Trillian Versions Save

Documentation

Added docs which describe the Claimant Model of transparency, a useful framework for reasoning about the design and architecture of transparent systems.

Misc improvements

• Fixed int to string conversion warnings for golang 1.15
• Metric improvements for fetched leaf counts
• Move tools.go into its own directory to help with dependencies

Dependency updates

• go-grpc-middleware from 1.2.0 to 1.2.2 (#2219, #2229)
• stackdriver from 0.13.2 to 0.13.4 (#2220, #2223)
• Google api from 0.28.0 to 0.29.0 (#2193)

New database-integration tests, #1740 have identified and help resolve inconsistencies and missing features between the various storage implementations.

Storage TX Interfaces

• QueueLeaves has been removed from the LogTreeTX interface because QueueLeaves is not transactionaal. All callers use the QueueLeaves function in the LogStorage interface.
• AddSequencedLeaves has been removed from the LogTreeTX for the same reason.

MySQL Dequeueing Change #2159

mysql will now remove leaves from the queue inside of UpdateLeaves rather than directly inside of Dequeue. This change brings the behavior of the mysql storage implementation into line with the spanner implementation and makes consistent testing possible.

Selected Dependency Updates

• etcd from v3.3.18 to 3.4.7 (#2090)
• etcd-operator from v0.9.1 to v0.9.4
• upgraded protoc version to latest (#2088)
• github.com/golang/protobuf to v1.4.1 (#2111)
• google.golang.org/grpc from v1.26 to 1.29.1 (#2108)

See all changes

HTTP APIs

The HTTP/JSON APIs have been removed in favor of a pure gRPC intereface. grpcurl is the recommended way of interacting with the gRPC API from the commandline.

Server Binaries

The trillian_log_server, trillian_log_signer and trillian_map_server binaries have moved from github.com/google/trillian/server/ to github.com/google/trillian/cmd. A subset of the server package has also moved and has been split into cmd/internal/serverutil, quota/etcd and quota/mysqlqm packages.

Deployments

the kubernetes configs will now provision 5 nodes for trillian's etcd cluster, instead of 3 nodes. this makes the etcd cluster more resilient to nodes becoming temporarily unavailable, such as during updates (it can now tolerate 2 nodes being unavailable, instead of just 1).

Monitoring & Metrics

A count of the total number of individual leaves the logserver attempts to fetch via the GetEntries.* API methods has been added.

Log Changes

Potential sequencer hang fixed

A potential deadlock condition in the log sequencer when the process is attempting to exit has been addressed.

Quota

New Features

An experimental Redis-based quota.Manager implementation has been added.

Behaviour Changes

Quota used to be refunded for all failed requests. For uses of quota that were to protect against abuse or fair utilization, this could allow infinite QPS in situations that really should have the requests throttled. Refunds are now only performed for tokens in Global buckets, which prevents tokens being leaked if duplicate leaves are queued.

Tools

The licenses tool has been moved from "scripts/licenses" to a dedicated repository.

Bazel Changes

Python support is disabled unless we hear that the community cares about this being re-enabled. This was broken by a downstream change and without a signal from the Trillian community to say this is needed, the pragmatic action is to not spend time investigating this issue.

Invalid release. Do not use

Patch release to address Go Module issue. Removes replace directives in our go.mod file now that our dependencies have fixed their invalid pseudo-version issues.

Patch release to address Go Module issue. Some dependencies use invalid pseudo- versions in their go.mod files that Go 1.13 rejects. We've added replace directives to our go.mod file to fix these invalid pseudo-versions.