Release v0.13.0 · stefanprodan/timoni

New Features

Bundle Runtime - a declarative API for fetching values from Kubernetes clusters.
Module signing and verification with Sigstore Cosign.
Enforce Kubernetes server minimum version for modules.

Breaking changes

Bundle API

The timoni(env:[TYPE]:[NAME]) CUE attribute used in Bundles was replaced with timoni(runtime:[TYPE]:[NAME]).

The local Environment is no longer loaded by default, users need to opt-in by using the --runtime-from-env flag in timoni bundle commands.

To migrate, replace @timoni(env with @timoni(runtime in your Bundles.

Kubernetes flags

The Timoni Kubernetes command flags have been prefixed with kube:

--kube-as string                      Username to impersonate for the operation. User could be a regular user or a service account in a namespace.
--kube-as-group stringArray           Group to impersonate for the operation, this flag can be repeated to specify multiple groups.
--kube-as-uid string                  UID to impersonate for the operation.
--kube-certificate-authority string   Path to a cert file for the certificate authority.
--kube-client-certificate string      Path to a client certificate file for TLS.
--kube-client-key string              Path to a client key file for TLS.
--kube-context string                 The name of the kubeconfig context to use.
--kube-insecure-skip-tls-verify       if true, the Kubernetes API server's certificate will not be checked for validity. This will make your HTTPS connections insecure.
--kube-server string                  The address and port of the Kubernetes API server.
--kube-tls-server-name string         Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used.
--kube-token string                   Bearer token for authentication to the API server.
--kubeconfig string                   Path to the kubeconfig file.

What's Changed

Add a YAML CRD to CUE IR conversion function by @sdboyer in #166
Bump github.com/cyphar/filepath-securejoin from 0.2.3 to 0.2.4 by @dependabot in #181
Prefix Kubernetes flags by @stefanprodan in #183
Introduce the Runtime API for querying the cluster for values by @stefanprodan in #180
Use Go 1.21 stdlib by @stefanprodan in #184
Add cosign signing and verification for modules by @loktev-d in #182
Enforce Kubernetes min version for modules by @stefanprodan in #185
docs: Sign and verify modules with Cosign by @stefanprodan in #186
ci: Push and sign minimal module by @stefanprodan in #187
docs: Add Nix installation instructions by @stefanprodan in #188

New Contributors

@sdboyer made their first contribution in #166
@loktev-d made their first contribution in #182

Full Changelog: v0.12.1...v0.13.0

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

v0.13.0