Releases: defenseunicorns/lula
v0.10.0
0.10.0 (2024-10-25)
v0.10.0 includes a focus on updates to console and initial integration of the Profile
OSCAL model.
Console: Haven't seen console yet? lula console
is the Terminal User Interface for interacting with OSCAL files in a more human-friendly interface (all within the terminal!). Support currently includes the component-definition
and assessment-results
models. You can now get detailed views of your validations from the console view - as well as the ability to execute a validate
from the console and view the results immediately with color-coded feedback.
Profile: Users of the CLI can now generate a Profile
model with lula generate profile
. This enables authoring profiles from catalogs and begins integration paths for how Lula can augment existing artifacts that point to a profile model source artifact. Expect to see integrations in the near future across models.
Features
- console: add support for multiple input files (#729) (103ca0d)
- console: assessment results generation (#744) (6cb5933)
- console: lula validation view (#727) (481648f)
- generate: support for profile model and basic generation (#694) (cb4fc6f)
Miscellaneous
- address linter report - swallowed errors and minor test cleanup of nil checks (#740) (05a7f6e)
- build: add golangci-lint to the pipeline as a non-blocking step (#742) (fedb0c9)
- deps: update actions/checkout action to v4.2.2 (#756) (7e1a193)
- deps: update actions/setup-go action to v5.1.0 (#761) (e464cd0)
- deps: update actions/setup-node action to v4.1.0 (#759) (2fd7f86)
- deps: update anchore/sbom-action action to v0.17.4 (#731) (36ef42a)
- deps: update anchore/sbom-action action to v0.17.5 (#753) (521452c)
- deps: update github/codeql-action action to v3.26.13 (#737) (86c9376)
- deps: update github/codeql-action action to v3.27.0 (#745) (c87621e)
- deps: update kubernetes packages to v0.31.2 (#757) (259b180)
- deps: update module github.com/charmbracelet/bubbletea to v1.1.2 (#763) (83c9c3a)
- deps: update module github.com/charmbracelet/lipgloss to v0.13.1 (#755) (821643d)
- deps: update module github.com/open-policy-agent/conftest to v0.56.0 (#743) (c8b2293)
- deps: update module sigs.k8s.io/e2e-framework to v0.5.0 (#754) (1f7f3c7)
- lint: appease the linter (#746) (bcb2ab0)
- scan: integrate KICS scanning into PR pipelines (#751) (0112462)
- scanning: create gosec integration in pipelines (#739) (41bce03)
What's Changed
- chore: address linter report - swallowed errors and minor test cleanup by @mildwonkey in #740
- chore(deps): update anchore/sbom-action action to v0.17.4 by @renovate in #731
- chore(deps): update github/codeql-action action to v3.26.13 by @renovate in #737
- feat(console): add support for multiple input files by @meganwolf0 in #729
- chore(scanning): create gosec integration in pipelines by @brandtkeller in #739
- feat(generate): support for profile model and basic generation by @brandtkeller in #694
- feat(console): lula validation view by @meganwolf0 in #727
- chore: appease the linter by @mildwonkey in #746
- chore(build): add golangci-lint to the pipeline as a non-blocking step by @mildwonkey in #742
- feat(console): assessment results generation by @meganwolf0 in #744
- chore(scan): integrate KICS scanning into PR pipelines by @brandtkeller in #751
- chore(deps): update actions/setup-node action to v4.1.0 by @renovate in #759
- chore(deps): update actions/checkout action to v4.2.2 by @renovate in #756
- chore(deps): update actions/setup-go action to v5.1.0 by @renovate in #761
- chore(deps): update github/codeql-action action to v3.27.0 by @renovate in #745
- chore(deps): update anchore/sbom-action action to v0.17.5 by @renovate in #753
- chore(deps): update module github.com/open-policy-agent/conftest to v0.56.0 by @renovate in #743
- chore(deps): update kubernetes packages to v0.31.2 by @renovate in #757
- chore(deps): update module sigs.k8s.io/e2e-framework to v0.5.0 by @renovate in #754
- chore(deps): update module github.com/charmbracelet/lipgloss to v0.13.1 by @renovate in #755
- chore(deps): update module github.com/charmbracelet/bubbletea to v1.1.2 by @renovate in #763
- chore(main): release 0.10.0 by @github-actions in #736
Full Changelog: v0.9.1...v0.10.0
v0.9.1
0.9.1 (2024-10-12)
Bug Fixes
What's Changed
- fix(release): add environment to push job by @brandtkeller in #735
- chore(main): release 0.9.1 by @github-actions in #734
Full Changelog: v0.9.0...v0.9.1
v0.9.0
0.9.0 (2024-10-11)
⚠ BREAKING CHANGES
- kubernetes: wait logic kubernetes version support (#718)
Features
- compose: template files during compose operations (#686) (c1745a4)
- domains: file domain (#703) (bd4f577)
- file domain: add support for reading arbitrary files as strings (#726) (0b1c0c8)
- kubernetes: support running both create resources and resources in the kubernetes spec (#714) (6839d20)
- kubernetes: wait logic kubernetes version support (#718) (cc06251)
- release: add brew install for lula (#707) (fd1d3e0)
- validate: template oscal during runtime (#708) (3f5a110)
Bug Fixes
- add goreleaser pin version annotate (#712) (68bc101)
- composition: nil pointer in composition (#733) (8ad4209)
- console: refactor, retries, sleep to address flaky tests (#698) (02101a5)
- console: reset compdef when editing (#701) (4e25f01)
- read: error checking prior to file writes (#687) (1ab0eef)
Miscellaneous
- add global command context for program cancelation and everything else (#696) (df81cf7)
- deps: update actions/checkout action to v4.2.1 (#713) (802601a)
- deps: update actions/upload-artifact action to v4.4.3 (#711) (a954664)
- deps: update github/codeql-action action to v3.26.12 (#691) (0efb120)
- deps: update module github.com/open-policy-agent/opa to v0.69.0 (#692) (e08d695)
- deps: update module sigs.k8s.io/cli-utils to v0.37.2 (#721) (5fd0f32)
- update getting started doc to include brew install (#720) (26c3f8d)
v0.8.0
0.8.0 (2024-09-27)
This release adds multiple capabilities of focus for iteration in the near future. Console support for editing existing control description/remarks in a component definition is now supported. Adding some guardrails to template
such that we can add structure to configuration inputs and also mask/ignore templating of sensitive variables was a target. Couple with that template
also supports rendering remote resources from network locations.
lastly - as we iterate towards trust and reproducible behaviors - we added the ability to start collecting evidence payloads with the --save-resources
flag in the validate
command.
This release also included a few bug fixes for whitespace management.
⚠ BREAKING CHANGES
- template: introducing variables and sensitive configuration (#672)
Features
- console: editing a component definition (#648) (ae06e27)
- template: enable remote file templating (#680) (f16bcf6)
- template: introducing variables and sensitive configuration (#672) (5d1f232)
- validate: save validation resources (#612) (7b9a771)
Bug Fixes
Miscellaneous
- codeowners: update codeowners to reflect current team (#663) (7fceaf6)
- deps: update actions/checkout action to v4.2.0 (#681) (187b8a2)
- deps: update actions/github-script digest to 660ec11 (#669) (ea40e70)
- deps: update actions/setup-node action to v4.0.4 (#674) (643d502)
- deps: update github.com/charmbracelet/x/exp/teatest digest to 227168d (#666) (6bc23e3)
- deps: update github/codeql-action action to v3.26.8 (#673) (0ca43a1)
- deps: update github/codeql-action action to v3.26.9 (#679) (20bdbcd)
What's Changed
- fix: cleaned whitespace+newline in rego by @meganwolf0 in #671
- chore(deps): update actions/github-script digest to 660ec11 by @renovate in #669
- chore(deps): update github.com/charmbracelet/x/exp/teatest digest to 227168d by @renovate in #666
- chore(codeowners): update codeowners to reflect current team by @brandtkeller in #663
- chore(deps): update github/codeql-action action to v3.26.8 by @renovate in #673
- chore(deps): update actions/setup-node action to v4.0.4 by @renovate in #674
- fix: trim whitespace bug by @CloudBeard in #677
- feat(console): component definition write by @meganwolf0 in #648
- feat(validate): save validation resources by @meganwolf0 in #612
- feat(template)!: introducing variables and sensitive configuration by @meganwolf0 in #672
- feat(template): enable remote file templating by @brandtkeller in #680
- chore(deps): update github/codeql-action action to v3.26.9 by @renovate in #679
- chore(deps): update actions/checkout action to v4.2.0 by @renovate in #681
- chore(main): release 0.8.0 by @github-actions in #665
Full Changelog: v0.7.0...v0.8.0
v0.7.0
0.7.0 (2024-09-13)
This release includes a new lula tools template command for generically templating your oscal/validations/any file of your choice using go templating syntax. It also includes greater support for some of the root level configurations that you might want to set via configuration file such as target or summary.
It also includes some additional testing and internal improvements to the lula test/docs/release process.
Features
- config: support for target/summary in lula config (#640) (28ce6e5)
- template: template command with initial docs (#644) (89be460)
- yaml map injection (#568) (3babbc8)
Bug Fixes
- console: console testing (#629) (78e4ae9)
- gen-cli-docs: fix path for gen-cli-docs (#646) (6ec6e6f)
- test: decouple unit from e2e test workflows (#662) (a4097a1)
Miscellaneous
- deps: update actions/github-script digest to 58d7008 (#660) (642cfa3)
- deps: update actions/upload-artifact action to v4.4.0 (#635) (b342f63)
- deps: update commitlint monorepo to v19.5.0 (#656) (031b524)
- deps: update github.com/charmbracelet/x/exp/teatest digest to 162f303 (#643) (4323cb0)
- deps: update github.com/charmbracelet/x/exp/teatest digest to 9ef7ff4 (#655) (27bff1c)
- deps: update github/codeql-action action to v3.26.7 (#659) (51025b4)
- deps: update kubernetes packages to v0.31.1 (#658) (fbe7b8f)
- deps: update module github.com/charmbracelet/bubbles to v0.20.0 (#630) (4f1f3de)
- deps: update module github.com/charmbracelet/bubbletea to v1.1.1 (#633) (394b48d)
- deps: update module sigs.k8s.io/kustomize/kyaml to v0.17.2 (#638) (c66df44)
What's Changed
- feat: yaml map injection by @meganwolf0 in #568
- chore(deps): update actions/upload-artifact action to v4.4.0 by @renovate in #635
- test(console): console testing by @meganwolf0 in #629
- chore(deps): update module github.com/charmbracelet/bubbles to v0.20.0 by @renovate in #630
- chore(deps): update github.com/charmbracelet/x/exp/teatest digest to 162f303 by @renovate in #643
- chore(deps): update module sigs.k8s.io/kustomize/kyaml to v0.17.2 by @renovate in #638
- feat(config): support for target in lula config by @brandtkeller in #640
- fix(gen-cli-docs): fix path for gen-cli-docs by @brandtkeller in #646
- chore(deps): update module github.com/charmbracelet/bubbletea to v1.1.1 by @renovate in #633
- chore(deps): update actions/github-script digest to 58d7008 by @renovate in #660
- chore(deps): update github/codeql-action action to v3.26.7 by @renovate in #659
- chore(deps): update commitlint monorepo to v19.5.0 by @renovate in #656
- chore(deps): update kubernetes packages to v0.31.1 by @renovate in #658
- feat(template): template command with initial docs by @brandtkeller in #644
- fix(test): decouple unit from e2e test workflows by @brandtkeller in #662
- chore(deps): update github.com/charmbracelet/x/exp/teatest digest to 9ef7ff4 by @renovate in #655
- chore(main): release 0.7.0 by @github-actions in #637
Full Changelog: v0.6.0...v0.7.0
v0.6.0
0.6.0 (2024-08-31)
This release is an exciting advance for Lula and the OSCAL ecosystem. It includes initial development release of the Terminal User Interface that can be accessed via lula console
. Given a specified OSCAL file -> Lula will now open a TUI in the appropriate OSCAL model format with some opinionation currently on what is visualized.
Other features include a new viper integration baseline - setting the stage for future configuration and environment variable driven operations that enhance the assessment and authoring processes.
A bug fix was included in this release to ensure that any modification to component definition models updates the uuid
accordingly -> in alignment with the model specification.
Features
- configuration: add initial support for Viper command initialization (#607) (2c94c83)
- console: initial tui for component-definition read (#608) (a0338af)
Bug Fixes
Miscellaneous
- deps: update anchore/sbom-action action to v0.17.2 (#613) (4fb9090)
- deps: update commitlint monorepo to v19.4.1 (#619) (0adb2d0)
- deps: update github/codeql-action action to v3.26.2 (#600) (6601566)
- deps: update github/codeql-action action to v3.26.4 (#611) (dd592ce)
- deps: update github/codeql-action action to v3.26.5 (#616) (aa4e122)
- deps: update github/codeql-action action to v3.26.6 (#626) (488cd91)
- deps: update kubernetes packages to v0.31.0 (#594) (6dd7463)
- deps: update module github.com/open-policy-agent/opa to v0.68.0 (#628) (914b1f2)
- deps: update module github.com/spf13/viper to v1.19.0 (#618) (22fd668)
- docs: add docs generation command (#606) (4dd0450)
- docs: adding 2024 roadmap to the project documentation (#320) (120d15a)
- docs: update CODEOWNERS (#636) (77e60fe)
What's Changed
- chore(deps): update github/codeql-action action to v3.26.2 by @renovate in #600
- refactor(tests): 586 refactor unhappy path e2e tests by @meganwolf0 in #598
- docs: adding 2024 roadmap to the project documentation by @brandtkeller in #320
- chore(deps): update anchore/sbom-action action to v0.17.2 by @renovate in #613
- chore(deps): update github/codeql-action action to v3.26.4 by @renovate in #611
- chore(deps): update github/codeql-action action to v3.26.5 by @renovate in #616
- feat(configuration): add initial support for Viper command initialization by @brandtkeller in #607
- chore(deps): update module github.com/spf13/viper to v1.19.0 by @renovate in #618
- chore(docs): add docs generation command by @brandtkeller in #606
- chore(deps): update commitlint monorepo to v19.4.1 by @renovate in #619
- chore(deps): update module github.com/open-policy-agent/opa to v0.68.0 by @renovate in #628
- chore(deps): update github/codeql-action action to v3.26.6 by @renovate in #626
- feat(console): initial tui for component-defn read by @meganwolf0 in #608
- fix(oscal): ensure component definition UUID is updated on modification by @brandtkeller in #615
- chore(deps): update kubernetes packages to v0.31.0 by @renovate in #594
- feat: update CODEOWNERS by @daveworth in #636
- chore(main): release 0.6.0 by @github-actions in #604
New Contributors
- @daveworth made their first contribution in #636
Full Changelog: v0.5.1...v0.6.0
v0.5.1
0.5.1 (2024-08-16)
This release moves the Lula OSCAL namespace from https://docs.lula.dev/ns
to https://docs.lula.dev/oscal/ns
in favor of the information being available to users and nested under the OSCAL documentation. Our goal is to ensure that endpoint was properly located in the docs website and available to users as a source for which OSCAL props
Lula has provided for automation support.
Bug Fixes
Miscellaneous
- deps: update anchore/sbom-action action to v0.17.1 (#593) (ef8b546)
- deps: update github/codeql-action action to v3.26.1 (#595) (a34281c)
- docs: update issue template with expected deliverables line item (#590) (97af4ba)
- removed renovate schedule (#603) (55bbdf7)
What's Changed
- chore(docs): update issue template with expected deliverables line item by @brandtkeller in #590
- chore(deps): update anchore/sbom-action action to v0.17.1 by @renovate in #593
- chore(deps): update github/codeql-action action to v3.26.1 by @renovate in #595
- fix(docs): updated namespace doc locations and associated prop namespace url by @meganwolf0 in #602
- chore: removed renovate schedule by @meganwolf0 in #603
- chore(main): release 0.5.1 by @github-actions in #587
Full Changelog: v0.5.0...v0.5.1
v0.5.0
0.5.0 (2024-08-09)
This release improves upon re-generation with lula generate component - focusing on the elements being created or merged on successive runs. It fixes bugs in the kubernetes domain for cluster-scoped resources as well as integrates with upstream changes to our golang oscal library (go-oscal) for performing linting operations.
⚠ BREAKING CHANGES
- validation-result: bump to go-oscal v0.6.0 jsonschema v6 update (#544)
Features
Bug Fixes
- generate: component generation from catalog error handling (#573) (371d54d)
- generate: proposed transition of generation annotation to props (#574) (b7a936d)
- validate: get non-namespace scoped resources (#585) (a5b8857)
Miscellaneous
- deps: update actions/upload-artifact action to v4.3.6 (#575) (27b2e8a)
- deps: update dependency commitlint to v19.4.0 (#583) (732b22b)
- deps: update github/codeql-action action to v3.26.0 (#582) (8a92a8c)
- deps: update module github.com/open-policy-agent/opa to v0.67.1 (#577) (563e893)
- docs: initial SSP generation research docs (#548) (0891508)
What's Changed
- fix(generate): component generation fixed for many catalogs by @brandtkeller in #573
- chore(deps): update actions/upload-artifact action to v4.3.6 by @renovate in #575
- chore(deps): update module github.com/open-policy-agent/opa to v0.67.1 by @renovate in #577
- chore(deps): update github/codeql-action action to v3.26.0 by @renovate in #582
- fix(generate): proposed transition of generation annotation to props by @brandtkeller in #574
- feat(validation-result)!: bump to go-oscal v0.6.0 jsonschema v6 update by @mike-winberry in #544
- fix(validate): get non-namespace scoped resources by @meganwolf0 in #585
- chore(deps): update dependency commitlint to v19.4.0 by @renovate in #583
- chore(docs): initial-ssp-generate-doc by @CloudBeard in #548
- chore(main): release 0.5.0 by @github-actions in #578
Full Changelog: v0.4.5...v0.5.0
v0.4.5
0.4.5 (2024-08-02)
This release introduces the concept of Optionality for Component Definition standards. A component-definition should serve as a source of truth for a re-usable component across many different standards - Lula now supports specification and validation/evaluation of a given standard, validated and evaluated independent of other standards.
Bug Fixes
- release: configuration to bump minor version when including features (#576) (6bd11bb)
- validate: allow for optionality among potential standards in a component definition (#532) (ac0befb)
Miscellaneous
- deps: update actions/github-script digest to 35b1cdd (#570) (4a2b03b)
- deps: update ossf/scorecard-action action to v2.4.0 (#565) (2207d71)
What's Changed
- chore(deps): update ossf/scorecard-action action to v2.4.0 by @renovate in #565
- fix(validate): allow for optionality among potential standards in a component definition by @brandtkeller in #532
- fix(release): configuration to bump minor version when including features by @brandtkeller in #576
- chore(deps): update actions/github-script digest to 35b1cdd by @renovate in #570
- chore(main): release 0.4.5 by @github-actions in #566
Full Changelog: v0.4.4...v0.4.5
v0.4.4
0.4.4 (2024-07-26)
This release includes new output during lula evaluate
through the use of the --summary
flag to better highlight areas of improved, unchanged, or worse compliance-at-a-glance.
OSCAL writes for the current models supported are now written in a deterministic format. This alleviates long-lived data from being re-arranged, specifically when stored in version control. Better highlighting the areas of change as you maintain your OSCAL.
As always - keeping our dependencies - project or pipeline - up to date is a constant focus of of review.
Features
Bug Fixes
Miscellaneous
- deps: update github/codeql-action action to v3.25.14 (#557) (5bfd94f)
- deps: update github/codeql-action action to v3.25.15 (#564) (60e128a)
- deps: update golang to version 1.22.5 (#562) (97ff760)
- deps: update module github.com/open-policy-agent/opa to v0.67.0 (#561) (4378242)
- docs: fix simple demo command for evaluate file (33fb97c)
- docs: updated broken links (#554) (8dd24b0)
- docs: updated README for docs badge (#558) (72fd3fc)
What's Changed
- chore(docs): correcting cli command in simple demo by @ogijaoh in #549
- docs: updated broken links by @meganwolf0 in #554
- docs: updated README by @meganwolf0 in #558
- chore(deps): update github/codeql-action action to v3.25.14 by @renovate in #557
- chore(deps): update module github.com/open-policy-agent/opa to v0.67.0 by @renovate in #561
- chore(deps): update golang to version 1.22.5 by @brandtkeller in #562
- feat(evaluate): add observation details by @meganwolf0 in #540
- fix(oscal): deterministic OSCAL model write by @brandtkeller in #553
- chore(deps): update github/codeql-action action to v3.25.15 by @renovate in #564
- chore(main): release 0.4.4 by @github-actions in #546
New Contributors
Full Changelog: v0.4.3...v0.4.4