Releases: ppiankov/infranow
Releases · ppiankov/infranow
v0.6.0
v0.5.0
v0.4.1
v0.4.0
v0.3.1
v0.3.0
Changelog
- 43463eb feat: add SARIF output for GitHub Code Scanning
- 3db33e5 feat: add cross-detector correlation with 6 built-in rules
- 99c7148 feat: add history store with SQLite backend
- 2d111da feat: add kubeconfig context enumeration
- 62d878e feat: add multi-cluster sweep command
- 56b90a6 feat: add runbook links and TUI runbook viewer
- 0acea62 feat: add table-based TUI with copy and detail panel
- dbcdf39 feat: display history badges in all output modes
- ff6f24a feat: integrate history with watcher and CLI
- ff89aac refactor: replace magic numbers with named constants
v0.2.0
Changelog
- 885311e build: switch to goreleaser, unify version format
- 295feb3 ci: sync workflows with project template
- 99d90a5 feat: add plain text output mode with isatty detection
- 1f15f82 feat: add service mesh detectors for linkerd and istio
- 47426de feat: add trustwatch metrics detector
- 7b9f896 feat: add version subcommand
- 89361fe feat: initial release v0.1.0
- a938dd8 fix: pin golangci-lint version to v2.8.0 in CI
- 06cb4ca fix: security audit remediation (16 work orders)
- b29e876 fix: upgrade golangci-lint-action to v7 for Go 1.25 support
v0.1.2
Added
- Trustwatch certificate and probe failure detectors (2 new detectors, total: 15)
- TrustwatchCertExpiry: tiered alerts for trustwatch-monitored certificate expiry
- TrustwatchProbeFailure: detects trustwatch endpoint probe failures
- Safety Model section in README documenting zero-footprint guarantees
- golangci-lint config (.golangci.yml) with gocritic, gocyclo, revive enabled
- Trivy security scanning in CI pipeline
- GPG signing for release checksums
Security
- SHA-pinned all GitHub Actions to commit hashes (supply chain hardening)
- Added
go mod verifyto release workflow (dependency integrity) - Added
-trimpathto release builds (path leak prevention) - Scoped release workflow permissions to job level
- Added context timeouts for Kubernetes API calls in port-forward
- Added HTTP client timeout for SPDY port-forward transport
- Enhanced Prometheus URL validation with link-local SSRF rejection
- Fixed export file permissions: 0666 → 0600
- Fixed TUI signal handling: graceful shutdown via tea.Quit instead of os.Exit
- Capped problem map at 10,000 entries to prevent unbounded memory growth
- Sanitized Prometheus URL in TUI header display
- Fixed LDFLAGS to use VERSION_NUM (no v prefix)
Fixed
- Octal literal style in baseline file permissions (0600 → 0o600)
- Import ordering with goimports local-prefix grouping
Install
# macOS (Apple Silicon)
curl -LO https://github.com/ppiankov/infranow/releases/download/v0.1.2/infranow_0.1.2_darwin_arm64.tar.gz
tar -xzf infranow_0.1.2_darwin_arm64.tar.gz
sudo mv infranow /usr/local/bin/
# macOS (Intel)
curl -LO https://github.com/ppiankov/infranow/releases/download/v0.1.2/infranow_0.1.2_darwin_amd64.tar.gz
tar -xzf infranow_0.1.2_darwin_amd64.tar.gz
sudo mv infranow /usr/local/bin/
# Linux (amd64)
curl -LO https://github.com/ppiankov/infranow/releases/download/v0.1.2/infranow_0.1.2_linux_amd64.tar.gz
tar -xzf infranow_0.1.2_linux_amd64.tar.gz
sudo mv infranow /usr/local/bin/Verify checksums: sha256sum -c checksums.txt
v0.1.1
Added
- 6 service mesh detectors for linkerd and istio
- LinkerdControlPlane: detects linkerd deployments with zero replicas (FATAL)
- LinkerdProxyInjection: detects linkerd pods in CrashLoopBackOff (CRITICAL)
- IstioControlPlane: detects istiod with zero replicas (FATAL)
- IstioSidecarInjection: detects istio-system pods in CrashLoopBackOff (CRITICAL)
- LinkerdCertExpiry: tiered alerts for identity cert expiry (<7d WARNING, <48h CRITICAL, <24h FATAL)
- IstioCertExpiry: tiered alerts for root cert expiry (<7d WARNING, <48h CRITICAL, <24h FATAL)
Changed
- Total detector count: 7 → 13
- CLAUDE.md synced with global project standards
- CONTRIBUTING.md commit message format aligned with conventional commits
- ARCHITECTURE.md Go version corrected to 1.25+, stale timing fixed to 1 minute
Fixed
- Duplicate
.PHONY: depsin Makefile - Stale problem timing documented as 2 minutes but implemented as 1 minute
Install
# macOS (Apple Silicon)
curl -LO https://github.com/ppiankov/infranow/releases/download/v0.1.1/infranow_0.1.1_darwin_arm64.tar.gz
tar -xzf infranow_0.1.1_darwin_arm64.tar.gz
sudo mv infranow /usr/local/bin/
# macOS (Intel)
curl -LO https://github.com/ppiankov/infranow/releases/download/v0.1.1/infranow_0.1.1_darwin_amd64.tar.gz
tar -xzf infranow_0.1.1_darwin_amd64.tar.gz
sudo mv infranow /usr/local/bin/
# Linux (amd64)
curl -LO https://github.com/ppiankov/infranow/releases/download/v0.1.1/infranow_0.1.1_linux_amd64.tar.gz
tar -xzf infranow_0.1.1_linux_amd64.tar.gz
sudo mv infranow /usr/local/bin/Verify checksums: sha256sum -c checksums.txt
v0.1.0
Added
- 7 deterministic detectors with explicit PromQL thresholds
- Kubernetes: OOMKill, CrashLoopBackOff, ImagePullBackOff, PodPending
- Generic: HighErrorRate (>5% 5xx), DiskSpace (90%/95%), HighMemoryPressure (>90%)
- Interactive TUI with real-time problem ranking by severity, recency, or count
- JSON output mode for CI/CD pipelines (waits for first detection cycle, then exits)
- Baseline save/compare with
--fail-on-driftfor regression detection - Severity gate via
--fail-onfor CI/CD exit code control - Native Kubernetes port-forwarding via client-go (no kubectl dependency)
- Namespace include/exclude filtering with glob patterns
- Configurable polling intervals, concurrency limits, and detector timeouts
- Problem scoring based on severity weight, blast radius, and persistence
- Stale problem pruning (removed after 1 minute without re-detection)
- TUI keyboard navigation: scroll, sort, search/filter, pause/resume
- Prometheus health monitoring with connection status in TUI header
- Multi-platform builds via Makefile (Linux, macOS, Windows)