Skip to content

Latest commit

 

History

History
172 lines (110 loc) · 5.21 KB

NEWS.md

File metadata and controls

172 lines (110 loc) · 5.21 KB
Raw

Changes from 0.5.0 to 0.6.0

  • Environment variables in the image configuration are now sorted for reproducibility.

  • Tags can now be automatically generated based on a specified package's version. The tags will be stemmed if this feature is used.

  • Support for tracking individual files in SBOMs has been added for SPDX SBOMs.

  • SPDX SBOMs generated with apko are now compliant with the SPDX 2.3 specification.

  • Support for glibc-based images has been added, such as configuring the dynamic linker cache via ldconfig. This is needed for building images for Wolfi.

  • Apko no longer clobbers /etc/os-release if it is already present, unless an override is explicitly requested.

  • Support for adding suffixes to tags when publishing has been added via the --tag-suffix option.

  • When using proot, apko no longer tries to chown or chmod anything.

  • Support for publishing to the local Docker daemon has been added via the --local option.

Changes from 0.4.0 to 0.5.0

  • Add support for including base configuration with the include property. These includes can reference a local file or a remote file hosted on a git forge.

  • Add support for declaring custom OCI annotations. These annotations can be provided on the command line or added to the YAML configuration.

  • Index SBOMs are now created for multi-arch images.

  • Many quality improvements in the SBOMs generated by apko, for example, PUrls are now correctly generated for OCI images.

  • Account names specified in run-as are now mapped to UIDs at image creation time.

  • Source repositories where apko configuration files live are now included as the org.opencontainers.image.source annotation. Users may build with --vcs=false to disable this feature or explicitly set the vcs-url: property in the YAML configuration.

  • Permissions on the s6 supervision tree are fixed for rootless images.

  • Logging infrastructure has been changed to Logrus.

Changes from 0.3.3 to 0.4.0

  • Allow the apk installed DB to be attached as an "IDB" SBOM. This can be used for scanning a runtime container for deviations with the apk audit command.

  • The Tekton apko task is now automatically generated as part of the release process.

  • Creation times for SPDX SBOMs are now determined from the SOURCE_DATE_EPOCH environment variable for consistency with other artifacts (such as the image filesystem modification times).

  • OCI mediatypes are now used by default instead of the Docker ones. If you want to use Docker mediatypes (e.g. for quay.io), you can use the --use-docker-mediatypes option.

  • A new show-config applet has been added to show all of the configuration for an image that was derived from loading a YAML file.

  • The CLI commands are no longer exported for public consumption from other projects.

Changes from 0.3.2 to 0.3.3

  • Ensure home directories are created with 0755 permissions.

Changes from 0.3.1 to 0.3.2

  • Ensure all home directories for accounts in /etc/passwd are present and have the correct permissions.

Changes from 0.3.0 to 0.3.1

  • Allow entrypoint to be blank.

  • Add new cmd statement to the YAML configuration.

  • Generate /etc/alpine-release (or equivalent) legacy files when /etc/os-release generation is requested. This helps with Trivy scanning.

Changes from 0.2.2 to 0.3.0

  • Significantly improved documentation.

  • Add support for generating /etc/os-release files for scanner compatibility.

  • Fix specification of architectures in apko YAML configuration files.

  • Add support for doing various path mutations on an image, like changing the owner of a file or its permissions.

  • Attach SBOMs to built images.

  • Use pargzip to compress images for speed.

  • Improve test coverage by refactoring the code to allow for mock implementations.

  • Properly track hardlinks when generating a layer tarball.

Changes from 0.2.1 to 0.2.2

  • Added apko login as alternative to docker login.

  • Fixes for logging in "early" build contexts for paths outside apko publish.

  • Provide a default environment for the image configuration.

  • Set the mediaType on OCI indexes when publishing so that ko can use them correctly.

Changes from 0.2.0 to 0.2.1

  • Minor brown-paper-bag fix for multitagging.

Changes from 0.1.2 to 0.2.0

  • New option --use-proot for rootless image builds.

  • Support for multi-arch builds in apko publish, this requires the qemu emulators to be installed. If you do not want to use qemu emulation, then use the --arch option to do a single architecture build.

  • Added --keyring-append and --repositories-append options.

  • Added management of UIDs and GIDs, for an example of how to use this functionality, see the examples/alpine-base-rootless.yaml file.

  • Added support for multiple tags in apko publish.

Changes from 0.1.1 to 0.1.2

  • Minor bugfix for usage scenario involving the APK system keyring.

Changes from 0.1 to 0.1.1

  • Build system refactoring c/o Jason Hall and Carlos Panato

  • Support for copying the APK system keyring if no explicit keyring is configured, c/o Adolfo García Veytia (Puerco)

  • Support for outputting the image digest, allowing it to be used as an input for ko build c/o Jason Hall