Security

• Oct 25, 2023 Security kyverno-app v0.16.1

  Changed

  • Removed unused values and update schema.
• Oct 24, 2023 Security kyverno-app v0.16.0

  Added

  • Added Policy Exceptions for aws-cloud-controller-manager, aws-ebs-csi-driver, azure-cloud-controller-manager and cilium.
  • Add Policy Exception for chart-operator ServiceAccount.
  • Change psp.enabled value to global.podSecurityStandards.enforced
• Oct 17, 2023 Security cloudflared-app v0.5.0

  Added

  • Ability to specify annotations of the Deployment

  Changed

  • Do not install PodSecurityPolicy if api not available.
  • Make deployment PSS compliant.
  • Do not install cleaning hook when Quick Tunnel is enabled.
• Oct 12, 2023 Security cert-manager-app v3.5.0

  Added

  • cert-manager-giantswarm-clusterissuer: Allow setting hostedZoneID for route53 DNS01 challenge.
  • cert-manager-giantswarm-clusterissuer: Make accessKeyID and secretAccessKey optional for route53 DNS01 challenge.
• Oct 10, 2023 Security exception-recommender v0.0.2

  Changed

  • Run preinstall job as non-root.
• Oct 10, 2023 Security cert-manager-app v3.4.1

  Changed

  • Move cert-manager ownership to team BigMac. (#349)
  • Add default cpu and memory limits to controller, cainjector and webhook deployments. (#367)
  • Change the Pod Disruption Budget (PDB) to percentage-based (#372)
• Oct 5, 2023 Security exception-recommender v0.0.1

  Added

  • First release of the Exception Recommender App.
• Oct 3, 2023 Security organization-operator v1.6.0

  Added

  • New config var resyncPeriod to control the reconcile loop resync period
• Oct 3, 2023 Security dex-app v1.41.0

  Added

  • Added seccompProfile for PSS compliance.
• Oct 2, 2023 Security rbac-operator v0.38.0

  Fixed

  • Try to fix flaky tests by increasing retries.

  Changed

  • Propagate global.podSecurityStandards.enforced value set to false for PSS migration

• Newer entries
• Older entries