v1.7.0

What's Changed

⚠️ Security

This release includes a security fix of high severity.
Please read the GHSA-w7wm-2425-7p2h advisory carefully to assess the impact on your deployment and plan the update accordingly.

Please be aware that updating a deployment to v1.7.0 will require manual recovery of the Coordinator.
Additionally, starting with v1.7.0, recovery will require access to the recovery private keys, matching the recovery public keys defined in the manifest, either as files or through a PKCS #11 compatible backend.

🎁 New features

• premain: enable JSON formatted logs if EDG_LOG_FORMAT=json by @daniel-weisse in #766
• cli: support for authenticating with private keys and certificates stored in PKCS #11 backend by @daniel-weisse in #771
• Support injection of Coordinator root and intermediate certificates into Marble environment by @daniel-weisse in #784
• coordinator: add debug logging by @daniel-weisse in #786

🐛 Bug fixes

• fix: JSON formatted logs for all Coordinator and marble-injector messages by @daniel-weisse in #764
• coordinator: fix equality checks for manifest properties by @daniel-weisse in #777
• Fix Marble verification with Coordinator root certificate by @thomasten in #782
• cli: fix certificate command errors when --insecure flag is set by @daniel-weisse in #790

🔧 Other changes

• coordinator: atomically replace the sealed data file on store commit by @thomasten in #762
• charts: allow configuration of Coordinator PVC size through helm values file by @Nabsku in #793

📖 Documentation

• docs: replace base64 command with openssl by @thomasten in #757
• docs: add backup workflow by @thomasten in #763

New Contributors

• @Nabsku made their first contribution in #793

Full Changelog: v1.6.0...v1.7.0