Tags

Tags give the ability to mark specific points in history as being important

  • v0.3.0-rc

    79f2e5b2 · feat(portal): /api/forward-auth group-gate endpoint for non-OIDC apps (Caddy forward_auth) ·
    Release: auth v0.3.0-rc 
    v0.3.0-rc — RC4: /api/forward-auth group-gate endpoint

  • v0.2.0

    2bde3a1c · release(v0.2.0): land adversarial e2e specs + refresh changelog ·
    Release: auth v0.2.0 
    Othala v0.2.0 — the convergence release (PRIVATE; public flip deferred to v0.3.0)

Runtime manifest model, rename to Othala, OAuth2 challenge surface converged
(dual-listener portal, /oauth2 flow URLs, Authorization: Bearer recovery-gate),
default-group tile gating, functional contact form. Config-only deploy shape;
459 unit tests, astro check/build clean, smoke green on the carmine QEMU runner.

This tag enables the dag.dunn.dev deploy (iac pins it; CI publishes othala +
othala/ldap-bridge images). Repo stays PRIVATE — public flip is a deliberate
v0.3.0 act.

  • v0.1.3

    3486d96b · Merge branch 'chore/sbom-filename-2.3.3' into 'main' ·
    Release: auth v0.1.3 
    v0.1.3

fix: 3 SBOMs in registry per release, no overwrite.

v0.1.2 only published one SBOM because the catalog's container-sbom
template used a fixed <package_name>-container.sbom.json filename;
all three jobs wrote auth-container.sbom.json and overwrote each
other. Pipeline 2.3.3 added the sbom_filename input; this consumer
now picks per-service filenames so all three SBOMs land at
/-/packages/generic/auth/v0.1.3/{consent,ldap-bridge,portal}-container.sbom.json.

No code changes since v0.1.1; just CI packaging.

  • v0.1.2

    ddbf21cc · Merge branch 'fix/sbom-package-collocation' into 'main' ·
    Release: auth v0.1.2 
    v0.1.2

fix: collocate SBOMs under single 'auth' generic package so the
release-create linker reaches them. v0.1.1 had three SBOMs scattered
across per-service packages; the Release page's portal-container.sbom.json
link pointed at an empty path.

No code changes since v0.1.1 — just the CI packaging fix.

  • v0.1.1

    60712a59 · Merge branch 'chore/full-release-pipeline' into 'main' ·
    Release: auth v0.1.1 
    v0.1.1

Full release pipeline lights up: each tag now produces

- 3 signed UBI 9.8 container images (consent, ldap-bridge, portal)
- 3 CycloneDX SBOMs via syft (uploaded to project's generic package registry)
- GitLab Release record (portal SBOM linked from the release page)

No code changes; first time exercising the container-sbom +
release-create catalog templates against this repo. Cuts the
"shippable" question: auth substrate is image-ready, SBOM-traceable,
sig-verifiable, ready for the carmine pyinfra cutover.

  • v0.1.0

    31b49d6c · ci: retrigger after enabling container registry · 
    v0.1.0

First versioned release of the auth substrate (Kratos + Hydra +
consent + LDAP bridge + portal). Containerized via the
dunn.dev/pipeline 2.3.1 catalog onto UBI 9 bases:

- consent + ldap-bridge: ci-runtime-go (UBI 9 micro)
- portal: ci-runtime-node (UBI 9 nodejs-22-minimal)
- caddy: separate dunn.dev/caddy-estate image

Images publish at:
  registry.gitlab.com/dunn.dev/auth/{consent,ldap-bridge,portal}:v0.1.0