Release v1.4.1

What's Changed

Security

This release includes a critical security fix and a security feature improvement.
Please read this changelog carefully and check whether you're affected.
If you're affected, you should update as soon as possible.
If you're not affected, we still recommend updating for the case that you might be affected in the future by changing the manifest.

• Fixed a critical issue with TTLS. See GHSA-x5r5-2qrx-rqj8 for full details.
• Added the ability to not accept TCB status SWHardeningNeeded during remote attestation
• Update SGX libraries to 2.22 (PSW) and 1.19 (DCAP)
• Updates of other dependencies

Fixes

• Fix webhook certificates always being issued for the marblerun namespace when installing with CLI (#573)

Full Changelog: v1.4.0...v1.4.1

v1.4.0

What's Changed

• Build premain on Ubuntu 20.04 by @thomasten in #487
• Allow adding additional IPs for Coordinator root cert by @daniel-weisse in #528
• Allow specifying Kubernetes namespace when installing MarbleRun, or working with a Kubernetes deployment of MarbleRun, using the --namespace flag
• Pin Coordinator root certificate for all commands interacting withe the Coordinator after marblerun manifest set
  • The certificate is saved to ~/.config/marblerun/coordinator-cert.pem by default
  • Specify the --coordinator-cert flag to set a custom location

Security fixes

• Fix a MITM vulnerability when using the CLI to interact with a MarbleRun deployment after the manifest has been set
  • See the advisory for more details

Full Changelog: v1.3.0...v1.4.0

v1.3.0

Fixes

• fix nightly image builds by @thomasten in #435
• fix webhook certificates not being reloaded on change by @daniel-weisse in #470
• remove version label from marble-injector selector by @daniel-weisse in #472
  • this caused issues resulting in the deployment being unable to be upgraded to a new image version using helm
  • when upgrading from a previous release using Helm, the marble-injector deployment has to be removed before upgrades can be applied:

    kubectl delete deployments -n marblerun marble-injector
    helm upgrade -n marblerun marblerun ...

Additions

• cli: require chart path when using enterprise access token by @thomasten in #433
• helm: Make health probes of Coordinator deployment configurable by @daniel-weisse in #442
• remove az-dcap-client from Coordinator image by @daniel-weisse in #447
  • the image now uses just libsgx-dcap-default-qpl
  • the Coordinator will still automatically configure itself to run with the Azure PCCS if available
  • the --dcap-qpl flag has been deprecated since it is no longer necessary to set the QPL to use (there is only one)
• Build CLI for Ubuntu 20.04, 22.04, and AppImage by @thomasten in #459
  • This means release will now include CLI binaries built for Ubuntu 20.04, Ubuntu 22.0, and an AppImage for Linux x86_64

Full Changelog: v1.2.0...v1.3.0

Edit (28.08.2023)

The CLI binaries marblerun-x86_64.AppImage and marblerun-ubuntu-20.04 were built on an incorrect commit (3750726f912244854c1b000c2c6085d0da158b5f instead of 411e3bcbb01a9a069c69d87f6713a0cde282511b).
We have since updated the binaries and the checksums.txt file.
The old, incorrect files are still available in the release with the old. prefix.
Other files were left untouched.

v1.2.0

Fixes

• add missing YAML conversion to manifest verify by @daniel-weisse in #391
• fix Recover call not properly resetting store's recovery mode by @daniel-weisse in #395
• return error on SetManifest if state cannot be committed by @daniel-weisse in #397
• align capitalization of log messages by @daniel-weisse in #394

Additions

• output status if tcb level is invalid by @thomasten in #386
• better error message on failed property validation by @daniel-weisse in #425

Misc

• split util package to reduce dependencies of premain by @thomasten in #387
• remove context.TODO from CLI by @daniel-weisse in #390
• Only work on store transactions by @daniel-weisse in #388
• Move file saving from Sealer to StdStore by @daniel-weisse in #392
• add versioned docs by @m1ghtym0 in #399

Full Changelog: v1.1.0...v1.2.0

v1.1.0

Fixes

• charts: fix namespace in injector.yaml by @OverOrion in #366
• charts: fix missing provision in resources.limits by @OverOrion in #367

Additions

• docs: add examples for multi-party workflows by @m1ghtym0 in #355
• charts: enable MarbleRun Kubernetes installation using only helm by @daniel-weisse in #368
• charts: allow usage of custom PVC for Coordinator storage by @daniel-weisse in #382
• Update Go version to v1.20

Misc

• ci: update image name in workflow by @daniel-weisse in #364
• Update sample-manifest.json by @thomasten in #365
• Upgrade dependencies by @daniel-weisse in #369
• docs: update helm installation docs by @daniel-weisse in #372
• docs: reference AllowedTCBStatuses in manifest docs by @daniel-weisse in #375
• charts: Set all required resources keys for Intel Device Plugin by @daniel-weisse in #376
• Don't use apt in running container by @daniel-weisse in #379
• Refactor CLI code by @daniel-weisse in #380
• Remove direct dependency on gorilla mux by @daniel-weisse in #384

Full Changelog: v1.0.0...v1.1.0

v1.0.0

Fixes

• Fix potentially invalid variable access by @daniel-weisse in #324
• Catch potential seg fault when updating debug marbles by @daniel-weisse in #325
• Remove nodename from gramine libos detection by @lead4good in #333

Additions

• Add logging for failed marble activations by @daniel-weisse in #329
• Allow TCB levels to be accepted besides UpToDate by @OverOrion in #344
• Enforce unique certificates for users by @daniel-weisse in #353
• Reuse existing era config file by @daniel-weisse in #358
• Add reproducible build and production build by @thomasten in #362

Misc

• Separate client API from core package by @daniel-weisse in #328
• Only inject UUID volumes if not already present by @daniel-weisse in #330
• Update samples and PreMain for Gramine v1.3 compatibility by @daniel-weisse in #346
• Don't panic in premain by @daniel-weisse in #360

New Contributors

• @OverOrion made their first contribution in #344

Full Changelog: v0.6.1...v1.0.0

v0.6.1

Fixes

• fix CLI version parsing
• fix DCAP QPL selection in Helm chart
• fix era config loading by @jcsora in #308

Additions

• allow setting a manifest from env on startup by @aep in #305
• implement a log of events queriable from the metrics endpoint by @aep in #306

Misc

• update Go dependencies

v0.6.0

• Security
  • Upgrade EGo and Edgeless RT dependencies for mitigations for INTEL-SA-00615
• premain
  • Updates to support Occlum v0.27
• Coordinator
  • HTTP-API endpoint to retrieve the a ECDSA signature of the set manifest, by @lead4good (#291)

v0.5.1

• CLI:

  • Removed namespace command

• Injector:

  • Pods with the marblerun/marbletype label will be automatically injected. Use the label marblerun/resource-injection=disabled to disable injection for a Pod.
  • Fix injecting DNS names with uppercase letters

• Coordinator:

  • Throw an error when the Coordinator is unable to generate a quote in SGX mode. Use the EDG_COORDINATOR_DEV_MODE=1 env variable to ignore this error.

• Samples:

  • Graphene was renamed to Gramine. Use their binary release to run our samples!
  • Update Occlum sample to use release v0.24.1

• Repository:

  • Add ROADMAP.md
  • Add MarbleRun helm chart

v0.5.0

• Rename Marblerun to MarbleRun
• New logo
• Enhance SGX DCAP support:
  • Add support for Intel's default DCAP implementation
  • Add support for Alibaba's DCAP infrastructure
  • Allow users to configure DCAP backend
• Manifest:
  • Breaking change due to renaming all secrets below .Marblerun. -> .MarbleRun.
  • Enhance manifest's Parameters section:
    • Extend encoding support for Files
    • Make sure Env values are valid c-strings
  • Remove never implemented Clients section
• CLI
  • Generalize sgxsdk-package-info command into package-info supporting Open Enclave / Graphene / Occlum / EGo / Edgeless RT enclaves
• Add OpenAPI/Swagger annotations for ClientAPI
  • Add GitHub actions to automatically validate annotations and generate swagger.json for the docs