Security

• Mar 15, 2022 Security starboard-exporter v0.3.1

  Added

  • Add NodeAffinity to run the exporter only on Linux Nodes with AMD64.
• Mar 14, 2022 Security kyverno-app v0.9.1

  Fixed

  • Change to using maxUnavailable to match existing configs.
• Mar 14, 2022 Security kyverno-app v0.9.0

  Changed

  • Enable Pod Disruption Budget by default.
• Mar 10, 2022 Security dex-app v1.23.1

  Added

  • Add annotation app.giantswarm.io/secret-checksum to dex deployment for automatic restarts of the dex pods on config changes.

  Changed

  • Enable upgrade tests again, now that there are two releases in the catalog.
• Mar 10, 2022 Security falco-app v0.3.1

  Changed

  • Set priorityClass of giantswarm-critical for Falco DaemonSet.
• Mar 8, 2022 Security dex-app v1.23.0

  Added

  • Add PodDisruptionBudget with minAvailable: 1
• Mar 3, 2022 Security athena v1.5.3

  Fixed

  • Fix Firestore collection name used for writing RUM data.
• Mar 2, 2022 Security rbac-operator v0.23.0

  Added

  • Prevent rbac-controller fluxauth and externalresources resources from reconciling cluster namespaces
  • Dynamically bind read-in-cluster-ns clusterRole if read-all clusterRole is bound in an org-namespace
  • Dynamically bind write-in-cluster-ns clusterRole if cluster-admin clusterRole is bound in an org-namespace

  Changed

  • Renamed role read-cluster-apps-in-cluster-ns to read-in-cluster-ns
  • Renamed role write-cluster-apps-in-cluster-ns to write-in-cluster-ns
  • Renamed role binding read-cluster-app to read-in-cluster-ns
  • Renamed role binding write-cluster-apps to write-in-cluster-ns
• Mar 2, 2022 Security kyverno-policies v0.16.0

  Changed

  • Policies no longer the cluster-apps-operator.giantswarm.io/version label since cluster-apps-operator don’t use it.
• Feb 28, 2022 Security falco-app v0.3.0

  Changed

  • Update to upstream falco 1.17.2/0.31.0.
  • Update to upstream falco-exporter 0.8.0/0.7.0.

• Newer entries
• Older entries