Security

• Feb 20, 2025 Security kyverno-policies v0.22.0

  Changed

  • Update to upstream Kyverno Policies version 1.13.4.

  Added

  • Add supplemental policies restrict-external-ips, require-ro-rootfs, and enable upstream policy require-non-root-groups.
  • Add supplemental policy to generate default deny-all Network Policies in newly created namespaces.
• Feb 5, 2025 Security falco-app v0.10.0

  Changed

  • Update Falco to upstream version 0.40.0.
• Feb 3, 2025 Security athena v1.13.1

  Removed

  • Removed unused chart value .secret.firestoreServiceAccountKey and .secret.
• Jan 28, 2025 Security cert-manager-app v3.9.0

  Changed

  • Updates Cert-manager Chart to Upstream 1.16.2

  Added

  • Adds new sync method based on Vendir to sync from upstream
• Jan 23, 2025 Security exception-recommender v0.2.0

  Added

  • Add AutomatedException feature.

  Changed

  • Disable logger development mode to avoid panicking
  • Disable PSPs and CRD install job.
• Jan 16, 2025 Security athena v1.13.0

  Removed

  • Removed analytics functionality, kept GraphQL API and optional Helm values for compatibility reasons.

  Changed

  • Changed ownership to Team Shield
• Dec 11, 2024 Security kyverno-policies v0.21.1

  Changed

  • Add application.giantswarm.io/team label to policies.
• Dec 3, 2024 Security cert-manager-app v3.8.2

  Fix

  • added the option to configure additional approveSignerNames

  Changed

  • Changed ownership to team Shield

  Removed

  • Get rid of label giantswarm.io/monitoring_basic_sli as this slo generation label is not used anymore.
• Nov 13, 2024 Security dex-app v1.42.13

  Changed

  • Changed ownership to Team Shield
  • Prepare for Backstage service
• Nov 6, 2024 Security external-secrets v0.11.1

  Changed

  • Bump image version to v0.10.5 to resolve issue with failing to auth to kubernetes using client certs

• Newer entries
• Older entries