v3.4.12...v3.5.0

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

v3.5.0

Changes by Kind

Feature

Other (Cleanup or Flake)

Dependencies

Added

Changed

Removed

Contributors