Release v0.7.0

0.7.0 - 2024-05-29

Highlights

• Kubernetes support ☸️ VMClarity is now able to discover and scan both container and container images in your cluster. Check the deployment instructions here.
• Plugin Scanner support 🔌 You can now easily plugin your custom scanner in VMClarity. SDKs in Go and Python are provided to facilitate integration. For more details check here.
• Cloud test environments 🌩️ AWS, Azure and GCP test environments are now available so you can test your code changes.
• New scanning capabilities 🤖 CIS docker scanner and Windows SBOM analyser.
• General bug fixes and documentation improvements 🐞

Bug Fixes

• fix(e2e): set directory asset last seen to future time by @paralta in #1653

Dependency Updates

• fix(deps): update github.com/anchore/clio digest to d81e109 by @renovate[bot] in #1719

• fix(deps): update module google.golang.org/grpc to v1.64.0 by @renovate[bot] in #1721

• fix(deps): update module github.com/aquasecurity/trivy to v0.51.4 by @renovate[bot] in #1638

• fix(deps): update module github.com/containers/image/v5 to v5.31.0 by @renovate[bot] in #1715

• fix(deps): update module github.com/aquasecurity/trivy to v0.51.2 [security] by @renovate[bot] in #1686

• fix(deps): update module google.golang.org/protobuf to v1.34.1 by @renovate[bot] in #1705

• fix(deps): update module github.com/tdewolff/parse/v2 to v2.7.14 by @renovate[bot] in #1704

• fix(deps): update module github.com/package-url/packageurl-go to v0.1.3 by @renovate[bot] in #1703

• fix(deps): update module github.com/containerd/containerd to v1.7.17 by @renovate[bot] in #1699

• fix(deps): update github.com/aquasecurity/trivy-db digest to b8fe137 by @renovate[bot] in #1693

• fix(deps): update github.com/anchore/clio digest to d03a618 by @renovate[bot] in #1692

• fix(deps): update module github.com/containers/image/v5 to v5.30.1 [security] by @renovate[bot] in #1685

• fix(deps): update module github.com/openclarity/grype-server/api to v0.0.0-20240502131359-2f1a56ef9b22 by @renovate[bot] in #1621

• fix(deps): update module github.com/anchore/grype to v0.77.4 by @renovate[bot] in #1656

• fix(deps): update module google.golang.org/protobuf to v1.34.0 by @renovate[bot] in #1643

• fix(deps): update module github.com/go-playground/validator/v10 to v10.20.0 by @renovate[bot] in #1640

• fix(deps): update github.com/anchore/stereoscope digest to 2e98946 by @renovate[bot] in #1636

• fix(deps): update module github.com/azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute/v5 to v5.7.0 by @renovate[bot] in #1639

• fix(deps): update module github.com/labstack/echo/v4 to v4.12.0 by @renovate[bot] in #1641

• fix(deps): update module github.com/anchore/grype to v0.77.2 by @renovate[bot] in #1634

• fix(deps): update module github.com/tdewolff/parse/v2 to v2.7.13 by @renovate[bot] in #1622

• fix(deps): update module github.com/anchore/syft to v1.3.0 by @renovate[bot] in #1635

• fix(deps): update module gorm.io/gorm to v1.25.10 by @renovate[bot] in #1624

• fix(deps): update module github.com/onsi/gomega to v1.33.1 by @renovate[bot] in #1620

• fix(deps): update module github.com/aquasecurity/trivy-db to v0.0.0-20240502062805-dece64c97a96 by @renovate[bot] in #1619

• fix(deps): update module github.com/aquasecurity/trivy to v0.50.4 by @renovate[bot] in #1618

• fix(deps): update module github.com/anchore/stereoscope to v0.0.2 by @renovate[bot] in #1617

• fix(deps): update containerd by @renovate[bot] in #1616

• fix(deps): update module github.com/onsi/gomega to v1.33.0 by @renovate[bot] in #1592

Features

• feat(e2e): revisit k8s test env by @paralta in #1681

Miscellaneous Tasks

• build(deps): update module github.com/golangci/golangci-lint to v1.59.0 by @renovate[bot] in #1737

• build(deps): update dependency helm/helm to v3.15.1 by @renovate[bot] in #1722

• build(deps): update dependency azure/bicep to v0.27.1 by @renovate[bot] in #1709

• build(deps): update dependency mikefarah/yq to v4.44.1 by @renovate[bot] in #1711

• build(deps): update module github.com/rhysd/actionlint to v1.7.0 by @renovate[bot] in #1712

• build(deps): update dependency helm/helm to v3.15.0 by @renovate[bot] in #1710

• build(deps): update module github.com/golangci/golangci-lint to v1.58.2 by @renovate[bot] in #1646

• ci(deps): update actions/checkout action to v4.1.6 by @renovate[bot] in #1698

• ci(deps): pin dependencies by @renovate[bot] in #1688

• build(deps): update dependency orhun/git-cliff to v2.2.2 by @renovate[bot] in #1665

• ci(deps): update actions/checkout action to v4.1.5 by @renovate[bot] in #1664

• ci(deps): update docker/bake-action action to v4.5.0 by @renovate[bot] in #1633

• ci(deps): update amannn/action-semantic-pull-request action to v5.5.2 by @renovate[bot] in #1632

• ci(deps): update actions/setup-go action to v5.0.1 by @renovate[bot] in #1623

• ci(deps): update actions/checkout action to v4.1.4 by @renovate[bot] in #1615

• build(deps): update dependency crate-ci/typos to v1.21.0 by @renovate[bot] in #1608

• ci(deps): update actions/download-artifact action to v4.1.7 by @renovate[bot] in #1590

• ci(deps): update actions/upload-artifact action to v4.3.3 by @renovate[bot] in #1591

Refactor

Testing

• test(deps): update module google.golang.org/api to v0.181.0 by @renovate[bot] in #1730

• test(deps): update module helm.sh/helm/v3 to v3.15.1 by @renovate[bot] in #1732

• test(deps): update module github.com/onsi/ginkgo/v2 to v2.19.0 by @renovate[bot] in #1735

• test(deps): update module github.com/docker/compose/v2 to v2.27.1 by @renovate[bot] in #1727

• test(deps): update module github.com/onsi/ginkgo/v2 to v2.18.0 by @renovate[bot] in #1729

• test(deps): update module cloud.google.com/go/compute to v1.27.0 by @renovate[bot] in #1725

• test(deps): update aws-sdk-go-v2 monorepo by @renovate[bot] in #1723

• test(deps): update azure sdk by @renovate[bot] in #1724

• test(deps): update module github.com/compose-spec/compose-go/v2 to v2.1.1 by @renovate[bot] in #1718

• test(deps): update module github.com/zregvart/helm/v3 to v3.0.0-20240515095300-29fcbe1d0a74 by @renovate[bot] in #1708

• test(deps): update kubernetes by @renovate[bot] in #1587

• test(deps): update docker to v26.1.3+incompatible by @renovate[bot] in #1706

• test(deps): update module github.com/onsi/ginkgo/v2 to v2.18.0 by @renovate[bot] in [#1707](https://github.com/openc...

Release v0.7.0-rc.1

0.7.0-rc.1 - 2024-04-25

Note: This release contains breaking changes. The list of important changes will be compiled and available in v0.7.0 release.

Bug Fixes

• fix(helm): PostgreSQL DB config for API Server by @chrisgacsal in PR #935
• fix(uibackend): repeated items in impact dashboard by @paralta in PR #943
• fix(gcp): installation scripts by @adamtagscherer in PR #954
• fix(gcp): nil pointer exception by @adamtagscherer in PR #960
• fix(cli): don't return error if home dir doesn't exist by @adamtagscherer in PR #1107
• fix(ui): abort scan from the ui by @adamtagscherer in PR #1141
• fix(testenv): missing replace in go.mod by @chrisgacsal in PR #1153
• fix: missing replace in go.mod by @chrisgacsal in PR #1154
• fix: path to images by @paralta in PR #1188
• fix: rm pinning for images with latest tag by @chrisgacsal in PR #1211
• fix: license-cache target by @paralta in PR #1251
• fix: nginx config for gateway service by @chrisgacsal in PR #1275
• fix: yara tools by @chrisgacsal in PR #1345
• fix: add -C flag to go commands in Makefile by @adamtagscherer in PR #1350
• fix: Yara Rule Server version in Azure deployment by @chrisgacsal in PR #1378
• fix: make scanner images consistent across providers by @paralta in PR #1379
• fix: rename asset to target in cloud init by @adamtagscherer in PR #1382
• fix: subst spaces with commas in GO_BUILD_TAGS by @akijakya in PR #1394
• fix: race condition in workflow by @chrisgacsal in PR #1417
• fix: Nil pointer error if ContainerImageInfo.Id field is not set by @csatib02 in PR #1500
• fix: error returned by mount by @chrisgacsal in PR #1555
• fix: add missing modules to renovate ignore by @paralta in PR #1574
• fix: bugs around aborting scan by @akijakya in PR #1583

Documentation

• docs: add rfc for e2e type safety by @gallotamas in PR #946
• docs: change asset-findings relationships rfc by @ramizpolic in PR #1042
• docs: multiple go modules rfc by @paralta in PR #1105
• docs: extend misconfiguration scanners rfc by @ramizpolic in PR #1114
• docs(aws): update cfn quick-create link to latest release by @paralta in PR #1122
• docs: fix rfc approver details by @ramizpolic in PR #1252
• docs: remove documentation already available at openclarity.io by @paralta in PR #1297

Features

• feat(k8s): Discover container images and running containers by @Tehsmash in PR #711
• feat(k8s): Asset scan support by @Tehsmash in PR #864
• feat(helm): add multiple service types to gateway by @chrisgacsal in PR #962
• feat: add docker bake by @akijakya in PR #1111
• feat(ui): add label to ContainerInfo detail page by @adamtagscherer in PR #1136
• feat: configure goheader lint by @paralta in PR #1158
• feat: add windows registry sbom analyzer by @ramizpolic in PR #1196
• feat: provider v2 by @chrisgacsal in PR #1299
• feat: add initial version of workflow library by @chrisgacsal in PR #1381
• feat(aws): add healthz checks to cloudformation template by @paralta in PR #1481
• feat(gcp): add healthcheck to GCP installer by @adamtagscherer in PR #1501
• feat: healthchecks in Azure installer, names for VMClarity roles by @akijakya in PR #1503
• feat: pluggable scanners by @adamtagscherer in PR #1510
• feat(cli): add OS signal handling by @chrisgacsal in PR #1543
• feat: support long running processes by @chrisgacsal in PR #1547
• feat: add support for umount to fsutils/mount by @chrisgacsal in PR #1549
• feat(docker): scan dir asset by @paralta in PR #1564
• feat: integrate plugin as family by @paralta in PR #1600
• feat: add gcp e2e test env by @adamtagscherer in PR #1601

Miscellaneous Tasks

• build: fix Scanner image version in Docker bundle by @chrisgacsal in PR #933
• ci: add missing orchestrator dev image to cleanup by @chrisgacsal in PR #955
• ci: group dependency updates by @chrisgacsal in PR #995
• build: bump Go version to v1.21.4 by @chrisgacsal in PR #996
• ci: group containerd updates by @chrisgacsal in PR #1006
• chore: update tools by @chrisgacsal in PR #1020
• ci: add linting for Azure/Bicep package by @chrisgacsal in PR #1026
• chore: repo to work with local go.work file by @akijakya in PR #1073
• ci: fix caching for license check by @chrisgacsal in PR #1161
• ci: verify go modules by @chrisgacsal in PR #1163
• chore: Configure Renovate by @renovate in PR #1167
• ci: use Docker Bake for build and push by @akijakya in PR #1185
• ci: fix success check by @chrisgacsal in PR #1280
• build: push multiarch images by @paralta in PR #1320
• ci: improve renovatebot config by @chrisgacsal in PR #1323
• build: improve release notes generation by @chrisgacsal in PR #1325
• ci: pin Alpine image version for testing by @chrisgacsal in PR #1329
• build: add go vet to checks by @chrisgacsal in PR #1347
• build: fix build tags for go vet and test by @chrisgacsal in PR #1407
• revert(deps): update module github.com/anchore/syft to v1 by @chrisgacsal in PR #1420
• ci: add Make targets for fixing Renovate updates by @chrisgacsal in PR #1480
• ci: rm tools from runner to free up disk space by @chrisgacsal in PR #1488
• ci: mv runner disk cleanup before cache restore by @chrisgacsal in PR #1544

Refactor

• refactor(api): scanners statuses of AssetScan by @adamtagscherer in PR #825
• refactor(gcp): use labels instead of network tags by @adamtagscherer in PR #961
• refactor(docker): change gateway port to 8080 by @paralta in PR #967
• refactor(ui): improve findings impact dashboard by @paralta in PR #972
• refactor: pin Docker Compose schema version by @chrisgacsal in PR #975
• refactor(api): rework AssetScan General status by @adamtagscherer in PR #981
• refactor(ui): switch to vite for building and bundling by @gallotamas in [PR #1012](https://github.com/openclarity/...

Release v0.6.0

0.6.0 - 2023-11-08

Bug Fixes

• (deps) Use ghcr.io/openclarity/freshclam-mirror:v0.2.0 everywhere (#908)
• (ui) Calculate completed scans count correctly (#898)
• (ui) Show container names and location on asset scans and findings pages (#900)
• Address for services in Orchestrator config (#896)
• (ui) Improved formatting for exploits and vulnerabilities in asset scan details (#891)
• (ui) Rename "Asset Query" to "Scope" (#893)
• Use internal service address in Docker (#892)
• Chkrootkit binary detection (#883) (#879)
• Missing Yara Rule Server address (#888)
• Lynis testDB path (#886)
• Chkrootkit binary detection (#883)
• (ui) Add empty value indications (#868)
• (ui) Use replace navigation when needed (#870)
• (ui) Fix value in VULNERABILITY_SEVERITY_ITEMS (#867)
• (ui) Add empty list indication to dashboard widgets (#866)
• (ui) Separate asset drilldown types (#860)
• Add yara rule server to helm chart (#840)
• Trivy scan timeout config (#844)
• (uibackend) Add greater than 0 findings condition to risk assets (#848)
• Yara server address in azure deployment (#839)
• (postgres) Ensure that we use the correct JSON sql for delete by ID (#816)
• (ui) Ensure that UI nginx routes to index.html as fallback (#824)
• Azure deploy template have wrong values as defaults (#805)
• (install) Fix the postgres host name (#798)
• (ui) Name, location, platform, image, launch time of assets (#791)
• (scan) Change exploit db address to the apiserver public ip (#779)
• (provider) Wrong container image name (#772)
• (e2e) Images env vars not applied by docker (#782)
• (docker) Run docker from within the container (#762)
• (odatasql) Ensure that $filter works for complex types (#742)
• Missing DirInfo and PodInfo OData schemas (#740)
• (scan estimation) Reconcile timeout state to failed instead of aborted (#727)
• OpenAPI generator version (#706)
• (make) Remove deprecated clean-backend and run go mod tidy in all modules (#705)
• (provider) Skip mark terminated if asset found but patch failed (#614)
• (lint) Failing linter for go modules (#620)
• (apiserver) Change odata filter in check uniqueness for containers and images (#618)
• (ui-backend) Reduce recalculation interval (#606)
• Golangci-lint to test multiple modules (#596)
• (link) Contributing guide link (#567)
• Scan timeout not working (#542)
• Benchmark cache map by input instead of input type (#530)
• (cli) Subcommands (#513)
• (cfn) Update explot db server version (#507)
• Resolve aws volume attachment check (#450)
• ScanResults stuck in aborted state (#427)

Documentation

• Remove unused bin path params (#916)
• (readme) Updated roadmap link (#885) (#887)
• Add RFC template (#843)
• Add workflow status and go report card to readme file (#663)
• Add slack invite to README (#568)
• Update api url and scan config example (#543)
• Update scope in configuration examples (#474)

Features

• Installing tools to Makefile (#838)
• Bump docker-compose version (#828)
• Bump go version to 1.21 (#792)
• (api) Add annotations to all high level API objects (#765)
• (yara) Error threshold (#732)
• Add effective scan config to assetScan annotations (#739)
• (api) Add provider to asset and to asset scan (#726)
• (api) Add new provider api object (#714)
• Raw yara rule sources (#725)
• (yara) Run command and parse output line by line (#716)
• (api) Add allof metadata to assetscan (#724)
• (scanresult) Resource cleanup status refactor (#689)
• (api) Add annotations (#719)
• (scan estimation) Add ttl to scanEstimation and assetScanEstimation (#688)
• (scanners) Add support to all existing scanners for containers (#696)
• (test) Report api output and service logs on failure (#697)
• Yara support (#638)
• Estimation time divided by parallel scans (#672)
• Bump versions for k8s dependencies (#661)
• (test) Build all services when running e2e tests (#660)
• Bump golangci-lint version to 1.54.2 (#646)
• Introduce helm chart for kubernetes installation (#633)
• (test) Add end to end tests skeleton and some basic tests (#539)
• (grype-server) Bump grype server version to v0.5.0 (#594)
• Add healthz check to orchestrator and to ui backend (#593)
• Add interactive API explorer to VMClarity (#496)
• Collect scanner statistics during AssetScan (#473)
• (cli) Commands for creating asset and asset scan (#500)
• (docker) Create docker provider (#462)
• Add GCP installer using GCP Deployment Manager (#449)
• Add provider for Google Cloud Platform (#433)
• Separate asset discovery from scanning (#438)
• (cfn) Add arm64 support for controlplane (#441)
• Update ubuntu server in cloudformation to 22.04 LTS (#411)
• Switching backend to spf13/cobra (#431)

Miscellaneous Tasks

• Fetch full git history for release (#927)
• Fix release notes (#926)
• Remove installing ICU on runner (#924)

v0.5.0

What's Changed

• Bump github.com/urfave/cli from 1.22.12 to 1.22.13 by @dependabot in #290
• Bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.94.0 to 1.95.0 by @dependabot in #287
• remove mount prefix by @fishkerez in #288
• extend target info by @fishkerez in #289
• Bump golang from 1.20.3-alpine to 1.20.4-alpine by @dependabot in #291
• Bump golang.org/x/net from 0.1.0 to 0.7.0 in /api by @dependabot in #78
• update kubeclarity deps, use 0.41.0 trivy server version by @FrimIdan in #293
• Bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.95.0 to 1.96.0 by @dependabot in #295
• Bump github.com/sigstore/rekor from 1.1.0 to 1.1.1 by @dependabot in #294
• Use exploit-db-server instead of go-exploitdb + script by @sambetts-cisco in #285
• fix misconfiguration export logic by @fishkerez in #302
• UI - expanded asset details by @galiail in #296
• Add unit tests for the lynis misconfiguration scanner by @sambetts-cisco in #292
• Fix issue with double counting in findings trends graph by @sambetts-cisco in #307
• Bump github.com/sirupsen/logrus from 1.9.0 to 1.9.1 by @dependabot in #312
• Bump github.com/cloudflare/circl from 1.1.0 to 1.3.3 by @dependabot in #310
• Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible by @dependabot in #311
• Bump github.com/aws/aws-sdk-go-v2/config from 1.18.22 to 1.18.25 by @dependabot in #306
• Bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.96.0 to 1.97.0 by @dependabot in #300
• Bump alpine from 3.17 to 3.18 by @dependabot in #305
• Bump github.com/vulsio/go-exploitdb from 0.4.4 to 0.4.5 by @dependabot in #309
• Bump github.com/sirupsen/logrus from 1.9.1 to 1.9.2 by @dependabot in #313
• Bump k8s.io/mount-utils from 0.27.1 to 0.27.2 by @dependabot in #316
• Bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.97.0 to 1.98.0 by @dependabot in #315
• export results per family scan by @fishkerez in #304
• Ensure that the reconcile queue tracks processing items by @sambetts-cisco in #314
• Remove abused allOf from OpenAPI v3 spec by @sambetts-cisco in #319
• Add separate backend configuration to CF template by @chrisgacsal in #322
• Add EnqueueAfter and RequeueAfter option to queue by @sambetts-cisco in #318
• chore: Added operationId for operationObjects in OpenAPI specs by @mirac-cisco in #323
• Improve logging infrastructure by @chrisgacsal in #324
• UI filters in URL by @galiail in #332
• Add revision number to VMClarity objects and support for If-Match header by @sambetts-cisco in #269
• Add support for postgres database by @sambetts-cisco in #299
• Bump minimum go version to 1.20 by @sambetts-cisco in #331
• Bump github.com/aptible/supercronic from 0.2.24 to 0.2.25 by @dependabot in #329
• Bump github.com/spf13/viper from 1.15.0 to 1.16.0 by @dependabot in #328
• feat: add creation of vmclarity cli docker image on arm64 architecture by @adamtagscherer in #362
• Ensure we cast to JSON while build JSON objects by @sambetts-cisco in #368
• Adopt reconciler logic for orchestrator by @chrisgacsal in #320
• docs: Add a demo gif, quick start and roadmap to README by @akpsgit in #369
• Remove the use of duplicated utils by @chrisgacsal in #373
• Bump github.com/onsi/gomega from 1.27.6 to 1.27.8 by @dependabot in #376
• Bump github.com/sigstore/rekor from 1.1.1 to 1.2.0 by @dependabot in #326
• Bump golang from 1.20.4-alpine to 1.20.5-alpine by @dependabot in #374
• Bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.98.0 to 1.99.0 by @dependabot in #372
• Bump github.com/sirupsen/logrus from 1.9.2 to 1.9.3 by @dependabot in #371
• Bump github.com/deepmap/oapi-codegen from 1.12.4 to 1.13.0 by @dependabot in #370
• Bump k8s.io/apimachinery from 0.26.3 to 0.27.2 by @dependabot in #375
• refactor: use Google UUID library by @chrisgacsal in #378
• refactor: ScanResult states by @chrisgacsal in #379
• Bump github.com/getkin/kin-openapi from 0.117.0 to 0.118.0 by @dependabot in #380
• fix: dont build multiarch locally by @adamtagscherer in #381
• feat: bump version for GORM and drivers by @chrisgacsal in #377
• Add ability to configure timeout for Scans by @sambetts-cisco in #273
• fix: query for ScanResults to be reconciled by @chrisgacsal in #386
• refactor: add delayed startup of Controllers by @chrisgacsal in #384
• refactor: rm UTC() unnecessary conversion by @chrisgacsal in #387
• fix: query for fetching ScanResults in Processor by @chrisgacsal in #392
• fix(ui): ScanResult status mapping by @chrisgacsal in #393
• Optimize Trends widget load time by @FrimIdan in #401
• fix(aws): support in multi-region environment by @chrisgacsal in #400
• fix(aws): incorrectly set AWS provider kind by @chrisgacsal in #399
• feat: build multi arch image from Dockerfile.backend by @adamtagscherer in #385
• fix: patching aborted scan by @chrisgacsal in #403
• refactor: reconcile event by @chrisgacsal in #402
• refactor: provider configuration by @chrisgacsal in #388
• build(deps): bump github.com/urfave/cli from 1.22.13 to 1.22.14 by @dependabot in #404
• chore(deps): bump github.com/aws/aws-sdk-go-v2 from 1.18.0 to 1.18.1 by @dependabot in #409
• chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.99.0 to 1.100.0 by @dependabot in #410
• chore(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.18.25 to 1.18.26 by @dependabot in #408
• Postgres DB driver has issues so removing the option to configure it by @sambetts-cisco in #416
• chore(deps): bump k8s.io/apimachinery from 0.27.2 to 0.27.3 by @dependabot in #413
• chore(deps): bump k8s.io/mount-utils from 0.27.2 to 0.27.3 by @dependabot in #412
• feat: bump github.com/anchore/sqlite by @chrisgacsal in #415
• chore(deps): bump google.golang.org/grpc from 1.55.0 to 1.56.0 by @dependabot in #417
• chore(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.18.26 to 1.18.27 by @dependabot in #418
• chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.100.0 to 1.100.1 by @dependabot in #419
• Add new provider for Azure by @fishkerez in #360
• chore(deps): bump github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armresources from 1.0.0 to 1.1.1 by @dependabot in #421
• chore(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.6.0 to 1.6.1 by @dependabot in #422
• APIs select/expand updates and asset scans sbom status by @galiail in #424
• ...

v0.4.0

What's Changed

• Bump actions/setup-go from 3 to 4 by @dependabot in #149
• UI - stop scan by @galiail in #260
• test: add regression tests for the chkrootkit parsing logic by @FrimIdan in #262
• Add support for stopping Scans to Orchestrator by @chrisgacsal in #218
• UI - add aborted state to asset scans by @galiail in #266
• Update kubeclarity deps by @FrimIdan in #268
• UI start scan by @galiail in #264
• Bump github.com/aws/aws-sdk-go-v2/config from 1.18.15 to 1.18.22 by @dependabot in #272
• Bump github.com/vulsio/go-exploitdb from 0.4.2 to 0.4.4 by @dependabot in #271
• Fix slice sort in chkrootkit unit test by @sambetts-cisco in #279
• Configure the CI action to trigger on merge_group by @sambetts-cisco in #280
• Bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.92.0 to 1.94.0 by @dependabot in #274
• Bump github.com/aptible/supercronic from 0.2.2 to 0.2.24 by @dependabot in #275
• Bump github.com/labstack/echo/v4 from 4.9.1 to 4.10.2 by @dependabot in #85
• Bump k8s.io/mount-utils from 0.26.2 to 0.27.1 by @dependabot in #278
• Bump github.com/deepmap/oapi-codegen from 1.12.3 to 1.12.4 by @dependabot in #43
• Bump gorm.io/datatypes from 1.1.0 to 1.2.0 by @dependabot in #276
• Handle upgrade of cloud formation with different defaults by @sambetts-cisco in #267
• Bump node from 19-slim to 20-slim by @dependabot in #263
• increase root vol size by @ryan-sheldrake in #284
• Fix grype-server container reference in the cloudformation by @sambetts-cisco in #286

New Contributors

• @ryan-sheldrake made their first contribution in #284

Full Changelog: v0.3.0...v0.4.0

v0.3.0

What's Changed

• Make CLI write reports to file for scanner jobs by @chrisgacsal in #250
• Update stalebot message to explain how to keep an issue alive by @sambetts-cisco in #258
• Scan drill down modifications - asset scans num & duration by @akpsgit in #257
• findings details update and 'hide history' filter by @galiail in #259

Full Changelog: v0.2.0...v0.3.0

v0.2.0

What's Changed

• Fix odata startswith and endswith filters by @sambetts-cisco in #248
• Make filter and orderby work for fields that need to be expanded by @sambetts-cisco in #249
• Make AWS Scanner VM InstanceType configurable by @sambetts-cisco in #251
• Separate Ingress rules from Scanner SG in cloudformation by @sambetts-cisco in #252
• Update VMClarity init so stack upgrades apply correctly by @sambetts-cisco in #253
• adding filters to UI by @galiail in #254
• UI drilldown modifications by @galiail in #255
• adding sorting to the riskiest regions widget by @galiail in #256

Full Changelog: v0.1.0...v0.2.0

v0.1.0

What's Changed

• Initial devops skeleton by @FrimIdan in #2
• Add VmClarity cloud-formation starting point by @sambetts-cisco in #1
• Orchestrator - Discovery + Run scan job by @fishkerez in #3
• backend skeleteon by @fishkerez in #4
• fix Check licenses and push .licensei.cache by @FrimIdan in #7
• Disable HTTP access for VMClarity on AWS by @sambetts-cisco in #5
• cleanup job in case of a failure by @fishkerez in #11
• DB infra by @fishkerez in #8
• Limit the resources VMClarity can manage in AWS by @sambetts-cisco in #6
• Bump alpine from 3.16 to 3.17 by @dependabot in #14
• Scanner boot script by @pbalogh-sa in #13
• Initial scanner families support by @FrimIdan in #10
• API handling scan results by @pbalogh-sa in #15
• Bump golang from 1.19.3-alpine to 1.19.4-alpine by @dependabot in #17
• Update VMClarity CLI docker build to use vmclarity-tools-base by @sambetts-cisco in #19
• Fixes to make trial run work by @sambetts-cisco in #18
• add gitleaks secret scanner by @fishkerez in #20
• Pull results on top of main. by @pbalogh-sa in #24
• Bump helm.sh/helm/v3 from 3.10.0 to 3.10.3 by @dependabot in #25
• Bump github.com/containerd/containerd from 1.6.8 to 1.6.12 by @dependabot in #26
• Bump golang from 1.19.4-alpine to 1.19.5-alpine by @dependabot in #28
• Controllers and simple db by @fishkerez in #27
• Export results from VMClarity CLI to VMClarity server by @sambetts-cisco in #22
• Turn on linting for the CLI package by @sambetts-cisco in #30
• Remove go.mod from subpackages except API and fix Makefile by @sambetts-cisco in #33
• Plumb scanner CLI into runtime scan job by @sambetts-cisco in #31
• Watch scanconfigs by @pbalogh-sa in #29
• Fixes found during trial run by @FrimIdan in #46
• Plumb secret scanning in by @FrimIdan in #35
• API read only props by @pbalogh-sa in #45
• More fixes by @FrimIdan in #50
• Debuggable scanner VM by @FrimIdan in #51
• fix export crushing when family fail to run by @fishkerez in #62
• Bump github.com/aws/aws-sdk-go-v2/config from 1.17.10 to 1.18.12 by @dependabot in #65
• Bump golang from 1.19.5-alpine to 1.20.0-alpine by @dependabot in #58
• Fix scan issues discovered during e2e testing by @sambetts-cisco in #57
• Revisit IDs in API by @pbalogh-sa in #49
• Bump github.com/Masterminds/sprig/v3 from 3.2.2 to 3.2.3 by @dependabot in #67
• Bump docker/build-push-action from 3 to 4 by @dependabot in #55
• Exploits family enricher by @fishkerez in #36
• change vpc name to VmClarityVPC by @fishkerez in #71
• Revisit Scan API model to allow for ScanConfig expand, snapshot and summary by @sambetts-cisco in #92
• E2e test guide by @sambetts-cisco in #34
• fix crush during patch by @fishkerez in #99
• Mount attached volume from CLI by @fishkerez in #90
• Add support for ODATA $filter, $select and $count on /scanConfigs by @sambetts-cisco in #84
• Resolve comments from ODATA PR and add UTs for selectTree by @sambetts-cisco in #106
• Bugs fixes by @fishkerez in #109
• Fix patch/put APIs for all the objects by @sambetts-cisco in #108
• Bump golang from 1.20.0-alpine to 1.20.2-alpine by @dependabot in #114
• backend client by @fishkerez in #110
• fix some export results issues by @FrimIdan in #123
• Clean up VMClarity documentation and repo settings according cisco-open templates by @sambetts-cisco in #112
• attach volume after running by @fishkerez in #119
• Fix AWS Scope API model validation and regions logic by @sambetts-cisco in #122
• Bump github.com/urfave/cli from 1.22.7 to 1.22.12 by @dependabot in #38
• UI with discover scopes by @akpsgit in #125
• Describe API schema for findings by @FrimIdan in #127
• scans odata by @fishkerez in #128
• add id to scan config demo data by @fishkerez in #130
• Add support for $orderby by @sambetts-cisco in #129
• Fix $select on primitive collection by @sambetts-cisco in #134
• Remove bullet list from "Type of Change" section in PR template by @sambetts-cisco in #137
• Add missing scope discovery permissions to describe VPCs and Security Groups by @akpsgit in #135
• Fix object issues by @sambetts-cisco in #143
• Fix Dockerfile.cli syntax version by @sambetts-cisco in #145
• UI backend by @fishkerez in #141
• configure number of parallel scanners from the API by @fishkerez in #147
• Fix PATCH behaviour and nil pointer issues in configwatcher by @sambetts-cisco in #148
• Fix spelling error and API field names in example scanConfig.json by @sambetts-cisco in #151
• Switch DELETE requests to 200 instead of 204 response code by @sambetts-cisco in #156
• Stop using gorm.Model to disable gorm side effects by @sambetts-cisco in #155
• Move default for maxParallelScanners out of ScanConfigData by @sambetts-cisco in #154
• Disable additional properties for majority of schemas in API by @sambetts-cisco in #152
• fix all prints in BackendClient to print the message and not the pointer by @FrimIdan in #157
• Revert "Disable additional properties for majority of schemas in API" by @akpsgit in #158
• Extend the findings APIs and export missing fields (add findings demo data) by @akpsgit in #146
• Fix a bug when scan done was never reported by @FrimIdan in #159
• UI sync and fixes new by @galiail in #162
• ui adjustments by @galiail in #165
• make sure all scan config data is being snapshot by @FrimIdan in #164
• move ui backend to a directory in root project by @fishkerez in #167
• fix an issue with verifying families errors map by @FrimIdan in #169
• workflows: api code validation by @FrimIdan in #168
• Fix relation counters in demo data by @akpsgit in #170
• Capability to use spot instance for scanner job by @pbalogh-sa in #117
• Add demo data for spot instances by @akpsgit in #173
• Move the var for disabling the orchestrator and using UI site path to be managed by viper by @akpsgit in #131
• dashboard - riskiest regions widget by @fishkerez in #163
• Make array types in API nullable by @sambetts-cisco in #166
• Periodic scan using cron api + backend support by @FrimIdan in ht...