Releases: foundriesio/fioctl
Releases · foundriesio/fioctl
Release v0.34.1
Changes: * Docs: fixed new Fioctl TUF commands help to render well with Sphinx * Security: set buildmode PIE (Position Independent Executable) to improve run-time security No effect on Windows (uses ASLR) and Arm Darwin platforms (uses PIE by default). Enables PIE for Linux and Amd64 Darwin platforms. Additionally enables RELRO (Read-Only Relocation) for Linux platforms.
Release v0.34
Features: * Support of MEDS. * Support multiple offline keys in TUF roles. * Support certificate manipulation on Windows. Changes: * Ability to configure API and Oauth2 URLs, or infer API URL based on Oauth2 URL (for MEDS). * Ability to add more than one offline root or targets keys via `keys tuf updates add-offline-key`. * Ability to delete existing offline root ro targets key via `keys tuf updates delete-offline-key`. * Ability to set signature threshold for TUF root and production targets via `keys tuf updates set-threshold`. * Ability to sign a wave by more than one offline targets key via `waves sign`. * Ability to sign production targets by additional offline targets key via `keys tuf updates sign-prod-targets`. * Support offline root and targets key rotation for multi-key TUF roles. * When rotating offline targets key, only re-sign those production targets that were signed by it. * Bugfix: preverve production targets signature threshold on all operations. * Support cert manipulation in `el2g` and `keys ca` on Windows by implementing them in Golang. * Show target's LmP version if available in `targets show` and `devices show`. * Show a name of a user who created the factory, group, or device config. * Ability to specify Fioctl configuration file via environment variable (FIOCTL_CONFIG). * Ability to watch the targets CI build log via `targets tail` command. * Ability to use insecure TLS for testing purposes (turn off certificate validation). Notes: * We recommend upgrading all factory users to this version if you plan to use multi-key TUF roles. Older versions reset the targets signature threshold to a value of 2 during key rotation. Also, older versions replace all signatures when signing TUF roles, rather than adding new signatures.
Release v0.33
* ability to rollout a wave to a subset of matching devices in a group or factory * add more rollout information into waves show & status * add verbosity and dry-run flags to waves rollout * add pagination to waves list * add optional hardware ID parameter to targets static-deltas * print details about user teams * print details about team device groups * deny a bogus .0 device ip in wireguard config * allow sorting devices by last-seen and/or name asc/desc * allow filtering device list by target name pattern * fix docker helper for various error scenarios (e.g. config not exists or is not writable) * bump golangci-ling to 1.51.2 * fix help text for some commands * fix location of swagger docs in README
Release v0.32.0
* Improvements to `configure-git` logic for Mac and Windows * New `keys tuf` subcommand to enable more flexible management
Release v0.31
* Fix image assembly with app short list * Add ability to prune production targets with `waves init` * Add ability to create TUF targets with `targets add` * Add ability to rotate online TUF keys
Release v0.30.1
* Move to static linking to address problems running on Ubuntu 20.04
Release v0.30.0
* New `targets show sboms` command * Improve TUF key ID generation to be better compatible with OTA community edition * Move to newer version of Cobra * Improve output displayed when HTTP commands fail * Add a Git credential helper * Add new `keys tuf updates` expert mode for managing TUF keys
Release v0.29
* Rework of TUF subcommands to be under `fioctl tuf`. Backward compatibility was kept. * Improvements to offline updates command
Release v0.28
* Added offline updates command * Moved to Golang 1.19 * Add EdgeLock 2GO commands
Release v0.27
* Include change-reason when re-siging root.json * Add support for Ed25519 TUF key operations (root and targets) * Add new command to fetch content for offline updates * Add new "apps states" information for devices