Security

• Oct 13, 2021 Security kyverno-policies v0.8.0

  Added

  • kubelet and api server flags for CAPI clusters.
• Oct 12, 2021 Security kyverno-policies v0.7.1

  Fixed

  • Fix annotation name in subscription id defaulting rule.
• Oct 12, 2021 Security kyverno-policies v0.7.0

  Added

  • Default SubscriptionID field for AzureCluster CRs.

  Changed

  • Add test setup for vsphere policies.
• Oct 12, 2021 Security organization-operator v0.10.0

  Added

  • Ensure Organization CR in Azure MCs have the subscriptionid annotation set.

  Changed

  • Use Patch to save Namespace in Status to avoid write conflicts.
• Oct 11, 2021 Security kyverno-policies v0.6.2

  Added

  • Set kubelet extra argument node-ip for worker and masters.
  • Validate deprecated APIs.
• Oct 7, 2021 Security rbac-operator v0.16.0

  Added

  • Provide access for customer automation SA Organization CR management.
• Oct 6, 2021 Security kyverno-policies v0.6.1
• Oct 5, 2021 Security kyverno-policies v0.6.0

  Added

  • Add CRDs related to kubeadm controlplane to CI.
  • Add policies to configure default disk sizes and disk initialization for CAPA cluster.

  Changed

  • Keep existing node-labels when ensuring the role=worker label exists in KubeadmConfigs.
• Oct 5, 2021 Security dex-app v1.14.0

  Changed

  • Adapt it to be run in a Giant Swarm Workload Cluster too.
  • Bring new dex 2.30.0 version to be compatible with Kuberentes 1.21.x.
• Oct 2, 2021 Security cert-manager-app v2.11.0

  Changed

  • Label default ClusterIssuers with giantswarm.io/service-type: "managed" (#187).
  • Fix startupjob PSP (#191)
  • Upgrade to upstream image v1.5.4 (#191)

• Newer entries
• Older entries