Releases: kubescape/helm-charts
Releases · kubescape/helm-charts
kubescape-operator-1.27.1
Kubescape is an E2E Kubernetes cluster security platform
What's Changed
- added rules by @afek854 in #662
- fix storeFilteredSbom option by @matthyx in #666
- enable sbom syncing by capability by @refaelm92 in #663
- kubescape/node-agent@v0.2.282...v0.2.285
- do not filter network direction by @afek854 in kubescape/node-agent#517
- added source alert platform by @afek854 in kubescape/node-agent#518
- fix: fix evaluation signature by @afek854 in kubescape/node-agent#520
- kubescape/synchronizer@v0.0.104...v0.0.107
- clean and sync sbomsyfts by @refaelm92 in kubescape/synchronizer#111
- release sbom sync by @refaelm92 in kubescape/synchronizer#112
- merge annotations and labels on conflicts by @matthyx in kubescape/synchronizer#113
Full Changelog: kubescape-operator-1.27.0...kubescape-operator-1.27.1
Contributors
matthyx, refaelm92, and afek854
Assets 3
kubescape-operator-1.27.0
Kubescape is an E2E Kubernetes cluster security platform
What's Changed
- tor incoming connection by @afek854 in #651
- Revert "tor incoming connection" by @afek854 in #654
- Trigger performance test by @bvolovat in #655
- Merge pull request #655 from kubescape/trigger-performance-test by @afek854 in #656
- bump chart version by @matthyx in #657
- Adding configuration to decide on the scope of malware scanning by @amitschendel in #659
- Adding new rules by @amitschendel in #660
- update node-agent to fix rule policies by @afek854 in #658
- kubescape/kubescape@v3.0.31...v3.0.34
- updating prerequisites to support custom kubeconfig by @matthyx in kubescape/kubescape#1808
- Bump golang.org/x/net from 0.33.0 to 0.36.0 by @dependabot in kubescape/kubescape#1809
- feat: enhance prerequisites UI with new review-values and improved pr… by @DanDavidA in kubescape/kubescape#1811
- Bump github.com/golang-jwt/jwt/v5 from 5.2.1 to 5.2.2 by @dependabot in kubescape/kubescape#1812
- kubescape/operator@v0.2.77...v0.2.81
- chore(deps): Bump golang.org/x/net from 0.34.0 to 0.36.0 by @dependabot in kubescape/operator#299
- added process tree to exec to pod by @afek854 in kubescape/operator#300
- chore(deps): Bump github.com/cilium/cilium from 1.16.6 to 1.16.8 by @dependabot in kubescape/operator#302
- chore(deps): Bump github.com/golang-jwt/jwt/v5 from 5.2.1 to 5.2.2 by @dependabot in kubescape/operator#301
- kubescape/kubevuln@v0.3.66...v0.3.69
- Bump golang.org/x/net from 0.33.0 to 0.36.0 by @dependabot in kubescape/kubevuln#281
- Bump github.com/cilium/cilium from 1.16.6 to 1.16.8 by @dependabot in kubescape/kubevuln#283
- Bump github.com/golang-jwt/jwt/v5 from 5.2.1 to 5.2.2 by @dependabot in kubescape/kubevuln#282
- chore(deps): bump golang.org/x/net from 0.33.0 to 0.36.0 kubescape/host-scanner#62
- kubescape/storage@v0.0.166...v0.0.172
- Deprecate and Remove NetworkNeighbors by @jayantpranjal0 in kubescape/storage#203
- chore(deps): Bump golang.org/x/net from 0.33.0 to 0.36.0 by @dependabot in kubescape/storage#206
- minimize lock on SQLite connection by @matthyx in kubescape/storage#207
- kubescape/node-agent@v0.2.274...v0.2.284
- fixed http component tests by @afek854 in kubescape/node-agent#508
- fix endpoint test server by @afek854 in kubescape/node-agent#507
- Bump golang.org/x/net from 0.35.0 to 0.36.0 by @dependabot in kubescape/node-agent#511
- added task based enricher by @afek854 in kubescape/node-agent#509
- Handle old application profile in rule policy by @afek854 in kubescape/node-agent#514
- Bump github.com/cilium/cilium from 1.16.6 to 1.16.8 by @dependabot in kubescape/node-agent#515
- do not crash if iouring is not loaded by @afek854 in kubescape/node-agent#516
- do not filter network direction by @afek854 in kubescape/node-agent#517
- added source alert platform by @afek854 in kubescape/node-agent#518
- kubescape/synchronizer@v0.0.102...v0.0.104
- Bump github.com/containerd/containerd from 1.7.18 to 1.7.27 by @dependabot in kubescape/synchronizer#109
- Bump github.com/golang-jwt/jwt/v5 from 5.2.1 to 5.2.2 by @dependabot in kubescape/synchronizer#110
- kubescape/prometheus-exporter@v0.2.2...v0.2.3
- Bump golang.org/x/net from 0.34.0 to 0.36.0 by @dependabot in kubescape/prometheus-exporter#30
New Contributors
Full Changelog: kubescape-operator-1.26.6...kubescape-operator-1.27.0
Contributors
matthyx, dependabot, and 5 other contributors
Assets 3
kubescape-operator-1.26.6
Kubescape is an E2E Kubernetes cluster security platform
What's Changed
Full Changelog: kubescape-operator-1.26.5...kubescape-operator-1.26.6
Contributors
matthyx
Assets 3
kubescape-operator-1.26.5
Kubescape is an E2E Kubernetes cluster security platform
What's Changed
- Adding rules by @amitschendel in #647
- Sync roles & clusterroles by @amirmalka in #648
- removing deprecated CRDs by @matthyx in #649
- add divisor: '1' to GOMAXPROCS and GOMEMLIMIT for argo by @matthyx in #640
- kubescape/node-agent@v0.2.269...v0.2.274
- fixed malicious app by @afek854 in kubescape/node-agent#503
- Fixing a panic when slugToContainers returns nil by @amitschendel in kubescape/node-agent#504
- Feature/ebpf top by @afek854 in kubescape/node-agent#505
- fixed comment by @afek854 in kubescape/node-agent#506
- kubescape/synchronizer@v0.0.100...v0.0.102
- bump github.com/cilium/cilium to v1.16.6 by @matthyx in kubescape/synchronizer#107
- fix proxy support by @matthyx in kubescape/synchronizer#108
Full Changelog: kubescape-operator-1.26.4...kubescape-operator-1.26.5
Contributors
matthyx, amirmalka, and 2 other contributors
Assets 3
kubescape-operator-1.26.4
Kubescape is an E2E Kubernetes cluster security platform
What's Changed
- fix operator network policy for admission controller port by @amirmalka in #642
- use a noop exporter for logs instead of disabling by @matthyx in #644
- include more resources to ignoreDifferences ArgoCD App by @StefanCenusa in #646
- kubescape/kubescape@v3.0.30...v3.0.31
- fix score calculation for framework with all controls in status irrelevant by @amirmalka in kubescape/kubescape#1802
- Bump github.com/go-jose/go-jose/v3 from 3.0.3 to 3.0.4 by https://github.com/dependabot in kubescape/kubescape#1803
- kubescape/operator@v0.2.74...v0.2.77
- fix exporter alert data by @afek854 in kubescape/operator#297
- add pullsecrets from pod for scanAP by @matthyx in kubescape/operator#298
- kubescape/kubevuln@v0.3.65...v0.3.66
- discard vulnerabilitymanifest created from old sbom by @matthyx in kubescape/kubevuln#280
- kubescape/storage@v0.0.161...v0.0.166
- unregister applicationactivity and networkneighbors by @matthyx in kubescape/storage#200
- remove goroutine from lock acquisition by @matthyx in kubescape/storage#201
- prune metadata if gob file not found by @matthyx in kubescape/storage#202
- kubescape/node-agent@v0.2.263...v0.2.269
- Added fallback by @afek854 in kubescape/node-agent#496
- Adding backoff on runc originated processes by @amitschendel in kubescape/node-agent#497
- Removing path from malicious paths by @amitschendel in kubescape/node-agent#498
- Removing container specification from message as this comes in the me… by @amitschendel in kubescape/node-agent#500
- kubescape/synchronizer@v0.0.99...v0.0.100
- fix pulsar reader loop by @amirmalka in kubescape/synchronizer#106
New Contributors
- @StefanCenusa made their first contribution in #646
Full Changelog: kubescape-operator-1.26.3...kubescape-operator-1.26.4
Contributors
StefanCenusa, matthyx, and 3 other contributors
Assets 3
kubescape-operator-1.26.3
Kubescape is an E2E Kubernetes cluster security platform
What's Changed
- add missing condition to install exporter's servicemonitor by @matthyx in #638
- remove logs from otel exporter config by @matthyx in #639
- disable otel collector when configurations.otelUrl is set by @matthyx in #636
- allow disabling runtimeObservability while keeping relevancy by @matthyx in #641
Full Changelog: kubescape-operator-1.26.2...kubescape-operator-1.26.3
Contributors
matthyx
Assets 3
kubescape-operator-1.26.2
Kubescape is an E2E Kubernetes cluster security platform
What's Changed
- do not set insecureSkipTLSVerify=false with mtls (argo) by @matthyx in #631
- kubescape/kubevuln@v0.3.62...v0.3.65
- add build image file by @jnathangreeg in kubescape/kubevuln#277
- only submit CVE to backend if we have a wlid by @matthyx in kubescape/kubevuln#279
- normalize imageTag for scan AP by @matthyx in kubescape/kubevuln#278
- kubescape/node-agent@v0.2.259...v0.2.263
- avoid out of range errors in initContainerIdToName by @matthyx in kubescape/node-agent#492
- fixed parsing of http response by @afek854 in kubescape/node-agent#493
- removed line by @afek854 in kubescape/node-agent#495
- don't rely on containerstatuses order, avoid indices by @matthyx in kubescape/node-agent#494
Full Changelog: kubescape-operator-1.26.1...kubescape-operator-1.26.2
Contributors
matthyx, jnathangreeg, and afek854
Assets 3
kubescape-operator-1.26.1
Kubescape is an E2E Kubernetes cluster security platform
What's Changed
- disable nodeSbomGeneration by @amirmalka in #630
Full Changelog: kubescape-operator-1.26.0...kubescape-operator-1.26.1
Contributors
amirmalka
Assets 3
kubescape-operator-1.26.0
Kubescape is an E2E Kubernetes cluster security platform
What's Changed
- Enable host sensor configurations by @slashben in #624
- Changing default chart settings (node SBOM,mTLS, Admission controller, and HTTP) by @slashben in #625
- add missing nodeSelector for os linux by @matthyx in #626
- kubescape/kubescape@v3.0.29...v3.0.30
- Bump github.com/go-jose/go-jose/v4 from 4.0.2 to 4.0.5 in /httphandler by @dependabot in kubescape/kubescape#1796
- update prerequisites command by @matthyx in kubescape/kubescape#1797
- kubescape/operator@v0.2.73...v0.2.74
- check correct setting for continuous scanning by @matthyx in kubescape/operator#296
- host-scanner rebuilt for CVE in stdlib
Full Changelog: kubescape-operator-1.25.7...kubescape-operator-1.26.0
Contributors
matthyx, dependabot, and slashben
Assets 3
kubescape-operator-1.25.7
Kubescape is an E2E Kubernetes cluster security platform
What's Changed
- added io uring detection by @afek854 in #617
- Replace full folder mount to per file mount of extra CA certificates by @slashben in #613
- add capability to save filtered SBOMs again
- kubescape/kubescape@v3.0.25...v3.0.29
- Refactor: maroto version v2 by @Fernando-hub527 in kubescape/kubescape#1786
- Feature: Added exceptions flag in scan image cmd by @VaibhavMalik4187 in kubescape/kubescape#1568
- added support for exception rules in Scan API ( As a HTTP request) by @Sanskarzz in kubescape/kubescape#1591
- do not skip on location resolver error by @matthyx in kubescape/kubescape#1788
- Refactor: propagate context from main to avoid redundant context creation by @pixel365 in kubescape/kubescape#1789
- fix: add error handling and context propagation by @pixel365 in kubescape/kubescape#1790
- update prerequisites by @matthyx in kubescape/kubescape#1791
- removing enable/disable colors, as not compatible with all loggers by @matthyx in kubescape/kubescape#1792
- deprecate control name in exception policies by @amirmalka in kubescape/kubescape#1795
- kubescape/operator@v0.2.69...v0.2.73
- Update k8s-interface to v0.0.187 to support google artifact registry by @vijaytdh in kubescape/operator#292
- fix continuous scanning by @matthyx in kubescape/operator#290
- Update registryx dependency to v0.0.25 and adjust go.sum by @kooomix in kubescape/operator#293
- bump some deps by @matthyx in kubescape/operator#295
- kubescape/kubevuln@v0.3.58...v0.3.62
- add option to save filtered SBOMs by @matthyx in kubescape/kubevuln#274
- fix compatibility with node-agent SBOMs by @matthyx in kubescape/kubevuln#273
- only use registry provider to pull images by @matthyx in kubescape/kubevuln#275
- kubescape/storage@v0.0.159...v0.0.161
- notify watchers when cleanup deletes objects by @matthyx in kubescape/storage#195
- add timeout to storage locks by @matthyx in kubescape/storage#196
- kubescape/node-agent@v0.2.246...v0.2.259
- avoid panic on shared container data by getting it once by @matthyx in kubescape/node-agent#478
- Fixing panic when application profile is nil and being passed to inde… by @amitschendel in kubescape/node-agent#479
- Feature/iouring detection by @afek854 in kubescape/node-agent#476
- memlock enable when not checking kernel by @amitschendel in kubescape/node-agent#482
- use ToolVersionMetadataKey from k8s-interface by @matthyx in kubescape/node-agent#480
- add retry to patchApplicationProfile in case of timeout by @matthyx in kubescape/node-agent#481
- add nil check for appProfile in ApplicationProfileCacheImpl by @matthyx in kubescape/node-agent#483
- Host hash sensor by @slashben in kubescape/node-agent#484
- Imporving fileless execution detection and removing paths from senset… by @amitschendel in kubescape/node-agent#489
- Add ignored comms for /etc/shadow access by @slashben in kubescape/node-agent#490
- Remove perl from whitelist by @slashben in kubescape/node-agent#491
- kubescape/synchronizer@v0.0.98...v0.0.99
- fatal on pulsar channel closed by @matthyx in kubescape/synchronizer#105
- kubescape/prometheus-exporter@v0.2.1...v0.2.2
- Added use of refresh interval time by @jayantpranjal0 in kubescape/prometheus-exporter#29
Full Changelog: kubescape-operator-1.25.6...kubescape-operator-1.25.7
Contributors
matthyx, kooomix, and 10 other contributors