v3.4.2

Changes by Kind

Feature

• Replace version command to use the one from release-utils (#554, @cpanato) [SIG Release]
• Update release-sdk/utils dependencies (#564, @cpanato) [SIG Release]

Dependencies

Added

• github.com/dsnet/compress: f669936
• github.com/google/gnostic: v0.5.7-v3refs
• github.com/klauspost/pgzip: v1.2.5
• github.com/mholt/archiver/v3: v3.5.1
• github.com/nwaples/rardecode: v1.1.0
• github.com/pelletier/go-toml/v2: v2.0.1
• github.com/pierrec/lz4/v4: v4.1.2
• github.com/transparency-dev/merkle: v0.0.1

Changed

• cloud.google.com/go/compute: v1.5.0 → v1.6.1
• cloud.google.com/go/storage: v1.22.0 → v1.22.1
• cuelang.org/go: v0.4.2 → v0.4.3
• dmitri.shuralyov.com/gpu/mtl: 28db891 → 666a987
• github.com/Azure/azure-sdk-for-go: v63.0.0+incompatible → v63.3.0+incompatible
• github.com/Azure/go-autorest/autorest: v0.11.25 → v0.11.27
• github.com/Microsoft/go-winio: v0.5.1 → v0.5.2
• github.com/armon/go-metrics: v0.3.10 → v0.4.0
• github.com/aws/aws-sdk-go-v2: v1.14.0 → v1.16.4
• github.com/aws/aws-sdk-go: v1.43.30 → v1.43.45
• github.com/aws/smithy-go: v1.11.0 → v1.11.2
• github.com/carolynvs/magex: v0.7.1 → v0.8.1
• github.com/coreos/go-systemd: fd7a80b → e64a0ec
• github.com/docker/distribution: v2.8.0+incompatible → v2.8.1+incompatible
• github.com/envoyproxy/go-control-plane: v0.10.1 → 49ff273
• github.com/frankban/quicktest: v1.13.0 → v1.14.3
• github.com/fsnotify/fsnotify: v1.5.1 → v1.5.4
• github.com/go-openapi/runtime: v0.23.3 → v0.24.1
• github.com/go-rod/rod: v0.104.4 → v0.106.1
• github.com/gobuffalo/attrs: v0.1.0 → a9411de
• github.com/gobuffalo/envy: v1.9.0 → v1.7.0
• github.com/gobuffalo/logger: v1.0.3 → 86e12af
• github.com/gobuffalo/packd: v1.0.0 → v0.1.0
• github.com/gobuffalo/packr/v2: v2.8.0 → v2.2.0
• github.com/google/go-cmp: v0.5.7 → v0.5.8
• github.com/google/go-containerregistry/pkg/authn/k8schain: f1fa40b → f1b065c
• github.com/googleapis/gax-go/v2: v2.2.0 → v2.4.0
• github.com/hashicorp/go-plugin: v1.4.3 → v1.4.4
• github.com/hashicorp/go-retryablehttp: v0.7.0 → v0.7.1
• github.com/hashicorp/go-secure-stdlib/parseutil: v0.1.3 → v0.1.5
• github.com/hashicorp/go-uuid: v1.0.2 → v1.0.3
• github.com/hashicorp/go-version: v1.4.0 → v1.5.0
• github.com/hashicorp/serf: v0.9.6 → v0.9.7
• github.com/hashicorp/vault/sdk: v0.4.1 → v0.5.0
• github.com/jmoiron/sqlx: v1.3.4 → v1.2.0
• github.com/karrick/godirwalk: v1.16.1 → v1.10.3
• github.com/magiconair/properties: v1.8.5 → v1.8.6
• github.com/markbates/oncer: v1.0.0 → bf2de49
• github.com/mattn/go-sqlite3: v2.0.3+incompatible → v1.9.0
• github.com/mitchellh/mapstructure: v1.4.3 → v1.5.0
• github.com/pelletier/go-toml: v1.9.4 → v1.9.5
• github.com/rogpeppe/go-internal: v1.8.0 → v1.8.1
• github.com/sagikazarmark/crypt: v0.4.0 → v0.6.0
• github.com/secure-systems-lab/go-securesystemslib: v0.3.1 → v0.4.0
• github.com/sigstore/cosign: v1.7.1 → v1.9.0
• github.com/sigstore/sigstore: 0e610e3 → 3d41663
• github.com/spf13/afero: v1.8.0 → v1.8.2
• github.com/spf13/cast: v1.4.1 → v1.5.0
• github.com/spf13/viper: v1.10.1 → v1.12.0
• github.com/spiffe/go-spiffe/v2: v2.0.0 → v2.1.0
• github.com/stretchr/testify: v1.7.1 → v1.7.2
• github.com/subosito/gotenv: v1.2.0 → v1.3.0
• github.com/theupdateframework/go-tuf: f0c3294 → v0.3.0
• github.com/xanzy/go-gitlab: v0.61.0 → v0.68.0
• github.com/ysmood/goob: v0.3.1 → v0.4.0
• github.com/ysmood/got: v0.19.1 → v0.15.1
• github.com/ysmood/gotrace: v0.4.0 → v0.2.2
• github.com/ysmood/gson: v0.7.0 → v0.7.1
• go.etcd.io/etcd/api/v3: v3.5.1 → v3.5.4
• go.etcd.io/etcd/client/pkg/v3: v3.5.1 → v3.5.4
• go.etcd.io/etcd/client/v2: v2.305.1 → v2.305.4
• go.etcd.io/etcd/client/v3: v3.5.0 → v3.5.4
• golang.org/x/crypto: 8634188 → 7b82a4e
• golang.org/x/mobile: e6ae53a → d2bd2a2
• golang.org/x/net: de3da57 → 5463443
• golang.org/x/oauth2: 6242fa9 → 622c5d5
• golang.org/x/sync: 036812b → 0976fa6
• golang.org/x/sys: d36c6a2 → bc2c85a
• golang.org/x/time: 0e9765c → 583f2d6
• golang.org/x/xerrors: 5ec99f8 → f3a8303
• google.golang.org/api: v0.74.0 → v0.82.0
• google.golang.org/genproto: 9d70989 → 00d5c0f
• google.golang.org/grpc: v1.45.0 → v1.46.2
• gopkg.in/ini.v1: v1.66.2 → v1.66.4
• gopkg.in/yaml.v3: 496545a → v3.0.1
• k8s.io/api: v0.23.5 → v0.24.0
• k8s.io/apimachinery: v0.23.5 → v0.24.1
• k8s.io/client-go: v0.23.5 → v0.24.0
• k8s.io/code-generator: v0.23.5 → v0.23.6
• k8s.io/klog/v2: 43cc75f → v2.60.1
• k8s.io/kube-openapi: 4241196 → 3ee0da9
• sigs.k8s.io/release-sdk: 3018c78 → v0.9.0
• sigs.k8s.io/release-utils: d4a2a2f → v0.7.0

Removed

• github.com/DATA-DOG/go-sqlmock: v1.5.0
• github.com/DataDog/zstd: v1.4.5
• github.com/facebookgo/ensure: 63f1cf6
• github.com/facebookgo/stack: 7517733
• github.com/facebookgo/subset: c811ad8
• github.com/gobuffalo/fizz: v1.10.0
• github.com/gobuffalo/genny/v2: v2.0.5
• github.com/gobuffalo/github_flavored_markdown: v1.1.0
• github.com/gobuffalo/helpers: v0.6.1
• github.com/gobuffalo/nulls: v0.2.0
• github.com/gobuffalo/plush/v4: v4.0.0
• github.com/gobuffalo/pop/v5: v5.3.1
• github.com/gobuffalo/tags/v3: [v3.1.0](https://github.com/gobuffalo/tags...

v3.4.1

Changes by Kind

Feature

• The image promoter will now carry existing image signatures to the destination registries and append the new signatures to them when signing with the promoter idenity (#542, @puerco)

Dependencies

Added

• github.com/googleapis/go-type-adapters: v1.0.0

Changed

• cloud.google.com/go/storage: v1.21.0 → v1.22.0
• github.com/cenkalti/backoff/v4: v4.1.2 → v4.1.3
• google.golang.org/genproto: acbaeb5 → 9d70989
• sigs.k8s.io/release-sdk: v0.8.0 → 3018c78

Removed

Nothing has changed.

Container image: registry.k8s.io/artifact-promoter/kpromo:v3.4.1-1

Full Changelog: v3.4.0...v3.4.1

v3.4.0

Changes by Kind

Deprecation

• cip-mm: Add deprecation notices in documentation and remove targets
• Move cip-mm to kpromo mm (#507, @justaugustus)

Feature

• Add --image flag to kpromo pr to allow filtering by images (#482, @CecileRobertMichon)
• image/manifest: Support multiple images, tags, or digests in Grow() (#509, @justaugustus)
• The bom canary now promotes to two registries to test copying the signatures (#535, @puerco)
• The image promoter will now check for digital signatures in images considered
  for promotion. If signatures are found, they will be verified. If a manifest
  contains images with invalid signatures, the failed verification will cause
  the promotion to fail. All images without signatures are not be verified and
  are accepted for promotion as usual. (#498, @puerco)
• kpromo now signs container images using the sigstore keyless flow. Signing identity can be specified with a new flag --signer-account. In addition, image signing can be enabled/disabled using --sign. (#501, @puerco)

Design

• Rename filepromoter package to promoter/file (#497, @justaugustus)
• The Big Image Promoter Refactor: The image promoter code (kpromo cip) code has been completely refactored to make it cleaner and to to get it ready for image signing and image mirroring to other projects (#494, @puerco)

Bug or Regression

• Fixed quoted build date in version subcommands. (#522, @saschagrunert)
• kpromo pr: Support non-SemVer image tags (#527, @wespanther)

Other (Cleanup or Flake)

• dockerregistry: Initial refactor to reduce package complexity (#512, @justaugustus)
• Fixed a bug where the wrong identity was picked up when winning by bumping release-sdk to version v0.8.0 (#534, @puerco)
• internal: Prevent legacy packages from being consumed
• internal/legacy: Move basic image types into types/image (#511, @justaugustus)
• Non-recursive registry reads are now re-implemented in go-containerregistry.
• Registry reads during image promotion are now performed using the new GGCR implementation (#513, @puerco)
• There is a new implementation of the registry inventorying function using google/go-containerregistry. The snapshot code is now wired to use the new implementation. (#505, @puerco)

Dependencies

Added

• 4d63.com/gochecknoglobals: v0.1.0
• bitbucket.org/creachadair/shell: v0.0.6
• bou.ke/monkey: v1.0.2
• cloud.google.com/go/compute: v1.5.0
• cloud.google.com/go/iam: v0.3.0
• cloud.google.com/go/kms: v1.4.0
• cloud.google.com/go/monitoring: v1.1.0
• cloud.google.com/go/secretmanager: v1.0.0
• cloud.google.com/go/security: v1.1.1
• cloud.google.com/go/spanner: v1.25.0
• cloud.google.com/go/trace: v1.0.0
• code.gitea.io/sdk/gitea: v0.11.3
• contrib.go.opencensus.io/exporter/aws: c478e41
• contrib.go.opencensus.io/exporter/ocagent: 05415f1
• contrib.go.opencensus.io/exporter/prometheus: v0.4.0
• contrib.go.opencensus.io/exporter/stackdriver: v0.13.10
• contrib.go.opencensus.io/exporter/zipkin: v0.1.2
• contrib.go.opencensus.io/integrations/ocsql: v0.1.7
• contrib.go.opencensus.io/resource: v0.1.1
• cuelang.org/go: v0.4.2
• filippo.io/edwards25519: v1.0.0-rc.1
• github.com/AdaLogics/go-fuzz-headers: f7be0cb
• github.com/Antonboom/errname: v0.1.5
• github.com/Antonboom/nilnil: v0.1.0
• github.com/Azure/azure-amqp-common-go/v2: v2.1.0
• github.com/Azure/azure-amqp-common-go/v3: v3.2.2
• github.com/Azure/azure-pipeline-go: v0.2.3
• github.com/Azure/azure-service-bus-go: v0.11.5
• github.com/Azure/azure-storage-blob-go: v0.14.0
• github.com/Azure/go-amqp: v0.16.4
• github.com/Azure/go-autorest/autorest/azure/auth: v0.5.11
• github.com/Azure/go-autorest/autorest/azure/cli: v0.4.5
• github.com/Azure/go-autorest/autorest/to: v0.4.0
• github.com/Azure/go-autorest/autorest/validation: v0.3.1
• github.com/DATA-DOG/go-sqlmock: v1.5.0
• github.com/DataDog/datadog-go: v3.2.0+incompatible
• github.com/DataDog/zstd: v1.4.5
• github.com/Djarvur/go-err113: aea10b5
• github.com/GoogleCloudPlatform/cloudsql-proxy: v1.27.0
• github.com/Knetic/govaluate: 9aa4983
• github.com/Masterminds/goutils: v1.1.1
• github.com/Masterminds/semver/v3: v3.1.1
• github.com/Masterminds/semver: v1.5.0
• github.com/Masterminds/sprig/v3: v3.2.2
• github.com/Masterminds/sprig: v2.22.0+incompatible
• github.com/OpenPeeDeeP/depguard: v1.0.1
• github.com/PaesslerAG/gval: v1.0.0
• github.com/PaesslerAG/jsonpath: v0.1.1
• github.com/ReneKroon/ttlcache/v2: v2.11.0
• github.com/Shopify/sarama: v1.19.0
• github.com/Shopify/toxiproxy: v2.1.4+incompatible
• github.com/StackExchange/wmi: v1.2.1
• github.com/ThalesIgnite/crypto11: v1.2.5
• github.com/VividCortex/gohistogram: v1.0.0
• github.com/afex/hystrix-go: fa1af6a
• github.com/agnivade/levenshtein: v1.0.1
• github.com/alecthomas/kingpin: v2.2.6+incompatible
• github.com/alexkohler/prealloc: v1.0.0
• github.com/andreyvit/diff: c7f18ee
• github.com/aokoli/goutils: v1.0.1
• github.com/apache/beam: v2.32.0+incompatible
• github.com/apache/thrift: v0.13.0
• github.com/apex/log: v1.1.4
• github.com/apex/logs: v0.0.4
• github.com/aphistic/golf: 02c07f1
• github.com/aphistic/sweet: v0.2.0
• github.com/aryann/difflib: e206f87
• github.com/ashanbrown/forbidigo: v1.2.0
• github.com/ashanbrown/makezero: b626158
• github.com/aws/aws-lambda-go: v1.13.3
• github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream: v1.0.0
• github.com/aws/aws-sdk-go-v2/config: v1.14.0
• github.com/aws/aws-sdk-go-v2/credentials: v1.9.0
• github.com/aws/aws-sdk-go-v2/feature/ec2/imds: v1.11.0
• github.com/aws/aws-sdk-go-v2/feature/s3/manager: v1.7.1
• github.com/aws/aws-sdk-go-v2/internal/configsources: v1.1.5
• github.com/aws/aws-sdk-go-v2/internal/endpoints/v2: v2.3.0
• github.com/aws/aws-sdk-go-v2/internal/ini: v1.3.6
• github.com/aws/aws-sdk-go-v2/service/ecr: v1.15.0
• github.com/aws/aws-sdk-go-v2/service/ecrpublic: v1.12.0
• github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding: v1.5.0
• github.com/aws/aws-sdk-go-v2/service/internal/presigned-url: v1.8.0
• github.com/aws/aws-sdk-go-v2/service/internal/s3shared: v1.9.0
• github.com/aws/aws-sdk-go-v2/service/kms: v1.10.0
• github.com/aws/aws-sdk-go-v2/service/s3: [v1.19.0...

v3.3.0

Changes by Kind

Deprecation

• Filepromoter: Prefer Confirm instead of DryRun
  Consumers should use kpromo run files --confirm ... instead of kpromo run files --dry-run=false ...
• Build v3.3.0-beta.0-1 images (#437, @justaugustus)
• Legacy: Remove unused code paths (#468, @justaugustus)
• Move gh2gcs functionality to kpromo gh
• Build v3.3.0-beta.1-1 images (#441, @justaugustus)

Feature

• Add kpromo manifest validate subcommand to check manifest files and dir structures (#419, @puerco)
• Created a script to find how many HTTP requests it takes to validate a given sub-project. (#399, @tylerferrara)
• Created script to test GCR throttling (#393, @tylerferrara)
• Inject build information during tool installation (#440, @cpanato)
• Kpromo cip: Initial parent image verification work (#351, @tylerferrara)
• Kpromo: Add krel promote-images functionality
• kpromo(pr): Remove dependency on k8s.io/release
• kpromo(pr): Enable as subcommand of kpromo
• kpromo(pr): Move image promoter constructs to separate package
• kpromo: Build v3.3.0-beta.2-1 image (#458, @justaugustus)

Bug or Regression

• Add container-structure-test to validate Docker config file

• Dockerfile: Explicitly specify root home dir when copying Docker conf

• Build v3.3.0-beta.1-3 images (#446, @justaugustus)

• Dockerfile: Copy Docker config file to $HOME/.docker/config.json

  The Docker configuration file (which include credential helpers for
  authenticating to various container registries) should be placed in the home
  directory of the running user, so it can be detected by artifact promotion
  tooling.

• Build v3.3.0-beta.1-2 images (#443, @xmudrii)

• Dockerfile: Restore Docker configuration to production container
  The config.json Docker configuration file stored in this repo
  contains credential helper information necessary to direct the
  promoter to use gcloud when attempting to authenticate to GCR.

  Without it, image promotion jobs will fail.

  ref: https://cloud.google.com/container-registry/docs/advanced-authentication

• Build v3.3.0-beta.0-2 images (#442, @justaugustus)

• Kpromo: add missing spaces after project and reviewers args in PR body (#464, @CecileRobertMichon)

• Kpromo: add quotes around reviewers in command print (#465, @CecileRobertMichon)

Other (Cleanup or Flake)

• Kpromo: Replace fork functions with sigs.k8s.io/release-sdk analogs
  Using sigs.k8s.io/[email protected]
• kpromo(pr): Only append "releng: " to commit msg for RelEng promotions (#460, @justaugustus)
• Move container image promotion commands into kpromo
  Command ergonomics remain roughly the same e.g.,
  cip run ... becomes kpromo cip ... (#434, @justaugustus)
• Update to github.com/google/[email protected] (#461, @justaugustus)

Dependencies

Added

• github.com/bits-and-blooms/bitset: v1.2.0
• github.com/checkpoint-restore/go-criu/v5: v5.0.0
• github.com/danieljoos/wincred: v1.1.0
• github.com/google/go-github/v39: v39.1.0
• github.com/vbatts/tar-split: v0.11.2

Changed

• cloud.google.com/go/storage: v1.16.1 → v1.18.2
• cloud.google.com/go: v0.94.1 → v0.98.0
• github.com/Microsoft/go-winio: v0.5.0 → v0.5.1
• github.com/Microsoft/hcsshim: v0.8.16 → v0.8.23
• github.com/cenkalti/backoff/v4: v4.1.1 → v4.1.2
• github.com/cilium/ebpf: v0.4.0 → v0.6.2
• github.com/cncf/udpa/go: 5459f2c → 04548b0
• github.com/cncf/xds/go: fbca930 → cb28da3
• github.com/containerd/containerd: v1.5.2 → v1.5.8
• github.com/containerd/stargz-snapshotter/estargz: v0.7.0 → v0.10.1
• github.com/containerd/ttrpc: v1.0.2 → v1.1.0
• github.com/cpuguy83/go-md2man/v2: v2.0.0 → v2.0.1
• github.com/docker/cli: v20.10.7+incompatible → v20.10.11+incompatible
• github.com/docker/docker-credential-helpers: v0.6.3 → v0.6.4
• github.com/docker/docker: v20.10.7+incompatible → v20.10.11+incompatible
• github.com/envoyproxy/go-control-plane: 63b5d3c → cf90f65
• github.com/google/go-containerregistry: v0.6.0 → abdc633
• github.com/google/go-querystring: v1.0.0 → v1.1.0
• github.com/googleapis/gax-go/v2: v2.1.0 → v2.1.1
• github.com/gorilla/mux: v1.7.3 → v1.8.0
• github.com/klauspost/compress: v1.13.0 → v1.13.6
• github.com/opencontainers/image-spec: 79b036d → 693428a
• github.com/opencontainers/runc: v1.0.0-rc93 → v1.0.2
• github.com/opencontainers/runtime-spec: e6143ca → 1c3f411
• github.com/opencontainers/selinux: v1.8.0 → v1.8.2
• github.com/urfave/cli: v1.22.2 → v1.22.4
• golang.org/x/crypto: 5ff15b2 → 32db794
• golang.org/x/net: abc4532 → 6a13c67
• golang.org/x/oauth2: 2bc19b1 → d3ed0bb
• golang.org/x/sys: aa78b53 → 97ca703
• google.golang.org/api: v0.57.0 → v0.62.0
• google.golang.org/genproto: d08c68a → 54befc3
• google.golang.org/grpc: v1.40.0 → v1.42.0
• sigs.k8s.io/release-sdk: v0.2.0 → v0.5.0
• sigs.k8s.io/yaml: v1.2.0 → v1.3.0

Removed

• github.com/google/go-github/v37: v37.0.0

New Contributors

• @xmudrii made their first contribution in #443
• @CecileRobertMichon made their first contribution in #464
• @puerco made their first contribution in #419
• @johngmyers made their first contribution in #472

Full Changelog: v3.2.1...v3.3.0

v3.3.0-beta.3

What's Changed

• build(deps): bump google.golang.org/api from 0.56.0 to 0.57.0 by @dependabot in #431
• Update references to default development branch by @justaugustus in #429
• drop wg/k8s-infra label by @spiffxp in #432
• docs: mv wg-k8s-infra sig-k8s-infra by @spiffxp in #433
• build(deps): bump sigs.k8s.io/yaml from 1.2.0 to 1.3.0 by @dependabot in #435
• Move container image promotion commands into kpromo by @justaugustus in #434
• build(deps): bump google.golang.org/api from 0.57.0 to 0.58.0 by @dependabot in #438
• build(deps): bump cloud.google.com/go/storage from 1.16.1 to 1.17.0 by @dependabot in #439
• filepromoter: Prefer Confirm instead of DryRun by @justaugustus in #437
• Inject build information during tool installation by @cpanato in #440
• Dockerfile: Restore Docker configuration to production container by @justaugustus in #442
• Move gh2gcs functionality to kpromo gh by @justaugustus in #441
• Dockerfile: Copy Docker config file to $HOME/.docker/config.json by @xmudrii in #443
• Dockerfile: Explicitly specify root home dir when copying Docker conf by @justaugustus in #446
• build(deps): bump sigs.k8s.io/release-sdk from 0.2.0 to 0.3.0 by @dependabot in #447
• build(deps): bump cloud.google.com/go/storage from 1.17.0 to 1.18.0 by @dependabot in #449
• build(deps): bump cloud.google.com/go/storage from 1.18.0 to 1.18.1 by @dependabot in #451
• build(deps): bump cloud.google.com/go/storage from 1.18.1 to 1.18.2 by @dependabot in #452
• build(deps): bump google.golang.org/api from 0.58.0 to 0.59.0 by @dependabot in #453
• build(deps): bump google.golang.org/api from 0.59.0 to 0.60.0 by @dependabot in #454
• build(deps): bump github.com/cenkalti/backoff/v4 from 4.1.1 to 4.1.2 by @dependabot in #455
• build(deps): bump github.com/google/go-containerregistry from 0.6.0 to 0.7.0 by @dependabot in #456
• Remove references to vulndash by @xmudrii in #457
• build(deps): bump sigs.k8s.io/release-sdk from 0.3.0 to 0.4.0 by @dependabot in #459
• kpromo: Add krel promote-images functionality by @justaugustus in #458
• kpromo(pr): Minor cleanups by @justaugustus in #460
• Update to github.com/google/go-containerregistry@main by @justaugustus in #461
• Docs reshuffle by @justaugustus in #462
• kpromo: add missing spaces after project and reviewers args in PR body by @CecileRobertMichon in #464
• kpromo: add quotes around reviewers in command print by @CecileRobertMichon in #465
• build(deps): bump google.golang.org/api from 0.60.0 to 0.61.0 by @dependabot in #466
• Find how many HTTP requests it takes to validate a given sub-project by @tylerferrara in #399
• Created script to test GCR throttling by @tylerferrara in #393
• Add kpromo manifest validate subcommand by @puerco in #419
• kpromo cip: Initial parent image verification work by @tylerferrara in #351

New Contributors

• @xmudrii made their first contribution in #443
• @CecileRobertMichon made their first contribution in #464
• @puerco made their first contribution in #419

Full Changelog: v3.2.1...v3.3.0-beta.3

v3.3.0-beta.2

What's Changed

• build(deps): bump google.golang.org/api from 0.56.0 to 0.57.0 by @dependabot in #431
• Update references to default development branch by @justaugustus in #429
• drop wg/k8s-infra label by @spiffxp in #432
• docs: mv wg-k8s-infra sig-k8s-infra by @spiffxp in #433
• build(deps): bump sigs.k8s.io/yaml from 1.2.0 to 1.3.0 by @dependabot in #435
• Move container image promotion commands into kpromo by @justaugustus in #434
• build(deps): bump google.golang.org/api from 0.57.0 to 0.58.0 by @dependabot in #438
• build(deps): bump cloud.google.com/go/storage from 1.16.1 to 1.17.0 by @dependabot in #439
• filepromoter: Prefer Confirm instead of DryRun by @justaugustus in #437
• Inject build information during tool installation by @cpanato in #440
• Dockerfile: Restore Docker configuration to production container by @justaugustus in #442
• Move gh2gcs functionality to kpromo gh by @justaugustus in #441
• Dockerfile: Copy Docker config file to $HOME/.docker/config.json by @xmudrii in #443
• Dockerfile: Explicitly specify root home dir when copying Docker conf by @justaugustus in #446
• build(deps): bump sigs.k8s.io/release-sdk from 0.2.0 to 0.3.0 by @dependabot in #447
• build(deps): bump cloud.google.com/go/storage from 1.17.0 to 1.18.0 by @dependabot in #449
• build(deps): bump cloud.google.com/go/storage from 1.18.0 to 1.18.1 by @dependabot in #451
• build(deps): bump cloud.google.com/go/storage from 1.18.1 to 1.18.2 by @dependabot in #452
• build(deps): bump google.golang.org/api from 0.58.0 to 0.59.0 by @dependabot in #453
• build(deps): bump google.golang.org/api from 0.59.0 to 0.60.0 by @dependabot in #454
• build(deps): bump github.com/cenkalti/backoff/v4 from 4.1.1 to 4.1.2 by @dependabot in #455
• build(deps): bump github.com/google/go-containerregistry from 0.6.0 to 0.7.0 by @dependabot in #456
• Remove references to vulndash by @xmudrii in #457
• build(deps): bump sigs.k8s.io/release-sdk from 0.3.0 to 0.4.0 by @dependabot in #459
• kpromo: Add krel promote-images functionality by @justaugustus in #458
• kpromo(pr): Minor cleanups by @justaugustus in #460

New Contributors

• @xmudrii made their first contribution in #443

Full Changelog: v3.2.1...v3.3.0-beta.2

v3.3.0-beta.1

What's Changed

• build(deps): bump google.golang.org/api from 0.56.0 to 0.57.0 by @dependabot in #431
• Update references to default development branch by @justaugustus in #429
• drop wg/k8s-infra label by @spiffxp in #432
• docs: mv wg-k8s-infra sig-k8s-infra by @spiffxp in #433
• build(deps): bump sigs.k8s.io/yaml from 1.2.0 to 1.3.0 by @dependabot in #435
• Move container image promotion commands into kpromo by @justaugustus in #434
• build(deps): bump google.golang.org/api from 0.57.0 to 0.58.0 by @dependabot in #438
• build(deps): bump cloud.google.com/go/storage from 1.16.1 to 1.17.0 by @dependabot in #439
• filepromoter: Prefer Confirm instead of DryRun by @justaugustus in #437
• Inject build information during tool installation by @cpanato in #440
• Dockerfile: Restore Docker configuration to production container by @justaugustus in #442
• Move gh2gcs functionality to kpromo gh by @justaugustus in #441

Full Changelog: v3.2.1...v3.3.0-beta.1

v3.3.0-beta.0

What's Changed

• build(deps): bump google.golang.org/api from 0.56.0 to 0.57.0 by @dependabot in #431
• Update references to default development branch by @justaugustus in #429
• drop wg/k8s-infra label by @spiffxp in #432
• docs: mv wg-k8s-infra sig-k8s-infra by @spiffxp in #433
• build(deps): bump sigs.k8s.io/yaml from 1.2.0 to 1.3.0 by @dependabot in #435
• Move container image promotion commands into kpromo by @justaugustus in #434
• build(deps): bump google.golang.org/api from 0.57.0 to 0.58.0 by @dependabot in #438
• build(deps): bump cloud.google.com/go/storage from 1.16.1 to 1.17.0 by @dependabot in #439
• filepromoter: Prefer Confirm instead of DryRun by @justaugustus in #437

Full Changelog: v3.2.1...v3.3.0-beta.0

v3.2.1

What's Changed

• cloudbuild.yaml: Re-enable image checks for CIP + auditor by @justaugustus in #427
• Module rename: sigs.k8s.io/k8s-container-image-promoter --> sigs.k8s.io/promo-tools by @justaugustus in #428

Full Changelog: v3.2.0...v3.2.1

v3.2.0

What's Changed

• Lintlintlint by @justaugustus in #416
• filepromoter: Warn on (but don't block) unauthenticated operations by @justaugustus in #417
• testing: Add fakes for file promotion packages (via counterfeiter) by @justaugustus in #418
• filepromoter: Allow authenticated clients in non-production runs by @justaugustus in #420
• filepromoter: Build unauthenticated client for source filestores by @justaugustus in #422
• OWNERS cleanup by @justaugustus in #421
• Migrate gh2gcs tool/packages into repo by @justaugustus in #423
• cmd/cip: Default to non-production runs with --confirm by @justaugustus in #285
• go.mod: Init v3 module by @justaugustus in #425
• v3.2.0: Release commit by @justaugustus in #426

Full Changelog: v1.338.0...v3.2.0