By Category

Back to all categories

Security

Apr 16, 2025 Security cert-manager-app v3.9.1
Added
- Added Vertical Pod Autoscaler support for controller pods.
- Added renovate configutarion
Removed
- Removed dependabot configuration
Apr 1, 2025 Security starboard-exporter v0.8.1
Changed
- Address new code linter findings for golangci-lint v2.
- Update Go version and various dependencies.
Mar 20, 2025 Security cloudnative-pg-app v0.0.7
Added
- Push to CAPI app collections.
Changed
- grafana dashboard: load it to Shared Org (public) organization
Mar 18, 2025 Security teleport-kube-agent-app v0.10.4
Added
- Add headless service on diag port 3000.
Changed
- Migrated to ABS
Mar 17, 2025 Security trivy-app v0.13.4
Changed
- Add API capabilities check for Kyverno PolicyExceptions before switching to v2.
Mar 17, 2025 Security trivy-app v0.13.3
Changed
- Make livenessProbe.initialDelaySeconds configurable.
Mar 17, 2025 Security rbac-operator v0.42.0
Added
- Added support for read-all-customer-groups bindings.
Changed
- Change ownership to Team Shield
Feb 25, 2025 Security kyverno-policies v0.23.0
Added
- Add supplemental security and best practices policies:
  - check-resources-request-and-limits-ratio
  - check-serviceaccount-secrets
  - disallow-gitrepo-volume
  - disallow-latest-tag
  - prevent-bare-pods
  - require-container-requests-and-limits
  - require-emptydir-requests-and-limits
  - require-pod-probes
  - restrict-binding-clusteradmin
  - restrict-binding-system-groups
  - restrict-sa-automount-sa-token
Feb 25, 2025 Security trivy-app v0.13.2
Changed
- Narrow down CiliumNetworkPolicy egress rule to match DNS service only.
- Narrow down CiliumNetworkPolicy ingress rule to allow traffic from namespace.
Feb 20, 2025 Security kyverno-app v0.19.0
Changed
- Update kyverno to upstream version v1.13.4.
- Use GVK for specifying Kinds in core-policies.
- Add runAsGroup to container security contexts.