Releases: openanolis/trustee
Releases · openanolis/trustee
v1.8.3
What's Changed
- fix(slsa): generate and upload DSSE envelope for Rekor intoto by @jialez0 in #158
- chore(slsa): upgrade cosign/rekor-cli and align generator with v3 APIs by @jialez0 in #159
- migrate JWK cert-chain verification from OpenSSL to webpki by @jialez0 in #160
- docs: add rekor transparency log documents by @jialez0 in #162
- refactor(ci): migrate Rekor upload to GuanFu reusable workflow by @1570005763 in #164
- feat(attestation-challenge-client): add challenge-based resource injection workflow by @jialez0 in #161
- feat(tools/slsa): add UKI artifact type and parse_uki_digest helper by @jialez0 in #165
- feat: add set-reference-value-list CLI and optional rv_name for RVPS by @jialez0 in #166
- Release v1.8.3 RPM by @jialez0 in #167
Full Changelog: v1.8.2...v1.8.3
Contributors
1570005763 and jialez0
Assets 15
- 6.34 MB
2026-03-26T09:20:18Z - 6.01 MB
2026-03-26T09:21:42Z - 190 MB
2026-03-26T09:21:42Z - 2.47 KB
2026-03-26T09:20:18Z - 38.5 KB
2026-03-26T09:21:05Z - 190 MB
2026-03-26T09:20:18Z - 39.1 MB
2026-03-26T09:20:18Z - 2.37 KB
2026-03-26T09:21:42Z - 38.7 KB
2026-03-26T09:22:37Z - 190 MB
2026-03-26T09:21:42Z -
2026-03-26T08:18:19Z -
2026-03-26T08:18:19Z - Loading
v1.8.2
What's Changed
- fix: remove redundant JSON parsing in RVPS register by @wdsun1008 in #154
- Add set_reference_value_list API and slsa-generator script by @jialez0 in #156
- Clean up OIDC token handling code by @jinzihao in #155
- Update RPM spec to v1.8.2 by @jialez0 in #157
Full Changelog: v1.8.1...v1.8.2
Contributors
jinzihao, jialez0, and wdsun1008
Assets 15
v1.8.1
What's Changed
- Add policy dir for multi-products by @jialez0 in #146
- pai_default policy: fix AA model parse logic by @jialez0 in #147
- feat: route RVPS management via KBS with admin auth by @jialez0 in #148
- fix: enable RVPS query through AS gRPC service by @wdsun1008 in #149
- feat(kbs): add external_kms resource backend by @jialez0 in #150
- Update kbs and as configs for docker-compose by @jialez0 in #151
- Enable encrypted local fs kbs backend of RPM and image by @jialez0 in #152
- kbs makefile: fix feature format nits by @jialez0 in #153
Full Changelog: v1.8.0...v1.8.1
Contributors
jialez0 and wdsun1008
Assets 15
v1.8.0
What's Changed
- Add OIDC token support for attestation-service by @jinzihao in #120
- trustee-gateway: add eas_pod_name to audit structure by @jialez0 in #143
- RPM spec: update to v1.8.0 by @jialez0 in #144
- system verifier: lift uefi_event_logs to top-level claims by @jialez0 in #145
Full Changelog: v1.7.8...v1.8.0
Contributors
jinzihao and jialez0
Assets 15
v1.7.8
What's Changed
- ci: refactor RPM build process with multi-platform support by @1570005763 in #132
- Update ear default policy and add challenge-ra policy to RPM by @jialez0 in #133
- Checking each individual rego file in workflow by @jinzihao in #131
- system verifier: support AAEL runtime measurements by @jialez0 in #135
- AA instance info: support EAS model id and instance id by @jialez0 in #137
- fix: update build specifications and release workflow by @1570005763 in #134
- feat: add reproducible build extractor module by @1570005763 in #136
- Update ear policy: support system attestation and pai/load-model by @jialez0 in #138
- feat(trustee-gateway): add credential config and /api/credential by @jialez0 in #139
- feat(kbs): add AK env fallback for Aliyun KMS backend by @jialez0 in #140
- RPM spec: update to v1.7.8 by @jialez0 in #141
New Contributors
Full Changelog: v1.7.7...v1.7.8
Contributors
jinzihao, 1570005763, and jialez0
Assets 15
v1.7.7
What's Changed
- Release v1.7.6 images and helm-chart by @jialez0 in #125
- Fix repeat kbs-session-id header nits of gateway by @jialez0 in #127
- Gateway: support mysql by @wdsun1008 in #126
- Update RPM spec to v1.7.7 by @jialez0 in #128
- RPM spec: fix changelog format nit by @jialez0 in #129
- fix(rpm): specify AnolisOS 23.3 release version in Dockerfile by @1570005763 in #130
Full Changelog: v1.7.6...v1.7.7
Contributors
1570005763, jialez0, and wdsun1008
Assets 8
v1.7.6
What's Changed
- EAR policy: fix tpm measurement algorithm strings by @jialez0 in #123
- RPM spec: Release v1.7.6 by @jialez0 in #124
Full Changelog: v1.7.5...v1.7.6
Contributors
jialez0
Assets 8
v1.7.5
What's Changed
- Release v1.7.4 images by @jialez0 in #106
- Support skip GPU evidence verification via ENV by @jialez0 in #107
- KBS /resource API: support parse attest token from
Attestationheader by @jialez0 in #108 - Add RPM release workflow and update Makefile by @1570005763 in #105
- Feat: iml Reference-Value-Distribution-Service (RVDS) by @jialez0 in #109
- RVDS: support ledger eventlog record and ethereumAdapter by @jialez0 in #110
- RVDS: add README.md by @jialez0 in #111
- KBS: support encrypted local fs storage backend by @wdsun1008 in #113
- Challenge RA: impl attestation-oneshot-client by @jialez0 in #114
- Sample verify: support verify ccel and measurement register by @jialez0 in #115
- Add manual trigger support for RPM build workflow with tag name input by @1570005763 in #116
- Release helm-chart v1.7.4 by @jialez0 in #117
- Challenge RA client: support retrieve reference-value from Rekor by @jialez0 in #118
- slsa provenance: use absolute path as file measurement name by @jialez0 in #119
- Update c-ra client and rvps slsa logic by @jialez0 in #121
- EAR policy: add AI model measurement parse by @jialez0 in #122
Full Changelog: v1.7.4...v1.7.5
Contributors
1570005763, jialez0, and wdsun1008
Assets 8
v1.7.4
What's Changed
Full Changelog: v1.7.3...v1.7.4
Contributors
jialez0
Assets 2
v1.7.3
What's Changed
Full Changelog: v1.7.2...v1.7.3
Contributors
jialez0