eraser-dev/eraser v1.1.0

on GitHub

Notable changes

• ✏️ collector pods are now called eraser and eraser containers are now called remover to simplify naming.
• 🚨 Update to default severity level for the Trivy scanner to include CRITICAL, HIGH, MEDIUM, LOW vulnerabilities. This behavior can be customized via eraser configmap .
• 💀 Eraser will now remove non-running end-of-life (EOL) images, by default. This behavior can be customized with deleteEOLImages flag in eraser configmap.

Features

• (e2e tests) Install helm from repo, then upgrade (#673) #673 (Peter Engelbert)
• add to default severity levels (#695) #695 (Sertaç Özercan)
• remove eol images (#696) #696 (Sertaç Özercan)
• create unversioned API version for EraserConfig (#708) #708 (Peter Engelbert)
• rename collector pods and eraser container (#675) #675 (ashnamehrotra)

Bug Fixes

• add pull secrets in image list job (#652) #652 (shaofan)
• fix lint (#672) #672 (Sertaç Özercan)
• restore ability to catch broken scanner (#706) #706 (Peter Engelbert)
• check delete eol flag (#712) #712 (Sertaç Özercan)

Documentation

• Add configmap docs (#645) #645 (Peter Engelbert)
• Fix broken links (#648) #648 (Peter Engelbert)
• update with v1 imagelist (#664) #664 (Sertaç Özercan)
• clarify support policy for managed version (#670) #670 (Xander Grzywinski)
• add roadmap link to readme (#680) #680 (Xander Grzywinski)
• add docs on how eraser is different from native garbage collection (#718) #718 (Xander Grzywinski)
• fix install v1.0.0 link (#723) #723 (Sertaç Özercan)
• update openssf scorecard badge (#700) #700 (Sertaç Özercan)

Continuous Integration

• Add e2e test for pull secrets in imagelist mode (#653) #653 (Peter Engelbert)
• remove k8s 1.23 from test matrix (#657) #657 (Sertaç Özercan)
• build images once (#681) #681 (Peter Engelbert)
• add openssf scorecard action (#685) #685 (Sertaç Özercan)
• [StepSecurity] Apply security best practices (#713) #713 (StepSecurity Bot)

Chores

• bump actions/cache from 3.2.5 to 3.2.6 (#650) #650 (dependabot[bot])
• bump step-security/harden-runner from 2.1.0 to 2.2.0 (#649) #649 (dependabot[bot])
• bump github/codeql-action from 2.2.4 to 2.2.5 (#651) #651 (dependabot[bot])
• bump step-security/harden-runner from 2.2.0 to 2.2.1 (#658) #658 (dependabot[bot])
• bump github/codeql-action from 2.2.5 to 2.2.6 (#659) #659 (dependabot[bot])
• bump @sideway/formula from 3.0.0 to 3.0.1 in /docs (#661) #661 (dependabot[bot])
• bump actions/cache from 3.2.6 to 3.3.1 (#662) #662 (dependabot[bot])
• bump webpack from 5.74.0 to 5.76.2 in /docs (#666) #666 (dependabot[bot])
• bump actions/setup-go from 3 to 4 (#667) #667 (dependabot[bot])
• bump github/codeql-action from 2.2.6 to 2.2.9 (#682) #682 (dependabot[bot])
• bump @docusaurus/core from 2.3.1 to 2.4.0 in /docs (#677) #677 (dependabot[bot])
• bump @docusaurus/preset-classic from 2.3.1 to 2.4.0 in /docs (#678) #678 (dependabot[bot])
• bump @docusaurus/module-type-aliases from 2.3.1 to 2.4.0 in /docs (#679) #679 (dependabot[bot])
• bump actions/dependency-review-action from 3.0.3 to 3.0.4 (#676) #676 (dependabot[bot])
• bump runc and buildkit deps (#698) #698 (Sertaç Özercan)
• bump go 1.20 (#699) #699 (Sertaç Özercan)
• bump actions/setup-go from 3 to 4 (#694) #694 (dependabot[bot])
• bump ossf/scorecard-action from 2.1.2 to 2.1.3 (#702) #702 (dependabot[bot])
• bump github/codeql-action from 2.2.9 to 2.3.0 (#710) #710 (dependabot[bot])
• bump codecov/codecov-action from 3.1.1 to 3.1.3 (#709) #709 (dependabot[bot])
• bump step-security/harden-runner from 2.2.1 to 2.3.1 (#711) #711 (dependabot[bot])
• bump peter-evans/create-pull-request from 4 to 5 (#693) #693 (dependabot[bot])
• bump actions/checkout from 3.0.2 to 3.5.2 (#714) #714 (dependabot[bot])
• bump github/codeql-action from 2.3.0 to 2.3.1 (#715) #715 (dependabot[bot])
• bump golang from 595c9af to d282e70 in /build/tooling (#720) #720 (dependabot[bot])
• bump github/codeql-action from 2.3.1 to 2.3.2 (#717) #717 (dependabot[bot])
• bump golang from d282e70 to 995b84e in /build/tooling (#725) #725 (dependabot[bot])
• remove leader election role (#724) #724 (Sertaç Özercan)
• cherry pick prepare release into release-1.1 (#730) #730 (ashnamehrotra)
• cherry pick release fix into release-1.1 (#733) #733 (ashnamehrotra)