1.3.3

[1.3.3] - 2025-01-27

🚀 Features

• Upgrade the Cosmian base image v0.1.11 to upgrade Azure Ubuntu 22.04 to 24.04 (#168)
• Regenerate all images with the new base image v0.1.11 (#168)
• Bump KMS version from 4.21.1 to 4.21.2
• AWS RHEL: Bump version to 9.4 (RHEL-9.4.0_HVM-20241210-x86_64-0-Hourly2-GP3)

🐛 Bug Fixes

• Revert changes on AI runner systemd service file (#168)
• GCP RHEL: Do not upgrade all RHEL packages - just refresh cache (#168)
• For releases, clean Github cache before anything

1.3.2

[1.3.2] - 2025-01-18

🚀 Features

• Bump KMS from 4.19.3 to 4.21.1 (#167)

🐛 Bug Fixes

• List of bug fixes in (#167):
  • About KMS systemd service:
    • service must wait for mount_luks service but using Requires argument
    • Also StandardOutput to syslog+console to display stdout
  • Make 9998 the default local Nginx port for KMS. No extra conf to do anymore on cosmian CLI side
  • Fix CVE of idna crate by upgrading it from 0.5.0 to 1.0.3.

🧪 Testing

• Test in Ansible if KMS service is up:
  • after first boot, first reboot and after a cosmian_vm app init configuration
• Display TPM PCR-7 before and after first reboot

⚙️ Miscellaneous Tasks

• Add dev-container files for VSCode

1.3.1

[1.3.1] - 2024-10-30

🚀 Features

• Add TDX GCP license (#164)
• Bump KMS version to 4.19.3 (#165)

1.3.0

[1.3.0] - 2024-10-18

🚀 Features

• RHEL: Add cosmiand SELinux module on RHEL to protect scripts and configuration through IMA measurements (#151)
  • Bump Base Image to 0.1.10
  • Add SELinux documentation on #96
• RHEL TDX on GCP (#158)
  • Note: Ubuntu and RedHat GCP images upgraded -> using now Cosmian Base Image version 0.1.10 for all images
• Bump KMS version to 4.19.1 (#160)

🧪 CI

• Make products testable individually in Github CI (#159)
• Simplify versions bump (#157)
• Remove symbolic links from libtdx_attest.so (#156)

1.2.9

[1.2.9] - 2024-10-09

🚀 Features

• RHEL:
  • Build AI Runner images also on RHEL (#155)

🧪 CI

• Bump Cosmian Base image to 0.1.9:
  • Azure: RHEL: update 9_3_cvm_sev_snp à 9_4_cvm (#155)
• Make CI non-blocking a tags even if tests fail (#155)
• Display kernel version (#155)
• Bump KMS version to 4.19.0

⚙️ Miscellaneous Tasks

• AI Runner: Change installation folder from /src/ to /opt/ where SELinux label are usr_t

1.2.8

[1.2.8] - 2024-09-30

🧪 CI

• Du to Azure certification process, use the last RedHat kernel on Redhat images (#154)
  • Cosmian VM, KMS and AI runner images are now based on Cosmian Base Image version 0.1.8

⚙️ Miscellaneous Tasks

• Bump libtdx_attest.so from 1.21.100.3 to 1.22.100.3 (#154)

1.2.7

[1.2.7] - 2024-09-12

🐛 Bug Fixes

• Cleanup old RedHat kernels for Azure certification process (#150)

🧪 CI

• Bump KMS version to 4.18.0
• Small fix about tags detection in Bash (#152)

1.2.6

[1.2.6] - 2024-09-06

🚀 Features

• Make KMS/AI images usable even if KMS/AI softs have not been configured (#148)

🐛 Bug Fixes

• Upgrade GCP official images to last versions (#149) and use Cosmian base image 0.1.6:
  • ubuntu-2404-noble-amd64-v20240523a -> ubuntu-2404-noble-amd64-v20240830
  • rhel-9-v20240515 -> rhel-9-v20240815

🧪 CI

• Wait for agent to be ready before verifying snapshot (#144)
• AWS: Make aws-packer-build.sh standalone (#145)

⚙️ Miscellaneous Tasks

• Copy AWS images from eu to us for marketplace (#146)
• Update crates versions for security reasons verified via cargo deny (#147)

1.2.5

[1.2.5] - 2024-07-08

🚀 Features

• (Azure) Add KMS FIPS image. (#142)
• Bump KMS version to 4.17.0 (#142)

🐛 Bug Fixes

• Fix uninstall of DEB/RPM packages (#142)

⚙️ Miscellaneous Tasks

• (Azure) Clean OS disk if exist on packer build

1.2.4

[1.2.4] - 2024-06-28

🐛 Bug Fixes

• Timing variability in curve25519-dalek's Scalar29::sub/Scalar52::sub (#141)

📚 Documentation

• Move cloud providers images info in main README.md
• Create dedicated CHANGELOG for Cosmian base image

⚙️ Miscellaneous Tasks

• Create Debian and RPM packages for Ubuntu 22.04/24.04 and RedHat 9 (#112)
• Add bash script for VM image definition creation