Skip to content

v0.75.1
Compare
Choose a tag to compare
@github-actions github-actions released this 04 Mar 15:21
· 1056 commits to main since this release
v0.75.1
d582374
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Chainloop release cadence is picking up speed this time with a long-awaited feature, role-based access control.

Authorization layer

#552 introduced a role based access control (RBAC) layer where uses can be within three categories viewers, admins or owners. The policy definition of each role is described in this live document.

Now, you can see the role you've assigned in each organization you are part of

$ chainloop organization ls
┌──────────────────────────────────────┬────────────────┬─────────┬───────┬─────────────────────┐
│ ORG ID                               │ ORG NAME       │ CURRENT │ ROLE  │ JOINED AT           │
├──────────────────────────────────────┼────────────────┼─────────┼───────┼─────────────────────┤
│ 93d02275-853c-4ad6-9d60-8f562b123fd2 │ read-only-demo │ false   │ admin │ 10 Jul 23 09:23 UTC │
├──────────────────────────────────────┼────────────────┼─────────┼───────┼─────────────────────┤
│ d3e9f368-495f-4697-910c-b5fe68468552 │ chainloop      │ true    │ admin │ 03 Jan 23 13:25 UTC │
├──────────────────────────────────────┼────────────────┼─────────┼───────┼─────────────────────┤
│ 9d827670-24e5-40ce-b9ce-f9221f95eff9 │ test-read-only │ false   │ owner │ 04 Mar 24 14:31 UTC │
├──────────────────────────────────────┼────────────────┼─────────┼───────┼─────────────────────┤
│ 842f5931-21a4-4e17-98a4-970e95999b08 │ chainloop-test │ false   │ admin │ 04 Jan 23 00:05 UTC │
└──────────────────────────────────────┴────────────────┴─────────┴───────┴─────────────────────┘

and invite users to your organization with a specific role in mind.

chainloop organization invitation create --receiver john@cyberdyne.io --role viewer
┌──────────────────────────────────────┬───────────────────┬────────┬─────────┬─────────────────────┐
│ ID                                   │ RECEIVER EMAIL    │ ROLE   │ STATUS  │ CREATED AT          │
├──────────────────────────────────────┼───────────────────┼────────┼─────────┼─────────────────────┤
│ ed3a5ed2-c8fa-4ba8-bbf6-fbfe70ed8ab2 │ john@cyberdyne.io │ viewer │ pending │ 04 Mar 24 19:17 UTC │
└──────────────────────────────────────┴───────────────────┴────────┴─────────┴─────────────────────┘

and soon, see and manage each member of your organization #558

What's Changed

  • Bump Helm Chart Version => v0.70.0 by @github-actions in #549
  • feat(authz): implement read-only viewer role by @migmartri in #552
  • feat(controlplane): scope invitation system by @migmartri in #553
  • feat(controlplane): show role information in API by @migmartri in #554
  • chore(db): update workflow_run revision used by @migmartri in #557
  • chore(controlplane): continue invite system org scope by @migmartri in #555
  • refactor: move membership API service to user by @migmartri in #559
  • feat(controlplane): set role during invitation by @migmartri in #556
  • feat(controlplane): org membership API by @migmartri in #560
  • feat(controlplane): domain based allow-listing by @migmartri in #563
  • Bump Helm Chart Version => v0.75.0 by @github-actions in #564
  • fix: allow viewers to change or leave the org by @migmartri in #565

Full Changelog: v0.70.0...v0.75.1

Contributors

migmartri
Assets 15
Loading