Managed Apps
Added
- Added enabled flag to conditionally deploy helm chart.
Changed
- Push to app catalog and app collection (CAPZ).
Fixed
- Fixed potential vulnerability on
devctl
generated github-workflows
.
Changed
- Update tests for ats usage.
Added
- Made GraphQL introspection configurable and disabled by default
Changed
- Change ImagePullPolicy from Always to IfNotPresent to reduce image network traffic.
Changed
- upgrade grafana chart: 8.3.4 => 8.4.4
- upgrade grafana : 11.1.0 => 11.1.3
Added
- Add custom rule to detect access to root CA key file in control plane nodes
- Added the falco-k8s-metacollector.
- Added team label to the daemonset.
Changed
- Remove API check on PolicyException.
- Updated
Falco
chart version from 3.8.1
to 4.6.1
. - Updated
Falco-exporter
chart version from 0.9.9
to 0.11.0
- Updated
Falcosidekick
chart version from 0.7.5
to 0.8.2
- Updated
Falco
to upstream version 0.38.1
. - Edited Kyverno Policy Exceptions to allow falco-k8s-metacollector.
- Edited the Falco Cilium Network Policy to allow traffing from the falco-k8s-metacollector.
Changed
- Upgraded upstream chart from 6.7.4 to 6.10.0 - see changelog for more information.
Fixed
- Fix Cilium pod being restarted too soon – instead of every 15 minutes – in case of failed regeneration recovery. This was because creation date parsing failed.