v0.1.6

Changelog

Updates:

• Validate resources with Rego policies with default policies maintained by the community at intelops/policyhub
• Validate resources with policies stored in your OCI-compliant container registries
• Create a boilerplate workspace to work with cue command

What's Changed

• Refactor rego validation by @santoshkal in #111
• Enhance artifact pull and push commands by @santoshkal in #112
• Fix bugs discovered in v0.1.6 by @santoshkal in #113

Full Changelog: v0.1.5...v0.1.6

v0.1.5

Changelog

v0.1.4

Changelog

v0.1.3

Changelog

v0.1.2

Changelog

• a4e242c Upgrade: Bump github.com/jedib0t/go-pretty/v6 from 6.5.8 to 6.5.9 (#70)
• 29fb038 Upgrade: Bump golang.org/x/oauth2 from 0.19.0 to 0.20.0 (#71)
• 5878839 Add description as additional column in Rego validation results (#69)
• 10dca6d Upgrade: Bump cuelang.org/go from 0.8.1 to 0.8.2 (#67)
• c896dc2 Upgrade: Bump github.com/open-policy-agent/opa from 0.63.0 to 0.64.1 (#68)
• a3030f0 Add devcontaioner and related Dockerfile (#66)
• c469263 Upgrade: Bump golang.org/x/net from 0.22.0 to 0.24.0 (#62)
• 5f6411c Fix bugs in v0.1.0 (#60)
• 10baf50 Upgrade: Bump github.com/sigstore/cosign/v2 from 2.2.3 to 2.2.4 (#61)
• 8f5b288 Upgrade: Bump github.com/sigstore/sigstore from 1.8.1 to 1.8.3 (#55)
• a69ad15 Upgrade: Bump github.com/jedib0t/go-pretty/v6 from 6.5.6 to 6.5.8 (#56)
• 180513a Upgrade: Bump cuelang.org/go from 0.8.0 to 0.8.1 (#57)
• 0ff9305 Upgrade: Bump golang.org/x/oauth2 from 0.18.0 to 0.19.0 (#58)
• 6ed448a Upgrade: Bump github.com/google/go-containerregistry (#59)
• a68d39e Fix Cosign verification step in CI (#52)
• 706170a Fix failing cosign verification script (#50)
• 35d1d63 Upgrade: Bump gopkg.in/go-jose/go-jose.v2 from 2.6.1 to 2.6.3 (#47)
• 2945837 Upgrade: Bump github.com/docker/docker (#48)
• f636e8e Upgrade: Bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 (#49)
• 4240af9 Merge pull request #46 from intelops/cobra-cli
• d4186d6 Add auth instruction for artifact commands
• b83493e Update README
• c4bb0d6 Fix: update GetCreds to conditionally fetch credentials
• 4918840 Add verification of cuemod by providing cosign public key
• 0d79f5b WIP: Add signature verification step for cuemod init. Remove user:pass auth from artifact push
• 24e2230 WIP: add user:pass auth to push command
• 04601bd WIP: update auth workflow to authenticate with registries
• 9dc3c41 WIP: test celval dockerfileval
• b89b39a Update and test policies and examples for celval terraform validation using CEL
• d624814 Fix dir names for archive and extracted path for cuemod init
• 94d648b Update release workflow to sign and verify all the build artifacts during a new tagged release
• 7830626 Add new version for cuemod init sub command
• bacf957 Add first cut for cuemod init sub command
• 5e2e332 Update go.mod
• dd5bed9 Add new command structure, TODO: add examples for all subcommands
• 60d1307 Updae BuildArtifact() to maintain dir structure, and source/dest args URL needs be in begin with oci:// for artifcat pull/push
• 3f11b3a Update build path in Makefile
• 1c21f47 Update GetDefinition(), and add examples for Cue command
• 8298845 Add fatih/color to cue result
• 3800bb5 Add banner to rootCmd
• 8a34708 Tested version of cue subcommand
• 23db7cc Remove debug line
• 3a9d2f2 Test verification with cosign pub key, and add addition verification results to StdOut
• 93e277c Add fist cut of cue subcommand, remove cue.mod from dependency
• 02ea12a Add working version of artifact pull command
• a397639 First cut of working cosign verification in artifact pull command
• 2a2e1f8 Test Artifact verification - Failing verification
• a5a9054 Add artifact push subcommand with cosign sign functionality
• 5fddc57 Add artifact build subcommand to build a tarball from provided input
• 09dd12e Add artifact subcommand, for OCI operations
• 1546f4d Add version command
• 87ea054 Add tf subcommand for validating Terraform files
• e9f16ec Add showJSON helper subcommand
• 7399582 Add cel subcommand for validating Kubernetes manifests with CEL policies
• a70f90d Add dockerval subcommand for validating Dockerfile indipendently
• 666e868 Add k8s subcommand for vidating Kubernetes manifests with Rego policies
• a25a03b Add usage examples for container subcommand run gofumpt formatter
• c94fac9 Fix file reading from URLs
• 68f4bd7 Update Makefile for build target
• b18444f Refactor integrating Cobra framework for CLI commands
• a82b158 Upgrade: Bump github.com/open-policy-agent/opa from 0.62.1 to 0.63.0 (#44)
• dc5c82a Upgrade: Bump github.com/hashicorp/hcl/v2 from 2.20.0 to 2.20.1 (#45)
• 29b7d1f Upgrade: Bump cuelang.org/go from 0.7.1 to 0.8.0 (#40)
• 2267ece Upgrade: Bump github.com/jedib0t/go-pretty/v6 from 6.5.4 to 6.5.6 (#42)
• 13dd292 Upgrade: Bump github.com/zclconf/go-cty from 1.14.3 to 1.14.4 (#43)
• d49ae6a Upgrade: Bump github.com/open-policy-agent/opa from 0.62.0 to 0.62.1 (#37)
• 9a9282e Upgrade: Bump github.com/google/cel-go from 0.20.0 to 0.20.1 (#38)
• b8952a7 Upgrade: Bump google.golang.org/protobuf from 1.32.0 to 1.33.0 (#39)
• 2bd1116 Upgrade: Bump github.com/hashicorp/hcl/v2 from 2.19.1 to 2.20.0 (#33)
• dbc6772 Upgrade: Bump github.com/zclconf/go-cty from 1.14.2 to 1.14.3 (#34)
• 6839db2 Upgrade: Bump github.com/open-policy-agent/opa from 0.61.0 to 0.62.0 (#32)
• f62a19d Upgrade: Bump golang.org/x/oauth2 from 0.16.0 to 0.18.0 (#36)
• c80d9f5 Upgrade: Bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (#35)
• 2aef866 Merge pull request #27 from intelops/directory
• a86cc2f Fix Linting error
• 70334f4 Refactor to read file from URLs for all modes
• aadd9a4 Update README reg requirement of authenticating to GitHub for providing inputs/policies from github.com
• f3f9373 Update to accept YAML files as reqinput in cue mode
• 141dc11 Fix ci.yaml
• 81ba395 Refactor
• e362f72 Update policy to accept URLs from regular github.com URL and raw.githubusercontent
• 31ac571 Update Read reqinput directories from local and GitHub URL
• da740d3 Refactor cmd directory and add k8s rego validation
• 6460a24 Upgrade: Bump github.com/google/cel-go from 0.19.0 to 0.20.0 (#30)
• c05c399 Merge pull request #28 from MrAzharuddin/fix-ci-cd
• 167c563 chore: added skip cache to fix lint issues in ci
• d351f45 Merge pull request #13 from intelops/patch3
• 4107c8b Update dependencies
• ceeccd3 Update target path of genval executable in Makefile to cwd instead of ./bin/genval currently
• b433830 Refactor cmd directory and add k8s rego validation
• 67b52fd Merge pull request #23 from intelops/ci-update
• 4e4c516 Add pre-commit config
• e9c7daa Add StaticCheck scanner and Trivy Vuln scanner to CI and Rename filenames
• 6dddce4 Merge pull request #20 from intelops/dependabot/go_modules/github.com/open-policy-agent/opa-0.61.0
• 036ddbd Upgrade: Bump github.com/open-policy-agent/opa from 0.57.0 to 0.61.0
• a833557 Merge pull request #21 from intelops/dependabot/go_modules/cuelang.org/go-0.7.0
• be215cb Upgrade: Bump cuelang.org/go from 0.6.0 to 0.7.0
• b70bcf8 Merge pull request #19 from intelops/santoshkal-patch-1
• 27de509 Update dependabot.yml
• 618645e Merge pull request #17 from intelops/santoshkal-patch-1
• bd725a1 Create dependabot.yml
• ed23c3c Merge pull request #12 from intelops/security
• b2fb9c1 Create SECURITY.md
• f56003b Merge pull request #5 from intelops/cueval
• 840b0ee Add conrtibuting instruction for adding a Cue schema
• e181f16 Add flow diagram image to example.md
• adc3659 Fix typos, Add Tekton pipeline and ArgoCD schemas, Add example workflow document and link it in README
• 5ff7ef7 Update README
• e645ae6 Fix Lint and Gitsign errors
• 99ffc31 Update: Add cue validation, add cli flags, templates, and update README
• c38ef30 Merge pull request #2 from intelops/tests
• 2c1f051 Update: Folder/filenames to snake_case
• 89039a2 Fix: resolved inconsistencies in filenames and removed reduntand dirs
• a1ce2da Fix: resolved inconsistencies in filenames and removed reduntand dirs
• 2d6f82a Update: consistant filenames and folder structure
• 37b7466 Update: consistant filenames
• e36b4a3 Update: Run tests step to CI, Add tests for parsers
• fb067dc Update: Run tests in CI, Add main.go:63:9: if block ends with a return statement, so drop this else and outdent its block main.go:1:1: should have a package comment linter to golangci-lint, Add tests for parsers
• 850543b Update: Add tests, Makefile, golint-ci, and some restructuring
• b248b73 Update: Add OpenSSF Best Practices badge to README
• c2652ba Update: Add OpenSSF Best Practices badge to README
• 33a92b5 Fix indentation in README
• 5898526 Fix typo

v0.1.1

Changelog

• ddb70e5 Add artifact signing with cosign key as well
• 17590b9 Add UserAgent for HTTP requests made while calling OCI registries and fetch version info based git tag
• b3c6747 Update cuemod init also to accept oci URLs in --tools flag
• 6b9cdd4 Update auth through GetCreds() in Pull and Push commands
• c4bb0d6 Fix: update GetCreds to conditionally fetch credentials
• 4918840 Add verification of cuemod by providing cosign public keyt
• 94d648b Update release workflow to sign and verify all the build artifacts during a new tagged release
• a5a9054 Add artifact push subcommand with cosign sign functionality
• 5fddc57 Add artifact build subcommand to build a tarball from provided input
• 09dd12e Add artifact subcommand, for OCI operations
• 87ea054 Add tf subcommand for validating Terraform files
• e9f16ec Add showJSON helper subcommand
• 7399582 Add cel subcommand for validating Kubernetes manifests with CEL policies
• a70f90d Add dockerval subcommand for validating Dockerfile indipendently
• 666e868 Add k8s subcommand for vidating Kubernetes manifests with Rego policies
• a25a03b Add usage examples for container subcommand run gofumpt formatter
• b18444f Refactor integrating Cobra framework for CLI commands
• f3f9373 Update to accept YAML files as reqinput in cue mode
• e362f72 Update policy to accept URLs from regular github.com URL and raw.githubusercontent
• 31ac571 Update Read reqinput directories from local and GitHub URL
• da740d3 Refactor cmd directory and add k8s rego validation
• ceeccd3 Update target path of genval executable in Makefile to cwd instead of ./bin/genval currently
• f56003b Merge pull request #5 from intelops/cueval
• 840b0ee Add conrtibuting instruction for adding a Cue schema

v0.1.0

Changelog

• 19c9abf Fix cosign verification step in CI
• c62537f Fix certificate extension
• cb2e430 Fix certificate extension
• 918b6c1 Fix failing cosign verification script
• 18eeae4 Fix failing cosign verification script
• 35d1d63 Upgrade: Bump gopkg.in/go-jose/go-jose.v2 from 2.6.1 to 2.6.3 (#47)
• 2945837 Upgrade: Bump github.com/docker/docker (#48)
• f636e8e Upgrade: Bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 (#49)
• 4240af9 Merge pull request #46 from intelops/cobra-cli
• d4186d6 Add auth instruction for artifact commands
• b83493e Update README
• c4bb0d6 Fix: update GetCreds to conditionally fetch credentials
• 4918840 Add verification of cuemod by providing cosign public key
• 0d79f5b WIP: Add signature verification step for cuemod init. Remove user:pass auth from artifact push
• 24e2230 WIP: add user:pass auth to push command
• 04601bd WIP: update auth workflow to authenticate with registries
• 9dc3c41 WIP: test celval dockerfileval
• b89b39a Update and test policies and examples for celval terraform validation using CEL
• d624814 Fix dir names for archive and extracted path for cuemod init
• 94d648b Update release workflow to sign and verify all the build artifacts during a new tagged release
• 7830626 Add new version for cuemod init sub command
• bacf957 Add first cut for cuemod init sub command
• 5e2e332 Update go.mod
• dd5bed9 Add new command structure, TODO: add examples for all subcommands
• 60d1307 Updae BuildArtifact() to maintain dir structure, and source/dest args URL needs be in begin with oci:// for artifcat pull/push
• 3f11b3a Update build path in Makefile
• 1c21f47 Update GetDefinition(), and add examples for Cue command
• 8298845 Add fatih/color to cue result
• 3800bb5 Add banner to rootCmd
• 8a34708 Tested version of cue subcommand
• 23db7cc Remove debug line
• 3a9d2f2 Test verification with cosign pub key, and add addition verification results to StdOut
• 93e277c Add fist cut of cue subcommand, remove cue.mod from dependency
• 02ea12a Add working version of artifact pull command
• a397639 First cut of working cosign verification in artifact pull command
• 2a2e1f8 Test Artifact verification - Failing verification
• a5a9054 Add artifact push subcommand with cosign sign functionality
• 5fddc57 Add artifact build subcommand to build a tarball from provided input
• 09dd12e Add artifact subcommand, for OCI operations
• 1546f4d Add version command
• 87ea054 Add tf subcommand for validating Terraform files
• e9f16ec Add showJSON helper subcommand
• 7399582 Add cel subcommand for validating Kubernetes manifests with CEL policies
• a70f90d Add dockerval subcommand for validating Dockerfile indipendently
• 666e868 Add k8s subcommand for vidating Kubernetes manifests with Rego policies
• a25a03b Add usage examples for container subcommand run gofumpt formatter
• c94fac9 Fix file reading from URLs
• 68f4bd7 Update Makefile for build target
• b18444f Refactor integrating Cobra framework for CLI commands
• a82b158 Upgrade: Bump github.com/open-policy-agent/opa from 0.62.1 to 0.63.0 (#44)
• dc5c82a Upgrade: Bump github.com/hashicorp/hcl/v2 from 2.20.0 to 2.20.1 (#45)
• 29b7d1f Upgrade: Bump cuelang.org/go from 0.7.1 to 0.8.0 (#40)
• 2267ece Upgrade: Bump github.com/jedib0t/go-pretty/v6 from 6.5.4 to 6.5.6 (#42)
• 13dd292 Upgrade: Bump github.com/zclconf/go-cty from 1.14.3 to 1.14.4 (#43)
• d49ae6a Upgrade: Bump github.com/open-policy-agent/opa from 0.62.0 to 0.62.1 (#37)
• 9a9282e Upgrade: Bump github.com/google/cel-go from 0.20.0 to 0.20.1 (#38)
• b8952a7 Upgrade: Bump google.golang.org/protobuf from 1.32.0 to 1.33.0 (#39)
• 2bd1116 Upgrade: Bump github.com/hashicorp/hcl/v2 from 2.19.1 to 2.20.0 (#33)
• dbc6772 Upgrade: Bump github.com/zclconf/go-cty from 1.14.2 to 1.14.3 (#34)
• 6839db2 Upgrade: Bump github.com/open-policy-agent/opa from 0.61.0 to 0.62.0 (#32)
• f62a19d Upgrade: Bump golang.org/x/oauth2 from 0.16.0 to 0.18.0 (#36)
• c80d9f5 Upgrade: Bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (#35)
• 2aef866 Merge pull request #27 from intelops/directory
• a86cc2f Fix Linting error
• 70334f4 Refactor to read file from URLs for all modes
• aadd9a4 Update README reg requirement of authenticating to GitHub for providing inputs/policies from github.com
• f3f9373 Update to accept YAML files as reqinput in cue mode
• 141dc11 Fix ci.yaml
• 81ba395 Refactor
• e362f72 Update policy to accept URLs from regular github.com URL and raw.githubusercontent
• 31ac571 Update Read reqinput directories from local and GitHub URL
• da740d3 Refactor cmd directory and add k8s rego validation
• 6460a24 Upgrade: Bump github.com/google/cel-go from 0.19.0 to 0.20.0 (#30)
• c05c399 Merge pull request #28 from MrAzharuddin/fix-ci-cd
• 167c563 chore: added skip cache to fix lint issues in ci
• d351f45 Merge pull request #13 from intelops/patch3
• 4107c8b Update dependencies
• ceeccd3 Update target path of genval executable in Makefile to cwd instead of ./bin/genval currently
• b433830 Refactor cmd directory and add k8s rego validation
• 67b52fd Merge pull request #23 from intelops/ci-update
• 4e4c516 Add pre-commit config
• e9c7daa Add StaticCheck scanner and Trivy Vuln scanner to CI and Rename filenames
• 6dddce4 Merge pull request #20 from intelops/dependabot/go_modules/github.com/open-policy-agent/opa-0.61.0
• 036ddbd Upgrade: Bump github.com/open-policy-agent/opa from 0.57.0 to 0.61.0
• a833557 Merge pull request #21 from intelops/dependabot/go_modules/cuelang.org/go-0.7.0
• be215cb Upgrade: Bump cuelang.org/go from 0.6.0 to 0.7.0
• b70bcf8 Merge pull request #19 from intelops/santoshkal-patch-1
• 27de509 Update dependabot.yml
• 618645e Merge pull request #17 from intelops/santoshkal-patch-1
• bd725a1 Create dependabot.yml
• ed23c3c Merge pull request #12 from intelops/security
• b2fb9c1 Create SECURITY.md
• f56003b Merge pull request #5 from intelops/cueval
• 840b0ee Add conrtibuting instruction for adding a Cue schema
• e181f16 Add flow diagram image to example.md
• adc3659 Fix typos, Add Tekton pipeline and ArgoCD schemas, Add example workflow document and link it in README
• 5ff7ef7 Update README
• e645ae6 Fix Lint and Gitsign errors
• 99ffc31 Update: Add cue validation, add cli flags, templates, and update README
• c38ef30 Merge pull request #2 from intelops/tests
• 2c1f051 Update: Folder/filenames to snake_case
• 89039a2 Fix: resolved inconsistencies in filenames and removed reduntand dirs
• a1ce2da Fix: resolved inconsistencies in filenames and removed reduntand dirs
• 2d6f82a Update: consistant filenames and folder structure
• 37b7466 Update: consistant filenames
• e36b4a3 Update: Run tests step to CI, Add tests for parsers
• fb067dc Update: Run tests in CI, Add main.go:63:9: if block ends with a return statement, so drop this else and outdent its block main.go:1:1: should have a package comment linter to golangci-lint, Add tests for parsers
• 850543b Update: Add tests, Makefile, golint-ci, and some restructuring
• b248b73 Update: Add OpenSSF Best Practices badge to README
• c2652ba Update: Add OpenSSF Best Practices badge to README
• 33a92b5 Fix indentation in README
• 5898526 Fix typo

v0.0.1

Changelog

• 3d06f63 Test: checksums.txt file
• 99dc4eb Update: README.md with cosign verify
• 353c622 Update to README and CONTRIBUTION.md
• f72b920 Update: README.md
• ee071b0 Update to goreleaser.yaml
• f66f51d Spelcheck in release.yaml
• 5069911 Update: Add Release workflow, README.md, CONTRIBUTION.md, minor update to codebase
• f9c4b97 Update: Folder restructuring and resolving dependencies
• 26ac963 Update: Folder restructuring and resolving dependencies
• 2c2edff Update: flow diagram with JSON input
• 74e9451 Initial commit
• 80178e4 Initial commit