mirror of
https://github.com/CloudNebulaProject/barycenter.git
synced 2026-04-10 21:20:41 +00:00
221406b1a2
Add comprehensive release automation: **GitHub Actions Release Workflow:** - Triggers on version tags (v*.*.*) - Builds multi-platform Docker images (amd64, arm64) - Publishes to GitHub Container Registry (ghcr.io) - Creates GitHub Releases with auto-generated changelogs - Generates build provenance attestations for supply chain security - Semantic versioning with tag variants (v1.0.0, 1.0, 1) **cargo-release Configuration:** - Automated version bumping in Cargo.toml - Updates CHANGELOG.md with version and date - Syncs Helm chart versions (Chart.yaml) - Creates git tags and commits - Pushes to remote automatically - Enforces main branch releases **Release Documentation:** - RELEASE.md with complete release process guide - CHANGELOG.md following Keep a Changelog format - Updated README.md with deployment and release sections - Instructions for patch, minor, and major releases - Dry-run support for testing - Hotfix and rollback procedures **Usage:** To create a release, simply run: cargo install cargo-release cargo release minor --execute This will: 1. Bump version in all relevant files 2. Update changelog 3. Create git tag 4. Trigger Docker image build and publish 5. Create GitHub Release with notes Docker images will be available at: ghcr.io/[owner]/barycenter:v1.0.0 ghcr.io/[owner]/barycenter:1.0 ghcr.io/[owner]/barycenter:1 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
40 lines
1.4 KiB
Markdown
40 lines
1.4 KiB
Markdown
# Changelog
|
|
|
|
All notable changes to this project will be documented in this file.
|
|
|
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
|
|
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
|
|
|
## [Unreleased]
|
|
|
|
### Added
|
|
- Initial release of Barycenter OpenID Connect Identity Provider
|
|
- OAuth 2.0 Authorization Code flow with PKCE (S256)
|
|
- Dynamic client registration
|
|
- ID Token signing (RS256) with at_hash and nonce support
|
|
- UserInfo endpoint with Bearer token authentication
|
|
- OpenID Discovery and JWKS publication
|
|
- User registration and authentication with session management
|
|
- Property storage API for arbitrary user properties
|
|
- Comprehensive deployment configurations:
|
|
- Docker and Docker Compose
|
|
- Kubernetes Helm chart with Ingress support
|
|
- Kubernetes Gateway API support
|
|
- systemd service for Linux
|
|
- FreeBSD rc.d script
|
|
- illumos/Solaris SMF manifest
|
|
- Security headers and Cache-Control for token endpoint
|
|
- Rate limiting for authentication endpoints
|
|
- Integration tests with openidconnect-rs and oauth2-rs libraries
|
|
|
|
### Security
|
|
- Password hashing with Argon2
|
|
- PKCE S256 enforcement
|
|
- CSRF protection with state parameter
|
|
- Security headers (X-Frame-Options, CSP, etc.)
|
|
- Non-root user execution in containers
|
|
- Extensive systemd security hardening
|
|
|
|
## [0.1.0] - 2025-11-29
|
|
|
|
Initial development version.
|