Skip to content

Releases: build-trust/ockam

Ockam v0.81.0

24 Feb 05:23
@github-actions github-actions
ockam_v0.81.0
This tag was signed with the committer’s verified signature.
ockam-team Ockam Developers
GPG key ID: 11E227E7093E6E91
Learn about vigilant mode.
fe79c13
This commit was signed with the committer’s verified signature.
ockam-team Ockam Developers
GPG key ID: 11E227E7093E6E91
Learn about vigilant mode.
Compare
Choose a tag to compare
Ockam v0.81.0

Add end-to-end encryption to any client and server application

As something to try with this new release let's build a solution for a very common secure communication topology that applies to many real world use cases. We'll build our first example using Ockam Command but it is just as easy to build end-to-end trustful communication using Ockam Programming Libraries

An application service and an application client running in two private networks wish to securely communicate with each other without exposing ports on the Internet. In a few simple commands, we’ll make them safely talk to each other through an End-to-End Encrypted Cloud Relay.

Install Ockam Command

If you use Homebrew, you can install Ockam using brew.

# Tap and install Ockam Command
brew install build-trust/ockam/ockam

This will download a precompiled binary and add it to your path. If you don’t
use Homebrew, you can also install on Linux and MacOS systems using curl.

curl --proto '=https' --tlsv1.2 -sSf \
    https://raw.githubusercontent.com/build-trust/ockam/develop/install.sh | sh

After the binary downloads, please move it to a location that is in your
shell's $PATH

mv ockam /usr/local/bin

End-to-end encrypted and mutually authenticated communication

Next, step through the following commands to setup secure and private
communication between our application service and an application client.

# Check that everything was installed correctly by enrolling with Ockam Orchestrator.
#
# This will create a Space and Project for you in Ockam Orchestrator and provision an
# End-to-End Encrypted Cloud Relay service in your `default` project at `/project/default`.
ockam enroll
ockam project information --output json > default-project.json

# -- APPLICATION SERVICE --

# Start an application service, listening on a local ip and port, that clients would access
# through the cloud encrypted relay. We'll use a simple http server for this first example but
# this could be any other application service.
python3 -m http.server --bind 127.0.0.1 5000

# In a new terminal window, setup an ockam node, called `s`, as a sidecar next to the
# application service. Then create a tcp outlet, on the `s` node, to send raw tcp traffic to the
# service. Finally create a forwarder in your default Orchestrator project.
ockam node create s --project default-project.json
ockam tcp-outlet create --at /node/s --from /service/outlet --to 127.0.0.1:5000
ockam forwarder create s --at /project/default --to /node/s

# -- APPLICATION CLIENT --

# Setup an ockam node, called `c`, as a sidecar next to our application client. Then create an
# end-to-end encrypted secure channel with s, through the cloud relay. Finally, tunnel traffic
# from a local tcp inlet through this end-to-end secure channel.
ockam node create c --project default-project.json
ockam secure-channel create --from /node/c --to /project/default/service/forward_to_s/service/api\
  | ockam tcp-inlet create --at /node/c --from 127.0.0.1:7000 --to -/service/outlet

# Access the application service, that may be in a remote private network though the end-to-end
# encrypted secure channel, via your private and encrypted cloud relay.
curl --head 127.0.0.1:7000

To learn more checkout out docs.ockam.io

Homebrew

To install this release using Homebrew:

$ brew install build-trust/ockam/ockam

Precompiled Binaries

# download sha256sums.txt
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.81.0/sha256sums.txt

# download sha256sums.txt.sig
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.81.0/sha256sums.txt.sig

# download our release public key
curl --proto '=https' --tlsv1.2 -sSfL -o ockam.pub \
  https://raw.githubusercontent.com/build-trust/ockam/develop/tools/docker/cosign.pub

# verify signatures
cosign verify-blob --key ockam.pub --signature sha256sums.txt.sig sha256sums.txt

# download ockam command binary for your architecture
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.81.0/ockam.x86_64-unknown-linux-gnu

# verify that the sha256 hash of the downloaded binary is the same as
# the corresponding hash mentioned in sha256sums.txt
cat sha256sums.txt | grep ockam.x86_64-unknown-linux-gnu | sha256sum -c

# rename the download binary and give it permission to execute
mv ockam.x86_64-unknown-linux-gnu ockam
chmod u+x ockam

Rust Crates

To use Ockam as a Rust library, run the following command within your project directory:

cargo add [email protected]

The following crates were published as part of this release:

Contributors

The following people contributed to this release, thank you all 🥳

@adrianbenavides @BeenzSyed @caoakleyii @davide-baldo @etorreborre @glenngillen @hairyhum @mattgreg @metaclips @mrinalwadhwa @mszpakowski @polvorin @SanjoDeundiak
@p-gentili @waqasraz @Jackbaude @phillyphil91

New Contributors

@p-gentili @waqasraz @Jackbaude contributed for the first time 🥳

Full Changelog

ockam_v0.80.0...ockam_v0.81.0

Contributors

etorreborre, mrinalwadhwa, and 15 other contributors
Assets 21
Loading

Ockam v0.80.0

09 Feb 23:50
@github-actions github-actions
ockam_v0.80.0
This tag was signed with the committer’s verified signature.
ockam-team Ockam Developers
GPG key ID: 11E227E7093E6E91
Learn about vigilant mode.
b4628ea
This commit was signed with the committer’s verified signature.
ockam-team Ockam Developers
GPG key ID: 11E227E7093E6E91
Learn about vigilant mode.
Compare
Choose a tag to compare
Ockam v0.80.0

Add end-to-end encryption to any client and server application, with no code change

Here's something to try with this release!

Let's create an end-to-end encrypted, mutually authenticated, secure and private cloud relay.

# Install ockam command
brew install build-trust/ockam/ockam

# Check that everything was installed by enrolling with Ockam Orchestrator.
#
# This will provision an End-to-End Encrypted Cloud Relay service for you in
# your `default` project at `/project/default`. 
ockam enroll
ockam project information --output json > project.json

# -- APPLICATION SERVICE --

# Start an application service, listening on a local ip and port, that clients
# would access through the cloud encrypted relay. We'll use a simple http server
# for this first example but this could be any other application service.
python3 -m http.server --bind 127.0.0.1 5000

# In a new terminal window:
# Setup an ockam node, called `s`, as a sidecar next to the application service.
# Create a tcp outlet, on the `s` node, to send raw tcp traffic to the service.
# Then create a forwarder in your default Orchestrator project.
ockam node create s --project project.json
ockam tcp-outlet create --at /node/s --from /service/outlet --to 127.0.0.1:5000
ockam forwarder create s --at /project/default --to /node/s

# -- APPLICATION CLIENT --

# Setup an ockam node, called `c`, as a sidecar next to our application client.
# Create an end-to-end encrypted secure channel with s, through the cloud relay.
# Then tunnel traffic from a local tcp inlet through this end-to-end secure channel.
ockam node create c --project project.json
ockam secure-channel create --from /node/c --to /project/default/service/forward_to_s/service/api \
  | ockam tcp-inlet create --at /node/c --from 127.0.0.1:7000 --to -/service/outlet

# Access the application service, that may be in a remote private network
# though the end-to-end encrypted secure channel, via your cloud relay.
curl --head 127.0.0.1:7000

Homebrew

To install this release using Homebrew:

$ brew install build-trust/ockam/ockam

Install Script

To install using the installer script:

curl --proto '=https' --tlsv1.2 -sSf https://raw.githubusercontent.com/build-trust/ockam/develop/install.sh | sh

Docker

To use the Docker OCI package:

docker pull ghcr.io/build-trust/ockam:0.80.0

Precompiled Binaries

# download sha256sums.txt
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.80.0/sha256sums.txt

# download sha256sums.txt.sig
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.80.0/sha256sums.txt.sig

# download our release public key
curl --proto '=https' --tlsv1.2 -sSfL -o ockam.pub \
  https://raw.githubusercontent.com/build-trust/ockam/develop/tools/docker/cosign.pub

# verify signatures
cosign verify-blob --key ockam.pub --signature sha256sums.txt.sig sha256sums.txt

# download ockam command binary for your architecture
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.80.0/ockam.x86_64-unknown-linux-gnu

# verify that the sha256 hash of the downloaded binary is the same as
# the corresponding hash mentioned in sha256sums.txt
cat sha256sums.txt | grep ockam.x86_64-unknown-linux-gnu | sha256sum -c

# rename the download binary and give it permission to execute
mv ockam.x86_64-unknown-linux-gnu ockam
chmod u+x ockam

Rust Crates

To use Ockam as a Rust library, run the following command within your project directory:

cargo add [email protected]

The following crates were published as part of this release:

Contributors

The following people contributed to this release, thank you all 🥳

@adrianbenavides @BeenzSyed @caoakleyii @davide-baldo @etorreborre @glenngillen @hairyhum @mattgreg @metaclips @mrinalwadhwa @mszpakowski @polvorin @SanjoDeundiak

@Miidoriya @hargut @nidnogg @murex971 @h20220145 @MavenRain @andrescaroc

New Contributors

The following people made their very first contribution to this release 🎉 🥳
@Miidoriya @murex971 @MavenRain @andrescaroc

Full Changelog

ockam_v0.79.0...ockam_v0.80.0

Contributors

etorreborre, mrinalwadhwa, and 18 other contributors
Assets 21
Loading

Ockam v0.79.0

31 Jan 23:24
@github-actions github-actions
ockam_v0.79.0
This tag was signed with the committer’s verified signature.
ockam-team Ockam Developers
GPG key ID: 11E227E7093E6E91
Learn about vigilant mode.
d8fab7e
Compare
Choose a tag to compare
Ockam v0.79.0

Add end-to-end encryption to any client and server application, with no code change

Here's something to try with this release!

Let's create an end-to-end encrypted, mutually authenticated, secure and private cloud relay.

# Install ockam command
brew install build-trust/ockam/ockam

# Create a relay node that will forward encrypted messages
ockam node create relay

# -- APPLICATION SERVICE --

# Start our application service, listening on a local ip and port, that clients
# would access through the cloud relay. We'll use a simple http server for our
# first example but this could be some other application service.
python3 -m http.server --bind 127.0.0.1 5000

# Setup an ockam node, called blue, as a sidecar next to our application service.
# Create a tcp outlet on the blue node to send raw tcp traffic to the application service.
# Then create a forwarding relay at your default orchestrator project to blue.
ockam node create blue
ockam tcp-outlet create --at /node/blue --from /service/outlet --to 127.0.0.1:5000
ockam forwarder create blue --at /node/relay --to /node/blue

# -- APPLICATION CLIENT --

# Setup an ockam node, called green, as a sidecar next to our application client.
# Then create an end-to-end encrypted secure channel with blue, through the cloud relay.
# Then tunnel traffic from a local tcp inlet through this end-to-end secure channel.
ockam node create green
ockam secure-channel create --from /node/green --to /node/relay/service/forward_to_blue/service/api \
  | ockam tcp-inlet create --at /node/green --from 127.0.0.1:7000 --to -/service/outlet

# Access the application service though the end-to-end encrypted, secure relay.
curl 127.0.0.1:7000

Homebrew

To install this release using Homebrew:

brew install build-trust/ockam/ockam

Install Script

To install using the installer script:

curl --proto '=https' --tlsv1.2 -sSf https://raw.githubusercontent.com/build-trust/ockam/develop/install.sh | sh

Docker

To use the Docker OCI package:

docker pull ghcr.io/build-trust/ockam:0.79.0

Precompiled Binaries

# download sha256sums.txt
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.79.0/sha256sums.txt

# download sha256sums.txt.sig
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.79.0/sha256sums.txt.sig

# download our release public key
curl --proto '=https' --tlsv1.2 -sSfL -o ockam.pub \
  https://raw.githubusercontent.com/build-trust/ockam/develop/tools/docker/cosign.pub

# verify signatures
cosign verify-blob --key ockam.pub --signature sha256sums.txt.sig sha256sums.txt

# download ockam command binary for your architecture
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.79.0/ockam.x86_64-unknown-linux-gnu

# verify that the sha256 hash of the downloaded binary is the same as
# the corresponding hash mentioned in sha256sums.txt
cat sha256sums.txt | grep ockam.x86_64-unknown-linux-gnu | sha256sum -c

# rename the download binary and give it permission to execute
mv ockam.x86_64-unknown-linux-gnu ockam
chmod u+x ockam

Rust Crates

To use Ockam as a Rust library, run the following command within your project directory:

cargo add [email protected]

The following crates were published as part of this release:

Contributors

The following people contributed to this release, thank you all 🥳

@adrianbenavides @BeenzSyed @caoakleyii @davide-baldo @etorreborre @glenngillen @hairyhum @mattgreg @metaclips @mrinalwadhwa @mszpakowski @polvorin @SanjoDeundiak

@sanjayts @neil2468 @akki1306 @goverdhan07 @michealkeines @Overflow0xFFFF @AntoniosBarotsis @vijaykramesh @kriogenia @vncsalencar @windlessStorm @galbwe @constantinosgeorgiou @elliotwutingfeng @bahelms @Rishav-12 @bahelms @divyank-aggarwal @ronaudinho @HyperNova114 @justinmmott @jtmoon79 @duttaANI @miles170 @Sparrow1029 @noyez @Ill1 @Dark-Knight11 @Abhicodes-crypto @elpiel @mushahidq @Abhicodes-crypto @davidag @h20220145 @elvanja @brianmego @ebrightfield @phillyphil91 @RishiKumarRay @miles170 @Mo-Fata @sriharshamajeti @0x00A5 @hargut @raysonkoh @nidnogg @hweawer

Contributors

etorreborre, sanjayts, and 54 other contributors
Assets 21
Loading

Ockam v0.78.0

18 Jan 14:13
@github-actions github-actions
ockam_v0.78.0
This tag was signed with the committer’s verified signature.
ockam-team Ockam Developers
GPG key ID: 11E227E7093E6E91
Learn about vigilant mode.
3a9bebe
Compare
Choose a tag to compare
Ockam v0.78.0

Ockam 0.78.0

Homebrew

To install this release using Homebrew:

$ brew install build-trust/ockam/ockam

Docker

To use the Docker OCI package:

docker pull ghcr.io/build-trust/ockam:0.78.0

Precompiled Binaries

# download sha256sums.txt
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.78.0/sha256sums.txt

# download sha256sums.txt.sig
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.78.0/sha256sums.txt.sig

# download our release public key
curl --proto '=https' --tlsv1.2 -sSfL -o ockam.pub \
  https://raw.githubusercontent.com/build-trust/ockam/develop/tools/docker/cosign.pub

# verify signatures
cosign verify-blob --key ockam.pub --signature sha256sums.txt.sig sha256sums.txt

# download ockam command binary for your architecture
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.78.0/ockam.x86_64-unknown-linux-gnu

# verify that the sha256 hash of the downloaded binary is the same as
# the corresponding hash mentioned in sha256sums.txt
cat sha256sums.txt | grep ockam.x86_64-unknown-linux-gnu | sha256sum -c

# rename the download binary and give it permission to execute
mv ockam.x86_64-unknown-linux-gnu ockam
chmod u+x ockam

Rust Crates

To use Ockam as a Rust library, run the following command within your project directory:

cargo add [email protected]

The following crates were published as part of this release:

Assets 21
Loading

Ockam v0.77.0

09 Nov 04:21
@github-actions github-actions
ockam_v0.77.0
This tag was signed with the committer’s verified signature.
ockam-team Ockam Developers
GPG key ID: 11E227E7093E6E91
Learn about vigilant mode.
67d4bfd
This commit was signed with the committer’s verified signature.
ockam-team Ockam Developers
GPG key ID: 11E227E7093E6E91
Learn about vigilant mode.
Compare
Choose a tag to compare
Ockam v0.77.0

Trust with Cryptographically Verifiable Credentials

New in this release:

  1. Create Credential Authorities to issue lightweight, fine-grained attribute-based credentials.
  2. Securely Issue, Store, Present, and Verify cryptographically verifiable Credentials.
  3. Define, distribute and enforce application fleet-wide Attribute Based Access Control (ABAC) policies.
  4. Enable Identity Provider Add-Ons to integrate with enterprise workforce identity and customer identity systems like Okta and Auth0 to issue fine-grained, short-lived, just-in-time Ockam credentials to enterprise identities.

Try out our new examples on docs.ockam.io

Homebrew

To install this release using Homebrew:

brew install build-trust/ockam/ockam

Install Script

To install using the installer script:

curl --proto '=https' --tlsv1.2 -sSf https://raw.githubusercontent.com/build-trust/ockam/develop/install.sh | sh

Precompiled Binaries

To install the binaries manually:

# download ockam command binary for your architecture
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.77.0/ockam.x86_64-unknown-linux-musl

# rename the download binary and give it permission to execure
mv ockam.x86_64-unknown-linux-musl ockam
chmod u+x ockam

Verify

# download sha256sums.txt
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.77.0/sha256sums.txt

# download sha256sums.txt.sig
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.77.0/sha256sums.txt.sig

# download our release public key
curl --proto '=https' --tlsv1.2 -sSfL -o ockam.pub \
  https://raw.githubusercontent.com/build-trust/ockam/develop/tools/docker/cosign.pub

# verify signatures
cosign verify-blob --key ockam.pub --signature sha256sums.txt.sig sha256sums.txt

# download ockam command binary for your architecture
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.77.0/ockam.x86_64-unknown-linux-musl

# verify that the sha256 hash of the downloaded binary is the same as
# the corresponding hash mentioned in sha256sums.txt
cat sha256sums.txt | grep ockam.x86_64-unknown-linux-musl | sha256sum -c

# rename the download binary and give it permission to execure
mv ockam.x86_64-unknown-linux-musl ockam
chmod u+x ockam

Docker

To use the Docker Container Image:

docker pull ghcr.io/build-trust/ockam:0.77.0

Rust Crates

To use Ockam as a Rust library, run the following command within your project directory:

cargo add [email protected]

The following crates were published as part of this release:

Contributors

The following people contributed to this release 🎉

@adrianbenavides @BeenzSyed @hairyhum @mattgreg @metaclips @mrinalwadhwa @mszpakowski @polvorin @sobi3ch @SanjoDeundiak

@sanjayts @hargut @neil2468 @akki1306 @goverdhan07 @michealkeines @goverdhan07 @Overflow0xFFFF @AntoniosBarotsis @vijaykramesh @kriogenia @vncsalencar @windlessStorm @galbwe @constantinosgeorgiou @elliotwutingfeng @bahelms @Rishav-12 @bahelms @divyank-rs @ronaudinho @divyank-rs @HyperNova114 @justinmmott @jtmoon79 @duttaANI @miles170 @Sparrow1029 @noyez @Ill1 @Dark-Knight11 @Abhicodes-crypto @elpiel @mushahidq @phillyphil91 @Mo-Fatah @davidag

New Contributors

The following people made their very first contribution 🥳

@sanjayts @akki1306 @goverdhan07 @Overflow0xFFFF @AntoniosBarotsis @vijaykramesh @kriogenia @vncsalencar @windlessStorm @galbwe @constantinosgeorgiou @elliotwutingfeng @bahelms @Rishav-12 @divyank-rs @ronaudinho @HyperNova114 @justinmmott @jtmoon79 @miles170 @Sparrow1029 @noyez @Ill1 @Dark-Knight11 @Abhicodes-crypto @elpiel @mushahidq @phillyphil91 @Mo-Fatah @davidag

Full Changelog

ockam_v0.76.0...ockam_v0.77.0

Contributors

sanjayts, sobi3ch, and 42 other contributors
Assets 18
Loading

Ockam v0.76.0

21 Sep 03:28
@github-actions github-actions
ockam_v0.76.0
This tag was signed with the committer’s verified signature.
ockam-team Ockam Developers
GPG key ID: 11E227E7093E6E91
Learn about vigilant mode.
4e01dac
This commit was signed with the committer’s verified signature.
ockam-team Ockam Developers
GPG key ID: 11E227E7093E6E91
Learn about vigilant mode.
Compare
Choose a tag to compare
Ockam v0.76.0

Encrypted Cloud Relays - for any application!

Here's something to try with this release!

Let's create an end-to-end encrypted, mutually authenticated, secure and private cloud relay detailed explanation

# Install ockam command
brew install build-trust/ockam/ockam

# Create a relay node that will forward encrypted messages
ockam node create relay

# -- APPLICATION SERVICE --

# Start our application service, listening on a local ip and port, that clients
# would access through the cloud relay. We'll use a simple http server for our
# first example but this could be some other application service.
python3 -m http.server --bind 127.0.0.1 5000

# Setup an ockam node, called blue, as a sidecar next to our application service.
# Create a tcp outlet on the blue node to send raw tcp traffic to the application service.
# Then create a forwarding relay at your default orchestrator project to blue.
ockam node create blue
ockam tcp-outlet create --at /node/blue --from /service/outlet --to 127.0.0.1:5000
ockam forwarder create blue --at /node/relay --to /node/blue

# -- APPLICATION CLIENT --

# Setup an ockam node, called green, as a sidecar next to our application client.
# Then create an end-to-end encrypted secure channel with blue, through the cloud relay.
# Then tunnel traffic from a local tcp inlet through this end-to-end secure channel.
ockam node create green
ockam secure-channel create --from /node/green --to /node/relay/service/forward_to_blue/service/api \
  | ockam tcp-inlet create --at /node/green --from 127.0.0.1:7000 --to -/service/outlet

# Access the application service though the end-to-end encrypted, secure relay.
curl 127.0.0.1:7000

Homebrew

To install this release using Homebrew:

brew install build-trust/ockam/ockam

Install Script

To install using the installer script:

curl --proto '=https' --tlsv1.2 -sSf https://raw.githubusercontent.com/build-trust/ockam/develop/install.sh | sh

Docker

To use the Docker Container Image:

docker pull ghcr.io/build-trust/ockam:0.76.0

Precompiled Binaries

To install the binaries manually:

# download ockam command binary for your architecture
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.76.0/ockam.x86_64-unknown-linux-gnu

# rename the download binary and give it permission to execure
mv ockam.x86_64-unknown-linux-gnu ockam
chmod u+x ockam

Verify

# download sha256sums.txt
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.76.0/sha256sums.txt

# download sha256sums.txt.sig
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.76.0/sha256sums.txt.sig

# download our release public key
curl --proto '=https' --tlsv1.2 -sSfL -o ockam.pub \
  https://raw.githubusercontent.com/build-trust/ockam/develop/tools/docker/cosign.pub

# verify signatures
cosign verify-blob --key ockam.pub --signature sha256sums.txt.sig sha256sums.txt

# download ockam command binary for your architecture
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.76.0/ockam.x86_64-unknown-linux-gnu

# verify that the sha256 hash of the downloaded binary is the same as
# the corresponding hash mentioned in sha256sums.txt
cat sha256sums.txt | grep ockam.x86_64-unknown-linux-gnu | sha256sum -c

# rename the download binary and give it permission to execure
mv ockam.x86_64-unknown-linux-gnu ockam
chmod u+x ockam

Rust Crates

To use Ockam as a Rust library, run the following command within your project directory:

cargo add [email protected]

The following crates were published as part of this release:

Contributors

@adrianbenavides, @BeenzSyed, @hairyhum, @mattgreg, @metaclips, @mrinalwadhwa, @polvorin, @sobi3ch, @SanjoDeundiak, @twittner, @hargut @danieled-it @michealkeines @neil2468 @RajivTS contributed to this release.

New Contributors

@danieled-it and @hargut made their very first contribution 🥳

Full Changelog

ockam_v0.75.0...ockam_v0.76.0

Contributors

sobi3ch, twittner, and 13 other contributors
Assets 18
Loading

Ockam v0.75.0

09 Sep 21:36
@github-actions github-actions
ockam_v0.75.0
This tag was signed with the committer’s verified signature.
ockam-team Ockam Developers
GPG key ID: 11E227E7093E6E91
Learn about vigilant mode.
d9ef90c
This commit was signed with the committer’s verified signature.
ockam-team Ockam Developers
GPG key ID: 11E227E7093E6E91
Learn about vigilant mode.
Compare
Choose a tag to compare
Ockam v0.75.0

Encrypted Cloud Relays - for any application!

Here's something to try with this release!

Let's create an end-to-end encrypted, mutually authenticated, secure and private cloud relay detailed explanation

# Install ockam command
brew install build-trust/ockam/ockam

# Create a cryptographic identity and enroll with Ockam Orchestrator.
# This will sign you up for an account with Ockam Orchestrator and setup a
# trial space and project for you.
ockam enroll

# -- APPLICATION SERVICE --

# Start our application service, listening on a local ip and port, that clients
# would access through the cloud relay. We'll use a simple http server for our
# first example but this could be some other application service.
python3 -m http.server --bind 127.0.0.1 5000

# Setup an ockam node, called blue, as a sidecar next to our application service.
# Create a tcp outlet on the blue node to send raw tcp traffic to the application service.
# Then create a forwarding relay at your default orchestrator project to blue.
ockam node create blue
ockam tcp-outlet create --at /node/blue --from /service/outlet --to 127.0.0.1:5000
ockam forwarder create blue --at /project/default --to /node/blue

# -- APPLICATION CLIENT --

# Setup an ockam node, called green, as a sidecar next to our application client.
# Then create an end-to-end encrypted secure channel with blue, through the cloud relay.
# Then tunnel traffic from a local tcp inlet through this end-to-end secure channel.
ockam node create green
ockam secure-channel create --from /node/green --to /project/default/service/forward_to_blue/service/api \
  | ockam tcp-inlet create --at /node/green --from 127.0.0.1:7000 --to -/service/outlet

# Access the application service though the end-to-end encrypted, secure relay.
$ curl 127.0.0.1:7000

We just created end-to-end encrypted, mutually authenticated, and authorized secure communication between a tcp client and server. This client and server can be running in separate private networks / NATs. We didn't have to expose our server by opening a port on the Internet or punching a hole in our firewall.

The two sides authenticated and authorized each other's known, cryptographically provable identifiers. In later examples we'll see how we can build granular, attribute-based access control with authorization policies.

A more detailed explanation https://docs.ockam.io/guides/encrypted-cloud-relays
To learn more, install and run ockam --help

Homebrew

To install this release using Homebrew:

$ brew install build-trust/ockam/ockam

Docker

To use the Docker OCI package:

docker pull ghcr.io/build-trust/ockam:0.75.0

Precompiled Binaries

To install a precompiled binary:

# download ockam command binary for your architecture
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.75.0/ockam.x86_64-unknown-linux-gnu

# rename the download binary and give it permission to execute
mv ockam.x86_64-unknown-linux-gnu ockam
chmod u+x ockam

Verify:

# download sha256sums.txt
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.75.0/sha256sums.txt

# download sha256sums.txt.sig
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.75.0/sha256sums.txt.sig

# download our release public key
curl --proto '=https' --tlsv1.2 -sSfL -o ockam.pub \
  https://raw.githubusercontent.com/build-trust/ockam/develop/tools/docker/cosign.pub

# verify signatures
cosign verify-blob --key ockam.pub --signature sha256sums.txt.sig sha256sums.txt

# download ockam command binary for your architecture
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.75.0/ockam.x86_64-unknown-linux-gnu

# verify that the sha256 hash of the downloaded binary is the same as
# the corresponding hash mentioned in sha256sums.txt
cat sha256sums.txt | grep ockam.x86_64-unknown-linux-gnu | sha256sum -c

# rename the download binary and give it permission to execure
mv ockam.x86_64-unknown-linux-gnu ockam
chmod u+x ockam

Rust Crates

To use Ockam as a Rust library, run the following command within your project directory:

cargo add [email protected]

The following crates were published as part of this release:

Contributors

Community Contributors

Read more

Contributors

sobi3ch, twittner, and 10 other contributors
Assets 19
Loading

Ockam v0.74.0

07 Sep 22:53
@github-actions github-actions
ockam_v0.74.0
This tag was signed with the committer’s verified signature.
ockam-team Ockam Developers
GPG key ID: 11E227E7093E6E91
Learn about vigilant mode.
e203f56
This commit was signed with the committer’s verified signature.
ockam-team Ockam Developers
GPG key ID: 11E227E7093E6E91
Learn about vigilant mode.
Compare
Choose a tag to compare
Ockam v0.74.0

Ockam 0.74.0

Encrypted Cloud Relays - for any application!

Here's something to try with this release!

Let's create an end-to-end encrypted, mutually authenticated, secure and private cloud relay:

# Install ockam command
$ brew install build-trust/ockam/ockam

# Create a cryptographic identity and enroll with Ockam Orchestrator.
# This will sign you up for an account with Ockam Orchestrator and setup a
# trial space and project for you.
$ ockam enroll

# Start our application service, listening on a local ip and port, that clients
# would access through the cloud relay. We'll use a simple http server for our
# first example but this could be some other application service.
$ python3 -m http.server --bind 127.0.0.1 5000

# Setup an ockam node, called blue, as a sidecar next to our application service.
# Create a tcp outlet on the blue node to send raw tcp traffic to the application service.
# Then create a forwarding relay at your default orchestrator project to blue.
$ ockam node create blue
$ ockam tcp-outlet create --at /node/blue --from /service/outlet --to 127.0.0.1:5000
$ ockam forwarder create blue --at /project/default --to /node/blue

# Setup an ockam node, called green, as a sidecar next to our application client.
# Then create an end-to-end encrypted secure channel with blue, through the cloud relay.
# Then tunnel traffic from a local tcp inlet through this end-to-end secure channel.
$ ockam node create green
$ ockam secure-channel create --from /node/green \
    --to /project/default/service/forward_to_blue/service/api \
        | ockam tcp-inlet create --at /node/green --from 127.0.0.1:7000 --to -/service/outlet

# Access the application service though the end-to-end encrypted, secure relay.
$ curl 127.0.0.1:7000

We just created end-to-end encrypted, mutually authenticated, and authorized secure communication between a tcp client and server. This client and server can be running in separate private networks / NATs. We didn't have to expose our server by opening a port on the Internet or punching a hole in our firewall.

The two sides authenticated and authorized each other's known, cryptographically provable identifiers. In later examples we'll see how we can build granular, attribute-based access control with authorization policies.

To learn more, install and run ockam --help

Homebrew

To install this release using Homebrew:

$ brew install build-trust/ockam/ockam

Docker

To use the Docker OCI package:

docker pull ghcr.io/build-trust/ockam:0.74.0

Precompiled Binaries

To install a precompiled binary:

# download ockam command binary for your architecture
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.72.0/ockam.x86_64-unknown-linux-gnu

# rename the download binary and give it permission to execute
mv ockam.x86_64-unknown-linux-gnu ockam
chmod u+x ockam

Verify:

# download sha256sums.txt
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.74.0/sha256sums.txt

# download sha256sums.txt.sig
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.74.0/sha256sums.txt.sig

# download our release public key
curl --proto '=https' --tlsv1.2 -sSfL -o ockam.pub \
  https://raw.githubusercontent.com/build-trust/ockam/develop/tools/docker/cosign.pub

# verify signatures
cosign verify-blob --key ockam.pub --signature sha256sums.txt.sig sha256sums.txt

# download ockam command binary for your architecture
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.74.0/ockam.x86_64-unknown-linux-gnu

# verify that the sha256 hash of the downloaded binary is the same as
# the corresponding hash mentioned in sha256sums.txt
cat sha256sums.txt | grep ockam.x86_64-unknown-linux-gnu | sha256sum -c

# rename the download binary and give it permission to execure
mv ockam.x86_64-unknown-linux-gnu ockam
chmod u+x ockam

Rust Crates

To use Ockam as a Rust library, run the following command within your project directory:

cargo add [email protected]

The following crates were published as part of this release:

Contributors

Community Contributions

Full Changelog: ockam_v0.73.0...ockam_v0.74.0

Contributors

sobi3ch, twittner, and 10 other contributors
Assets 18
Loading

Ockam v0.73.0

05 Sep 17:47
@github-actions github-actions
ockam_v0.73.0
This tag was signed with the committer’s verified signature.
ockam-team Ockam Developers
GPG key ID: 11E227E7093E6E91
Learn about vigilant mode.
f6edd05
This commit was signed with the committer’s verified signature.
ockam-team Ockam Developers
GPG key ID: 11E227E7093E6E91
Learn about vigilant mode.
Compare
Choose a tag to compare
Ockam v0.73.0

Ockam 0.73.0

Encrypted Cloud Relays - for any application!

Here's something to try with this release!

Let's create an end-to-end encrypted, mutually authenticated, secure and private cloud relay:

# Install ockam command
$ brew install build-trust/ockam/ockam

# Create a cryptographic identity and enroll with Ockam Orchestrator.
# This will sign you up for an account with Ockam Orchestrator and setup a
# hobby space and project for you.
$ ockam enroll

# Start our application service, listening on a local ip and port, that clients
# would access through the cloud relay. We'll use a simple http server for our
# first example but this could be some other application service.
$ python3 -m http.server --bind 127.0.0.1 5000

# Setup an ockam node, called blue, as a sidecar next to our application service.
# Create a tcp outlet on the blue node to send raw tcp traffic to the application service.
# Then create a forwarding relay at your default orchestrator project to blue.
$ ockam node create blue
$ ockam tcp-outlet create --at /node/blue --from /service/outlet --to 127.0.0.1:5000
$ ockam forwarder create blue --at /project/default --to /node/blue

# Setup an ockam node, called green, as a sidecar next to our application client.
# Then create an end-to-end encrypted secure channel with blue, through the cloud relay.
# Then tunnel traffic from a local tcp inlet through this end-to-end secure channel.
$ ockam node create green
$ ockam secure-channel create --from /node/green \
    --to /project/default/service/forward_to_blue/service/api \
        | ockam tcp-inlet create --at /node/green --from 127.0.0.1:7000 --to -/service/outlet

# Access the application service though the end-to-end encrypted, secure relay.
$ curl 127.0.0.1:7000

We just created end-to-end encrypted, mutually authenticated, and authorized secure communication between a tcp client and server. This client and server can be running in separate private networks / NATs. We didn't have to expose our server by opening a port on the Internet or punching a hole in our firewall.

The two sides authenticated and authorized each other's known, cryptographically provable identifiers. In later examples we'll see how we can build granular, attribute-based access control with authorization policies.

To learn more, install and run ockam --help

Homebrew

To install this release using Homebrew:

$ brew install build-trust/ockam/ockam

Docker

To use the Docker OCI package:

docker pull ghcr.io/build-trust/ockam:0.73.0

Precompiled Binaries

To install a precompiled binary:

# download ockam command binary for your architecture
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.72.0/ockam.x86_64-unknown-linux-gnu

# rename the download binary and give it permission to execute
mv ockam.x86_64-unknown-linux-gnu ockam
chmod u+x ockam

Verify:

# download sha256sums.txt
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.73.0/sha256sums.txt

# download sha256sums.txt.sig
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.73.0/sha256sums.txt.sig

# download our release public key
curl --proto '=https' --tlsv1.2 -sSfL -o ockam.pub \
  https://raw.githubusercontent.com/build-trust/ockam/develop/tools/docker/cosign.pub

# verify signatures
cosign verify-blob --key ockam.pub --signature sha256sums.txt.sig sha256sums.txt

# download ockam command binary for your architecture
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.73.0/ockam.x86_64-unknown-linux-gnu

# verify that the sha256 hash of the downloaded binary is the same as
# the corresponding hash mentioned in sha256sums.txt
cat sha256sums.txt | grep ockam.x86_64-unknown-linux-gnu | sha256sum -c

# rename the download binary and give it permission to execure
mv ockam.x86_64-unknown-linux-gnu ockam
chmod u+x ockam

Rust Crates

To use Ockam as a Rust library, run the following command within your project directory:

cargo add [email protected]

The following crates were published as part of this release:

Assets 18
Loading

Ockam v0.72.0

31 Aug 23:18
@github-actions github-actions
ockam_v0.72.0
This tag was signed with the committer’s verified signature.
ockam-team Ockam Developers
GPG key ID: 11E227E7093E6E91
Learn about vigilant mode.
f1ca003
This commit was signed with the committer’s verified signature.
ockam-team Ockam Developers
GPG key ID: 11E227E7093E6E91
Learn about vigilant mode.
Compare
Choose a tag to compare
Ockam v0.72.0

Ockam 0.72.0

Encrypted Cloud Relays - for any application!

Here's something to try with this release!

Let's create an end-to-end encrypted, mutually authenticated, secure and private cloud relay:

# Install ockam command
$ brew install build-trust/ockam/ockam

# Create a cryptographic identity and enroll with Ockam Orchestrator.
# This will sign you up for an account with Ockam Orchestrator and setup a
# hobby space and project for you.
$ ockam enroll

# Start our application service, listening on a local ip and port, that clients
# would access through the cloud relay. We'll use a simple http server for our
# first example but this could be some other application service.
$ python3 -m http.server --bind 127.0.0.1 5000

# Setup an ockam node, called blue, as a sidecar next to our application service.
# Create a tcp outlet on the blue node to send raw tcp traffic to the application service.
# Then create a forwarding relay at your default orchestrator project to blue.
$ ockam node create blue
$ ockam tcp-outlet create --at /node/blue --from /service/outlet --to 127.0.0.1:5000
$ ockam forwarder create blue --at /project/default --to /node/blue

# Setup an ockam node, called green, as a sidecar next to our application client.
# Then create an end-to-end encrypted secure channel with blue, through the cloud relay.
# Then tunnel traffic from a local tcp inlet through this end-to-end secure channel.
$ ockam node create green
$ ockam secure-channel create --from /node/green \
    --to /project/default/service/forward_to_blue/service/api \
        | ockam tcp-inlet create --at /node/green --from 127.0.0.1:7000 --to -/service/outlet

# Access the application service though the end-to-end encrypted, secure relay.
$ curl 127.0.0.1:7000

We just created end-to-end encrypted, mutually authenticated, and authorized secure communication between a tcp client and server. This client and server can be running in separate private networks / NATs. We didn't have to expose our server by opening a port on the Internet or punching a hole in our firewall.

The two sides authenticated and authorized each other's known, cryptographically provable identifiers. In later examples we'll see how we can build granular, attribute-based access control with authorization policies.

To learn more, install and run ockam --help

Homebrew

To install this release using Homebrew:

$ brew install build-trust/ockam/ockam

Docker

To use the Docker OCI package:

docker pull ghcr.io/build-trust/ockam:0.72.0

Precompiled Binaries

To install a precompiled binary:

# download ockam command binary for your architecture
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.72.0/ockam.x86_64-unknown-linux-gnu

# rename the download binary and give it permission to execute
mv ockam.x86_64-unknown-linux-gnu ockam
chmod u+x ockam

Verify:

# download sha256sums.txt
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.72.0/sha256sums.txt

# download sha256sums.txt.sig
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.72.0/sha256sums.txt.sig

# download our release public key
curl --proto '=https' --tlsv1.2 -sSfL -o ockam.pub \
  https://raw.githubusercontent.com/build-trust/ockam/develop/tools/docker/cosign.pub

# verify signatures
cosign verify-blob --key ockam.pub --signature sha256sums.txt.sig sha256sums.txt

# download ockam command binary for your architecture
curl --proto '=https' --tlsv1.2 -sSfL -O \
  https://github.com/build-trust/ockam/releases/download/ockam_v0.72.0/ockam.x86_64-unknown-linux-gnu

# verify that the sha256 hash of the downloaded binary is the same as
# the corresponding hash mentioned in sha256sums.txt
cat sha256sums.txt | grep ockam.x86_64-unknown-linux-gnu | sha256sum -c

# rename the download binary and give it permission to execure
mv ockam.x86_64-unknown-linux-gnu ockam
chmod u+x ockam

Rust Crates

To use Ockam as a Rust library, run the following command within your project directory:

cargo add [email protected]

The following crates were published as part of this release:

Assets 17
Loading