v0.7.0

0.7.0 (2024-09-13)

This release includes a new lula tools template command for generically templating your oscal/validations/any file of your choice using go templating syntax. It also includes greater support for some of the root level configurations that you might want to set via configuration file such as target or summary.

It also includes some additional testing and internal improvements to the lula test/docs/release process.

Features

• config: support for target/summary in lula config (#640) (28ce6e5)
• template: template command with initial docs (#644) (89be460)
• yaml map injection (#568) (3babbc8)

Bug Fixes

• console: console testing (#629) (78e4ae9)
• gen-cli-docs: fix path for gen-cli-docs (#646) (6ec6e6f)
• test: decouple unit from e2e test workflows (#662) (a4097a1)

Miscellaneous

• deps: update actions/github-script digest to 58d7008 (#660) (642cfa3)
• deps: update actions/upload-artifact action to v4.4.0 (#635) (b342f63)
• deps: update commitlint monorepo to v19.5.0 (#656) (031b524)
• deps: update github.com/charmbracelet/x/exp/teatest digest to 162f303 (#643) (4323cb0)
• deps: update github.com/charmbracelet/x/exp/teatest digest to 9ef7ff4 (#655) (27bff1c)
• deps: update github/codeql-action action to v3.26.7 (#659) (51025b4)
• deps: update kubernetes packages to v0.31.1 (#658) (fbe7b8f)
• deps: update module github.com/charmbracelet/bubbles to v0.20.0 (#630) (4f1f3de)
• deps: update module github.com/charmbracelet/bubbletea to v1.1.1 (#633) (394b48d)
• deps: update module sigs.k8s.io/kustomize/kyaml to v0.17.2 (#638) (c66df44)

What's Changed

• feat: yaml map injection by @meganwolf0 in #568
• chore(deps): update actions/upload-artifact action to v4.4.0 by @renovate in #635
• test(console): console testing by @meganwolf0 in #629
• chore(deps): update module github.com/charmbracelet/bubbles to v0.20.0 by @renovate in #630
• chore(deps): update github.com/charmbracelet/x/exp/teatest digest to 162f303 by @renovate in #643
• chore(deps): update module sigs.k8s.io/kustomize/kyaml to v0.17.2 by @renovate in #638
• feat(config): support for target in lula config by @brandtkeller in #640
• fix(gen-cli-docs): fix path for gen-cli-docs by @brandtkeller in #646
• chore(deps): update module github.com/charmbracelet/bubbletea to v1.1.1 by @renovate in #633
• chore(deps): update actions/github-script digest to 58d7008 by @renovate in #660
• chore(deps): update github/codeql-action action to v3.26.7 by @renovate in #659
• chore(deps): update commitlint monorepo to v19.5.0 by @renovate in #656
• chore(deps): update kubernetes packages to v0.31.1 by @renovate in #658
• feat(template): template command with initial docs by @brandtkeller in #644
• fix(test): decouple unit from e2e test workflows by @brandtkeller in #662
• chore(deps): update github.com/charmbracelet/x/exp/teatest digest to 9ef7ff4 by @renovate in #655
• chore(main): release 0.7.0 by @github-actions in #637

Full Changelog: v0.6.0...v0.7.0

v0.6.0

0.6.0 (2024-08-31)

This release is an exciting advance for Lula and the OSCAL ecosystem. It includes initial development release of the Terminal User Interface that can be accessed via lula console. Given a specified OSCAL file -> Lula will now open a TUI in the appropriate OSCAL model format with some opinionation currently on what is visualized.

Other features include a new viper integration baseline - setting the stage for future configuration and environment variable driven operations that enhance the assessment and authoring processes.

A bug fix was included in this release to ensure that any modification to component definition models updates the uuid accordingly -> in alignment with the model specification.

Features

• configuration: add initial support for Viper command initialization (#607) (2c94c83)
• console: initial tui for component-definition read (#608) (a0338af)

Bug Fixes

• oscal: ensure component definition UUID is updated on modification (#615) (5516482)

Miscellaneous

• deps: update anchore/sbom-action action to v0.17.2 (#613) (4fb9090)
• deps: update commitlint monorepo to v19.4.1 (#619) (0adb2d0)
• deps: update github/codeql-action action to v3.26.2 (#600) (6601566)
• deps: update github/codeql-action action to v3.26.4 (#611) (dd592ce)
• deps: update github/codeql-action action to v3.26.5 (#616) (aa4e122)
• deps: update github/codeql-action action to v3.26.6 (#626) (488cd91)
• deps: update kubernetes packages to v0.31.0 (#594) (6dd7463)
• deps: update module github.com/open-policy-agent/opa to v0.68.0 (#628) (914b1f2)
• deps: update module github.com/spf13/viper to v1.19.0 (#618) (22fd668)
• docs: add docs generation command (#606) (4dd0450)
• docs: adding 2024 roadmap to the project documentation (#320) (120d15a)
• docs: update CODEOWNERS (#636) (77e60fe)

What's Changed

• chore(deps): update github/codeql-action action to v3.26.2 by @renovate in #600
• refactor(tests): 586 refactor unhappy path e2e tests by @meganwolf0 in #598
• docs: adding 2024 roadmap to the project documentation by @brandtkeller in #320
• chore(deps): update anchore/sbom-action action to v0.17.2 by @renovate in #613
• chore(deps): update github/codeql-action action to v3.26.4 by @renovate in #611
• chore(deps): update github/codeql-action action to v3.26.5 by @renovate in #616
• feat(configuration): add initial support for Viper command initialization by @brandtkeller in #607
• chore(deps): update module github.com/spf13/viper to v1.19.0 by @renovate in #618
• chore(docs): add docs generation command by @brandtkeller in #606
• chore(deps): update commitlint monorepo to v19.4.1 by @renovate in #619
• chore(deps): update module github.com/open-policy-agent/opa to v0.68.0 by @renovate in #628
• chore(deps): update github/codeql-action action to v3.26.6 by @renovate in #626
• feat(console): initial tui for component-defn read by @meganwolf0 in #608
• fix(oscal): ensure component definition UUID is updated on modification by @brandtkeller in #615
• chore(deps): update kubernetes packages to v0.31.0 by @renovate in #594
• feat: update CODEOWNERS by @daveworth in #636
• chore(main): release 0.6.0 by @github-actions in #604

New Contributors

• @daveworth made their first contribution in #636

Full Changelog: v0.5.1...v0.6.0

v0.5.1

0.5.1 (2024-08-16)

This release moves the Lula OSCAL namespace from https://docs.lula.dev/ns to https://docs.lula.dev/oscal/ns in favor of the information being available to users and nested under the OSCAL documentation. Our goal is to ensure that endpoint was properly located in the docs website and available to users as a source for which OSCAL props Lula has provided for automation support.

Bug Fixes

• docs: updated namespace doc locations and associated prop namespace url (#602) (ee7df0b)

Miscellaneous

• deps: update anchore/sbom-action action to v0.17.1 (#593) (ef8b546)
• deps: update github/codeql-action action to v3.26.1 (#595) (a34281c)
• docs: update issue template with expected deliverables line item (#590) (97af4ba)
• removed renovate schedule (#603) (55bbdf7)

What's Changed

• chore(docs): update issue template with expected deliverables line item by @brandtkeller in #590
• chore(deps): update anchore/sbom-action action to v0.17.1 by @renovate in #593
• chore(deps): update github/codeql-action action to v3.26.1 by @renovate in #595
• fix(docs): updated namespace doc locations and associated prop namespace url by @meganwolf0 in #602
• chore: removed renovate schedule by @meganwolf0 in #603
• chore(main): release 0.5.1 by @github-actions in #587

Full Changelog: v0.5.0...v0.5.1

v0.5.0

0.5.0 (2024-08-09)

This release improves upon re-generation with lula generate component - focusing on the elements being created or merged on successive runs. It fixes bugs in the kubernetes domain for cluster-scoped resources as well as integrates with upstream changes to our golang oscal library (go-oscal) for performing linting operations.

⚠ BREAKING CHANGES

• validation-result: bump to go-oscal v0.6.0 jsonschema v6 update (#544)

Features

• validation-result: bump to go-oscal v0.6.0 jsonschema v6 update (#544) (5e75714)

Bug Fixes

• generate: component generation from catalog error handling (#573) (371d54d)
• generate: proposed transition of generation annotation to props (#574) (b7a936d)
• validate: get non-namespace scoped resources (#585) (a5b8857)

Miscellaneous

• deps: update actions/upload-artifact action to v4.3.6 (#575) (27b2e8a)
• deps: update dependency commitlint to v19.4.0 (#583) (732b22b)
• deps: update github/codeql-action action to v3.26.0 (#582) (8a92a8c)
• deps: update module github.com/open-policy-agent/opa to v0.67.1 (#577) (563e893)
• docs: initial SSP generation research docs (#548) (0891508)

What's Changed

• fix(generate): component generation fixed for many catalogs by @brandtkeller in #573
• chore(deps): update actions/upload-artifact action to v4.3.6 by @renovate in #575
• chore(deps): update module github.com/open-policy-agent/opa to v0.67.1 by @renovate in #577
• chore(deps): update github/codeql-action action to v3.26.0 by @renovate in #582
• fix(generate): proposed transition of generation annotation to props by @brandtkeller in #574
• feat(validation-result)!: bump to go-oscal v0.6.0 jsonschema v6 update by @mike-winberry in #544
• fix(validate): get non-namespace scoped resources by @meganwolf0 in #585
• chore(deps): update dependency commitlint to v19.4.0 by @renovate in #583
• chore(docs): initial-ssp-generate-doc by @CloudBeard in #548
• chore(main): release 0.5.0 by @github-actions in #578

Full Changelog: v0.4.5...v0.5.0

v0.4.5

0.4.5 (2024-08-02)

This release introduces the concept of Optionality for Component Definition standards. A component-definition should serve as a source of truth for a re-usable component across many different standards - Lula now supports specification and validation/evaluation of a given standard, validated and evaluated independent of other standards.

Bug Fixes

• release: configuration to bump minor version when including features (#576) (6bd11bb)
• validate: allow for optionality among potential standards in a component definition (#532) (ac0befb)

Miscellaneous

• deps: update actions/github-script digest to 35b1cdd (#570) (4a2b03b)
• deps: update ossf/scorecard-action action to v2.4.0 (#565) (2207d71)

What's Changed

• chore(deps): update ossf/scorecard-action action to v2.4.0 by @renovate in #565
• fix(validate): allow for optionality among potential standards in a component definition by @brandtkeller in #532
• fix(release): configuration to bump minor version when including features by @brandtkeller in #576
• chore(deps): update actions/github-script digest to 35b1cdd by @renovate in #570
• chore(main): release 0.4.5 by @github-actions in #566

Full Changelog: v0.4.4...v0.4.5

v0.4.4

0.4.4 (2024-07-26)

This release includes new output during lula evaluate through the use of the --summary flag to better highlight areas of improved, unchanged, or worse compliance-at-a-glance.

OSCAL writes for the current models supported are now written in a deterministic format. This alleviates long-lived data from being re-arranged, specifically when stored in version control. Better highlighting the areas of change as you maintain your OSCAL.

As always - keeping our dependencies - project or pipeline - up to date is a constant focus of of review.

Features

• evaluate: add observation summary (#540) (8a07833)

Bug Fixes

• oscal: deterministic OSCAL model write (#553) (5493df1)

Miscellaneous

• deps: update github/codeql-action action to v3.25.14 (#557) (5bfd94f)
• deps: update github/codeql-action action to v3.25.15 (#564) (60e128a)
• deps: update golang to version 1.22.5 (#562) (97ff760)
• deps: update module github.com/open-policy-agent/opa to v0.67.0 (#561) (4378242)
• docs: fix simple demo command for evaluate file (33fb97c)
• docs: updated broken links (#554) (8dd24b0)
• docs: updated README for docs badge (#558) (72fd3fc)

What's Changed

• chore(docs): correcting cli command in simple demo by @ogijaoh in #549
• docs: updated broken links by @meganwolf0 in #554
• docs: updated README by @meganwolf0 in #558
• chore(deps): update github/codeql-action action to v3.25.14 by @renovate in #557
• chore(deps): update module github.com/open-policy-agent/opa to v0.67.0 by @renovate in #561
• chore(deps): update golang to version 1.22.5 by @brandtkeller in #562
• feat(evaluate): add observation details by @meganwolf0 in #540
• fix(oscal): deterministic OSCAL model write by @brandtkeller in #553
• chore(deps): update github/codeql-action action to v3.25.15 by @renovate in #564
• chore(main): release 0.4.4 by @github-actions in #546

New Contributors

• @ogijaoh made their first contribution in #549

Full Changelog: v0.4.3...v0.4.4

v0.4.3

0.4.3 (2024-07-19)

This release contains a small list of features, fixes, and dependency updates. The main feature in this release is the inclusion of the JSON schema for a Lula Validation. This is schema can be used in developing validations, as the schema can be imported into the IDE of choice (from /src/pkg/common/schemas/validation.json). Thelula dev lint command can be used to lint a validation manifest. Additionally, improperly structured validations will be identified in lula validate and lula tools compose.

Some docs updates and additions are also part of this release in support of the impending rollout of the Lula website.

Features

• common: json schema linting for common validation(s) (#473) (23a45b6)

Bug Fixes

• release: add option to milestone for release process (#535) (6fe64d8)
• test: updated uuid in kyverno validation (#539) (81446d9)

Miscellaneous

• deps: update anchore/sbom-action action to v0.17.0 (#541) (7c29fb7)
• deps: update github/codeql-action action to v3.25.13 (#507) (dc6cb88)
• deps: update kubernetes packages to v0.30.3 (#543) (1bdefce)
• docs: initial docs structure/changes for feedback (#524) (c276fdd)

What's Changed

• feat(common): json schema linting for common validation(s) by @mike-winberry in #473
• fix(test): updated uuid in kyverno validation by @CloudBeard in #539
• chore(docs): initial docs structure/changes for feedback by @meganwolf0 in #524
• fix(release): add option to milestone for release process by @brandtkeller in #535
• chore(deps): update kubernetes packages to v0.30.3 by @renovate in #543
• chore(deps): update anchore/sbom-action action to v0.17.0 by @renovate in #541
• chore(deps): update github/codeql-action action to v3.25.13 by @renovate in #507
• chore(main): release 0.4.3 by @github-actions in #534

Full Changelog: v0.4.2...v0.4.3

v0.4.2

0.4.2 (2024-07-10)

This release fixes several bugs with the evaluate, generate, and upgrade commands, and includes several dependency updates.

Evaluate now allows for setting the threshold property to true for instances where you're running evaluate against an assessment-result that only has one result.

Generate for component-definitions now adds a text block within the component's remark field to describe how to reproduce the generation of the component.

Upgrade now handles errors for instances when the file selected does not exist. It also has the input file flag as a requirement.

Smaller changes of note, the lula.dev website codebase has been removed from the Lula repo into a dedicated repo.

Bug Fixes

• evaluate: set threshold on single result evaluation (#519) (9424ec5)
• generate: create annotation in remarks for how to reproduce the generation of a component (#520) (6b59daf)
• upgrade: error handling for non-existent oscal (#529) (58c03d5)

Miscellaneous

• deps: update actions/download-artifact action to v4.1.8 (#522) (f628db8)
• deps: update actions/setup-go action to v5.0.2 (#530) (d6fa46e)
• deps: update actions/setup-node action to v4.0.3 (#526) (de146f7)
• deps: update actions/upload-artifact action to v4.3.4 (#523) (1d2334b)
• deps: update anchore/sbom-action action to v0.16.1 (#528) (ebdf05c)
• website: website removal (#525) (575044c)

What's Changed

• fix(evaluate): set threshold on single result evaluation by @brandtkeller in #519
• fix(generate): reproducing a generation annotation by @brandtkeller in #520
• fix(upgrade): error handling for non-existent oscal by @brandtkeller in #529
• chore(deps): update actions/download-artifact action to v4.1.8 by @renovate in #522
• chore(deps): update actions/upload-artifact action to v4.3.4 by @renovate in #523
• chore(deps): update actions/setup-node action to v4.0.3 by @renovate in #526
• chore(deps): update actions/setup-go action to v5.0.2 by @renovate in #530
• chore(deps): update anchore/sbom-action action to v0.16.1 by @renovate in #528
• chore(website): website removal by @brandtkeller in #525
• chore(main): release 0.4.2 by @github-actions in #512

Full Changelog: v0.4.1...v0.4.2

v0.4.1

v0.4.1 (2024-06-29)

Compare v0.4.1...v0.3.0

This release introduces the ability to create kubernetes resources for use in testing correct functionality of intended applications that monitor kubernetes resources (such as admission and mutation controllers). This is considered an "executable" validation in which Lula will prompt imperative execution to confirm

Linting has been expanded to allow for many files to be linted in a single execution using the lula tools lint -f file1,file2 or lula tools lint -f file1 -f file2 format.

A threshold prop has been added to assessment-results to aid in the discovery of required threshold for evaluate operations.

Additionally the workflow for writing any model to a file now allows for a default stance by model type as well as custom filepath/name when specified with -o filename when applicable. In order to maintain schema compliance - Lula will validate that existing files and merge operations contain the single-targeted model.

⚠ BREAKING CHANGES

• validate: #408 create resources in kubernetes domain (#415)

Features

• tools: add looping for lint (#481) (0d69a45)
• validate: #408 create resources in kubernetes domain (#415) (bd8d72b)

Bug Fixes

• release: proper flag utilization (#511) (ecefd9a)
• commitlint: pinned dependency issue by extracting into package(-… (#454) (17ac8ca)
• evaluate: add support for existing control-id becoming satisfied (#498) (471e9c5)
• evaluate: establish threshold for assessment results result (#457) (4571cb8)
• generate: resolve parent flag options properly (#442) (5850115)
• oscal: single model write operations support (#502) (3646650)
• validate: fix related observations when empty (#448) (f6f6993)

Miscellaneous

• actions: fix code scanning alerts (#446) (aa568c7)
• deps: add tag to release please action (#496) (3596491)
• deps: update actions/checkout action to v4.1.7 (#479) (962fd2f)
• deps: update dependency linkinator to v6.0.5 (#458) (dfa1cbe)
• deps: update dependency markdownlint-cli to v0.41.0 (#443) (27c0e94)
• deps: update dependency prettier to v3.3.1 (#459) (c999b78)
• deps: update github/codeql-action action to v3.25.10 (#476) (e2e74eb)
• deps: update github/codeql-action action to v3.25.7 (#452) (2583eea)
• deps: update github/codeql-action action to v3.25.8 (#463) (0e7f844)
• deps: update googleapis/release-please-action digest to 7987652 (#472) (d50b034)
• deps: update goreleaser/goreleaser-action action to v6 (#464) (e74b9d5)
• deps: update kubernetes packages to v0.30.2 (#477) (679d2c8)
• deps: update module github.com/defenseunicorns/go-oscal to v0.4.3 (#470) (5c78254)
• deps: update module github.com/defenseunicorns/go-oscal to v0.5.0 (#492) (c5d128f)
• deps: update module github.com/kyverno/kyverno-json to v0.0.3 (#453) (1dc96e8)
• deps: update module github.com/open-policy-agent/opa to v0.65.0 (#451) (7867a3c)
• deps: update module github.com/open-policy-agent/opa to v0.66.0 (#505) (7692e33)
• deps: update module github.com/spf13/cobra to v1.8.1 (#485) (aaeba70)
• docs: cleanup unused readme conflicting in docs build (#489) (19a3f61)
• docs: re-organize docs for docs website consumption (#495) (24c24f0)
• fix documentation links (#487) (4f96ec5)

v0.4.0

v0.4.0 (2024-06-28)

Warning

Issue with release workflow updates - Use v0.4.1

This release introduces the ability to create kubernetes resources for use in testing correct functionality of intended applications that monitor kubernetes resources (such as admission and mutation controllers).

Linting has been expanded to allow for many files to be linted in a single execution using the lula tools lint -f file1,file2 or lula tools lint -f file1 -f file2 format.

Additionally a threshold prop has been added to assessment-results to aid in the discovery of required threshold for evaluate operations.

⚠ BREAKING CHANGES

• validate: #408 create resources in kubernetes domain (#415)

Features

• tools: add looping for lint (#481) (0d69a45)
• validate: #408 create resources in kubernetes domain (#415) (bd8d72b)

Bug Fixes

• commitlint: pinned dependency issue by extracting into package(-… (#454) (17ac8ca)
• evaluate: add support for existing control-id becoming satisfied (#498) (471e9c5)
• evaluate: establish threshold for assessment results result (#457) (4571cb8)
• generate: resolve parent flag options properly (#442) (5850115)
• oscal: single model write operations support (#502) (3646650)
• validate: fix related observations when empty (#448) (f6f6993)

Miscellaneous

• actions: fix code scanning alerts (#446) (aa568c7)
• deps: add tag to release please action (#496) (3596491)
• deps: update actions/checkout action to v4.1.7 (#479) (962fd2f)
• deps: update dependency linkinator to v6.0.5 (#458) (dfa1cbe)
• deps: update dependency markdownlint-cli to v0.41.0 (#443) (27c0e94)
• deps: update dependency prettier to v3.3.1 (#459) (c999b78)
• deps: update github/codeql-action action to v3.25.10 (#476) (e2e74eb)
• deps: update github/codeql-action action to v3.25.7 (#452) (2583eea)
• deps: update github/codeql-action action to v3.25.8 (#463) (0e7f844)
• deps: update googleapis/release-please-action digest to 7987652 (#472) (d50b034)
• deps: update goreleaser/goreleaser-action action to v6 (#464) (e74b9d5)
• deps: update kubernetes packages to v0.30.2 (#477) (679d2c8)
• deps: update module github.com/defenseunicorns/go-oscal to v0.4.3 (#470) (5c78254)
• deps: update module github.com/defenseunicorns/go-oscal to v0.5.0 (#492) (c5d128f)
• deps: update module github.com/kyverno/kyverno-json to v0.0.3 (#453) (1dc96e8)
• deps: update module github.com/open-policy-agent/opa to v0.65.0 (#451) (7867a3c)
• deps: update module github.com/open-policy-agent/opa to v0.66.0 (#505) (7692e33)
• deps: update module github.com/spf13/cobra to v1.8.1 (#485) (aaeba70)
• docs: cleanup unused readme conflicting in docs build (#489) (19a3f61)
• docs: re-organize docs for docs website consumption (#495) (24c24f0)
• fix documentation links (#487) (4f96ec5)