Security
Added
- Push
kyverno to the GCP app collection.
Changed
- Add Service and Deployment annotations for Giant Swarm platform monitoring.
- Change target namespace for Giant Swarm management clusters.
- Build with
app-build-suite. - Add
app-test-suite tests.
Changed
- Update
kyverno to upstream version 1.7.4 / chart version 2.5.4. - Update
kyverno-policy-reporter to upstream version 2.10.0 / chart version 2.13.0.
Changed
- Update
kyverno to upstream version 1.7.3 / chart version 2.5.3.
Changed
- Pull kubernetes CA cert for k8s-authenticator from environment variable.
Changed
- Rework hooks. (#263)
- Migrate
Chart.yaml to API version v2. - Rename labels.
- Add
post-upgrade hook. - Move
ClusterIssuer CRs to helpers. - Remove unneccessary hook weights.
- Refine PSP & RBAC.
- Improve CRD installation job.
- Simplify default issuer installation job.
- Add
values.schema.json for default isser chart.
Added
- Add
podLabels property to allow custom pod labels.
Changed
- Disable reconciliation of CIS benchmark reports by default. These reports are temporarily removed from
trivy-operator, to be reintroduced in the future. Reconciliation of CIS benchmarks produced by starboard is still supported by setting exporter.CISKubeBenchReports.enabled: true in the Helm values.
Changed
- Update to upstream version
0.4.17/app version 0.30.4.
Fixed
- Updated CA certificate parsing to sanitize leading and trailing white spaces and newlines
Added
- Support for Quick Tunnels
Changed
- Upgrade app to version
2022.8.4 - Remove “argo” references from template names
