Skip to content

Commit

Permalink
chore: prepare for 1.1 release (ratify-project#1214)
Browse files Browse the repository at this point in the history
  • Loading branch information
@akashsinghal
akashsinghal authored Dec 12, 2023
1 parent e7a20b5 commit 7725e46
Show file tree
Hide file tree
Showing 12 changed files with 41 additions and 37 deletions.
22 changes: 12 additions & 10 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,18 +13,20 @@ Is a verification engine as a binary executable and on Kubernetes which enables

## Table of Contents

- [Quick Start](#quick-start)
- [Community Meetings](#community-meetings)
- [Pull Request Review Series](#pull-request-review-series)
- [Documents](#documents)
- [Code of Conduct](#code-of-conduct)
- [Release Management](#release-management)
- [Licensing](#licensing)
- [Trademark](#trademark)
- [Ratify](#ratify)
- [Table of Contents](#table-of-contents)
- [Quick Start](#quick-start)
- [Community meetings](#community-meetings)
- [Pull Request Review Series](#pull-request-review-series)
- [Documents](#documents)
- [Code of Conduct](#code-of-conduct)
- [Release Management](#release-management)
- [Licensing](#licensing)
- [Trademark](#trademark)

## Quick Start

Please see [Ratify website](https://ratify.dev/docs/1.0/quick-start) for a quick start demo.
Please see [Ratify website](https://ratify.dev/docs/quick-start) for a quick start demo.

## Community meetings

Expand All @@ -41,7 +43,7 @@ Get Ratify Community Meeting Calendar [here](https://calendar.google.com/calenda

## Documents

Please see the [Ratify website](https://ratify.dev/docs/1.0/what-is-ratify) for more in-depth information.
Please see the [Ratify website](https://ratify.dev/docs/what-is-ratify) for more in-depth information.

Meeting notes for weekly project syncs can be found [here](https://hackmd.io/ABueHjizRz2iFQpWnQrnNA?both)

Expand Down
4 changes: 2 additions & 2 deletions charts/ratify/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
apiVersion: v2
name: ratify
description: A Helm chart for Ratify
version: 1.11.0
appVersion: v1.0.0
version: 1.12.0
appVersion: v1.1.0
home: https://github.com/deislabs/ratify
icon: https://raw.githubusercontent.com/deislabs/ratify/main/logo.svg
10 changes: 5 additions & 5 deletions charts/ratify/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,13 +52,13 @@ $ helm upgrade -n gatekeeper-system [RELEASE_NAME] ratify/ratify
| vulnerabilityreport.schemaURL | URL for JSON schema to validate report against | `` |
| vulnerabilityreport.createdAnnotationName | Overrides the default created annotation (`org.opencontainers.image.created`) to search for | `` |
| vulnerabilityreport.maximumAge | Maximum age report can be based on timestamp in stored at creation annotation. Formatted based on [time.Duration](https://pkg.go.dev/time#ParseDuration). A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms" or "24h". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". | `` |
| vulnerabilityreport.notaryProjectSignatureRequired | Enables/disable notary project signature verification attached to vulnerability report. Refer to notation verifier [documentation](https://ratify.dev/docs/1.0/reference/crds/verifiers#notation) to install + configure keys. | `false` |
| vulnerabilityreport.notaryProjectSignatureRequired | Enables/disable notary project signature verification attached to vulnerability report. Refer to notation verifier [documentation](https://ratify.dev/docs/reference/crds/verifiers#notation) to install + configure keys. | `false` |
| vulnerabilityreport.disallowedSeverities | List of severities to disallow (strings). Common severities: `low`, `medium`, `high`, `critical`, `unknown` | `[]` |
| vulnerabilityreport.denylistCVEs | List of CVE IDs that cannot exist in the vulnerability report | `[]` |
| sbom.enabled | Enables/disables installation of sbom verification configuration | `false` |
| sbom.notaryProjectSignatureRequired | requires validation of sbom notation signature | `false` |
| sbom.disallowedLicenses | list of disallowed licenses | [] |
| sbom.disallowedPackages | list of disallowed packages defined by package name and version. For example: --set sbom.disallowedPackages[0].name="busybox" --set sbom.disallowedPackages[0].version="1.36.1-r0" | [] |
| sbom.enabled | Enables/disables installation of sbom verification configuration | `false` |
| sbom.notaryProjectSignatureRequired | requires validation of sbom notation signature | `false` |
| sbom.disallowedLicenses | list of disallowed licenses | [] |
| sbom.disallowedPackages | list of disallowed packages defined by package name and version. For example: --set sbom.disallowedPackages[0].name="busybox" --set sbom.disallowedPackages[0].version="1.36.1-r0" | [] |
| resources.limits.cpu | CPU limits of Ratify Deployment | `1000m` |
| resources.limits.memory | Memory limits of Ratify Deployment | `512Mi` |
| resources.requests.cpu | CPU request of Ratify Deployment | `600m` |
Expand Down
4 changes: 2 additions & 2 deletions charts/ratify/values.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
image:
repository: ghcr.io/deislabs/ratify
crdRepository: ghcr.io/deislabs/ratify-crds
tag: v1.0.0
tag: v1.1.0
pullPolicy: IfNotPresent

nameOverride: ""
Expand Down Expand Up @@ -140,7 +140,7 @@ logger:
traceIDHeaderName: # List of headers that include the trace ID in the external data requests to Ratify. The same headers will be passed to upstream services like remote registries.
- "" # e.g. Set it to `x-ms-correlation-request-id` to trace across Azure.

# See https://ratify.dev/docs/1.0/reference/usage#feature-flags for a list of available feature flags
# See https://ratify.dev/docs/reference/usage#feature-flags for a list of available feature flags
featureFlags:
# RATIFY_FEATURE_NAME: true

Expand Down
2 changes: 1 addition & 1 deletion docs/README.md
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
Please see the [Ratify website](https://ratify.dev/docs/1.0/what-is-ratify) for more in-depth information.
Please see the [Ratify website](https://ratify.dev/docs/what-is-ratify) for more in-depth information.

## Design Docs

Expand Down
2 changes: 1 addition & 1 deletion docs/design/Cache Unification.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ Ratify must:

## Overview

Please reference this [doc](https://ratify.dev/docs/1.0/reference/cache) for overview of current caching state in Ratify
Please reference this [doc](https://ratify.dev/docs/reference/cache) for overview of current caching state in Ratify

Ratify has two primary cache categories: in memory caches & blob store cache.
There are 4 separate in-memory caches backed by 3 different cache types. This makes it very difficult to standardize cache interactions and emit uniform metrics. Furthermore, supporting multiple cache types will make it difficult to easily switch between in-memory and distributed caching for high availability scenarios.
Expand Down
8 changes: 4 additions & 4 deletions errors/errors.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,11 +16,11 @@ limitations under the License.
package errors

const (
NotationTsgLink = "https://ratify.dev/docs/1.0/troubleshoot/verifier/notation"
NotationTsgLink = "https://ratify.dev/docs/troubleshoot/verifier/notation"
OrasLink = "https://oras.land/"
AuthProviderLink = "https://ratify.dev/docs/1.0/reference/oras-auth-provider"
PolicyProviderLink = "https://ratify.dev/docs/1.0/reference/providers"
PolicyCRDLink = "https://ratify.dev/docs/1.0/reference/crds/policies"
AuthProviderLink = "https://ratify.dev/docs/reference/oras-auth-provider"
PolicyProviderLink = "https://ratify.dev/docs/reference/providers"
PolicyCRDLink = "https://ratify.dev/docs/reference/crds/policies"
)

var (
Expand Down
14 changes: 7 additions & 7 deletions errors/pluginerrors.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,30 +48,30 @@ var (
ErrorCodeListReferrersFailure = Register("errcode", ErrorDescriptor{
Value: "LIST_REFERRERS_FAILURE",
Message: "list referrers failure",
Description: `Referrer store fails to list the referrers. Refer to https://ratify.dev/docs/1.0/reference/store#listreferrers for more details.`,
Description: `Referrer store fails to list the referrers. Refer to https://ratify.dev/docs/reference/store#listreferrers for more details.`,
})

// ErrorCodeGetSubjectDescriptorFailure is returned when GetSubjectDescriptor
// API fails.
ErrorCodeGetSubjectDescriptorFailure = Register("errcode", ErrorDescriptor{
Value: "GET_SUBJECT_DESCRIPTOR_FAILURE",
Message: "get subject descriptor failure",
Description: `Referrer store fails to get the subject descriptor. Refer to https://ratify.dev/docs/1.0/reference/store#getsubjectdescriptor for more details.`,
Description: `Referrer store fails to get the subject descriptor. Refer to https://ratify.dev/docs/reference/store#getsubjectdescriptor for more details.`,
})

// ErrorCodeGetReferenceManifestFailure is returned when GetReferenceManifest
// API fails.
ErrorCodeGetReferenceManifestFailure = Register("errcode", ErrorDescriptor{
Value: "GET_REFERRER_MANIFEST_FAILURE",
Message: "get reference manifest failure",
Description: `Referrer store fails to get the reference manifest. Refer to https://ratify.dev/docs/1.0/reference/store#getreferencemanifest for more details.`,
Description: `Referrer store fails to get the reference manifest. Refer to https://ratify.dev/docs/reference/store#getreferencemanifest for more details.`,
})

// ErrorCodeGetBlobContentFailure is returned when GetBlobContent API fails.
ErrorCodeGetBlobContentFailure = Register("errcode", ErrorDescriptor{
Value: "GET_BLOB_CONTENT_FAILURE",
Message: "get blob content failure",
Description: `Referrer store fails to get the blob content. Refer to https://ratify.dev/docs/1.0/reference/store#getblobcontent for more details.`,
Description: `Referrer store fails to get the blob content. Refer to https://ratify.dev/docs/reference/store#getblobcontent for more details.`,
})

// ErrorCodeReferrerStoreFailure is returned when a generic error happen in
Expand Down Expand Up @@ -109,7 +109,7 @@ var (
ErrorCodeReferrersNotFound = Register("errcode", ErrorDescriptor{
Value: "REFERRERS_NOT_FOUND",
Message: "referrers not found",
Description: "No referrers are found. Please verify the subject has attached expected artifacts and refer to https://ratify.dev/docs/1.0/reference/store/ to investigate Referrer Store configuration.",
Description: "No referrers are found. Please verify the subject has attached expected artifacts and refer to https://ratify.dev/docs/reference/store/ to investigate Referrer Store configuration.",
})

// Generic errors happen in plugins
Expand All @@ -135,14 +135,14 @@ var (
ErrorCodeDownloadPluginFailure = Register("errcode", ErrorDescriptor{
Value: "DOWNLOAD_PLUGIN_FAILURE",
Message: "download plugin failure",
Description: "Failed to download plugin. Please verify the provided plugin configuration is correct and check the error details for further investigation. Refer to https://ratify.dev/docs/1.0/reference/dynamic-plugins for more information.",
Description: "Failed to download plugin. Please verify the provided plugin configuration is correct and check the error details for further investigation. Refer to https://ratify.dev/docs/reference/dynamic-plugins for more information.",
})

// ErrorCodeCertInvalid is returned when provided certificates are invalid.
ErrorCodeCertInvalid = Register("errcode", ErrorDescriptor{
Value: "CERT_INVALID",
Message: "cert invalid",
Description: "The certificate is invalid. Please verify the provided inline certificates or certificates fetched from key vault are in valid format. Refer to https://ratify.dev/docs/1.0/reference/crds/certificate-stores for more information.",
Description: "The certificate is invalid. Please verify the provided inline certificates or certificates fetched from key vault are in valid format. Refer to https://ratify.dev/docs/reference/crds/certificate-stores for more information.",
})

// ErrorCodePolicyProviderNotFound is returned when a policy provider cannot
Expand Down
6 changes: 4 additions & 2 deletions helmfile.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ releases:
namespace: gatekeeper-system
createNamespace: true
chart: gatekeeper/gatekeeper
version: 3.13.0
version: 3.14.0
wait: true
set:
- name: enableExternalData
Expand All @@ -18,10 +18,12 @@ releases:
value: 5
- name: mutatingWebhookTimeoutSeconds
value: 2
- name: externaldataProviderResponseCacheTTL
value: 10s
- name: ratify
namespace: gatekeeper-system
chart: ratify/ratify
version: 1.11.0 # Make sure this matches Chart.yaml
version: 1.12.0 # Make sure this matches Chart.yaml
wait: true
needs:
- gatekeeper
Expand Down
2 changes: 1 addition & 1 deletion high-availability.helmfile.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ releases:
- name: ratify
namespace: gatekeeper-system
chart: ratify/ratify
version: 1.11.0 # Make sure this matches Chart.yaml
version: 1.12.0 # Make sure this matches Chart.yaml
wait: true
needs:
- dapr-system/dapr
Expand Down
2 changes: 1 addition & 1 deletion library/rego/README.md
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
# Ratify Rego Policies

This folder contains `.rego` files that contain rego policies to be used ONLY with Ratify's [Rego Policy Provider](https://ratify.dev/docs/1.0/reference/crds/policies#regopolicy)
This folder contains `.rego` files that contain rego policies to be used ONLY with Ratify's [Rego Policy Provider](https://ratify.dev/docs/reference/crds/policies#regopolicy)
2 changes: 1 addition & 1 deletion plugins/verifier/cosign/README.md
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
This document has been moved to https://ratify.dev/docs/1.0/external%20plugins/Verifier/cosign
This document has been moved to https://ratify.dev/docs/external%20plugins/Verifier/cosign

0 comments on commit 7725e46

Please sign in to comment.