Highlights for the week ending April 8, 2022
Apps
- dashboards versions v2.1.0 and v2.0.0 adds all dashboards form g8s-grafana, grafana sidecar annotation to all config maps, dashboard for ceph cluster usage in KVM. Splits each dashboards in specific configmaps and makes the mixin dashboard private.
- efk-stack-app version v0.7.3 adds team annotations in Chart.yaml for alert routing and fixes deprecated api for rbac.
- kyverno-app version v0.10.0 updates to Kyverno version 1.6.2 including performance and stability improvements.
- kyverno-policies version v0.17.1 includes policies for enforcing Kubernetes Pod Security Standards (PSS). This is the first release of this app intended for use outside Giant Swarm’s own clusters.
- nginx-ingress-controller-app versions v2.10.0 and v2.1.4 fix CVE-2022-0778 in OpenSSL and CVE-2022-23308 in libxml2.
- security-pack version v0.1.0 enables Kyverno installation by default, updates to Falco app version 0.3.2, and includes the
kyverno-policies
app for PSS policy enforcement.
Documentation
The first iteration of our GitOps template repository gitops-template is available. It covers documented examples that show how we envision management of Giant Swarm resources (organizations, workload cluster templates and instances) with GitOps. This template is the pattern we recommend and support. This is still a work in progress: we will continue adding more use cases so major changes and revisions could happen.