Releases: kubescape/helm-charts
Releases · kubescape/helm-charts
kubescape-operator-1.26.1
Kubescape is an E2E Kubernetes cluster security platform
What's Changed
- disable nodeSbomGeneration by @amirmalka in #630
Full Changelog: kubescape-operator-1.26.0...kubescape-operator-1.26.1
Contributors
amirmalka
Assets 3
kubescape-operator-1.26.0
Kubescape is an E2E Kubernetes cluster security platform
What's Changed
- Enable host sensor configurations by @slashben in #624
- Changing default chart settings (node SBOM,mTLS, Admission controller, and HTTP) by @slashben in #625
- add missing nodeSelector for os linux by @matthyx in #626
- kubescape/kubescape@v3.0.29...v3.0.30
- Bump github.com/go-jose/go-jose/v4 from 4.0.2 to 4.0.5 in /httphandler by @dependabot in kubescape/kubescape#1796
- update prerequisites command by @matthyx in kubescape/kubescape#1797
- kubescape/operator@v0.2.73...v0.2.74
- check correct setting for continuous scanning by @matthyx in kubescape/operator#296
- host-scanner rebuilt for CVE in stdlib
Full Changelog: kubescape-operator-1.25.7...kubescape-operator-1.26.0
Contributors
matthyx, dependabot, and slashben
Assets 3
kubescape-operator-1.25.7
Kubescape is an E2E Kubernetes cluster security platform
What's Changed
- added io uring detection by @afek854 in #617
- Replace full folder mount to per file mount of extra CA certificates by @slashben in #613
- add capability to save filtered SBOMs again
- kubescape/kubescape@v3.0.25...v3.0.29
- Refactor: maroto version v2 by @Fernando-hub527 in kubescape/kubescape#1786
- Feature: Added exceptions flag in scan image cmd by @VaibhavMalik4187 in kubescape/kubescape#1568
- added support for exception rules in Scan API ( As a HTTP request) by @Sanskarzz in kubescape/kubescape#1591
- do not skip on location resolver error by @matthyx in kubescape/kubescape#1788
- Refactor: propagate context from main to avoid redundant context creation by @pixel365 in kubescape/kubescape#1789
- fix: add error handling and context propagation by @pixel365 in kubescape/kubescape#1790
- update prerequisites by @matthyx in kubescape/kubescape#1791
- removing enable/disable colors, as not compatible with all loggers by @matthyx in kubescape/kubescape#1792
- deprecate control name in exception policies by @amirmalka in kubescape/kubescape#1795
- kubescape/operator@v0.2.69...v0.2.73
- Update k8s-interface to v0.0.187 to support google artifact registry by @vijaytdh in kubescape/operator#292
- fix continuous scanning by @matthyx in kubescape/operator#290
- Update registryx dependency to v0.0.25 and adjust go.sum by @kooomix in kubescape/operator#293
- bump some deps by @matthyx in kubescape/operator#295
- kubescape/kubevuln@v0.3.58...v0.3.62
- add option to save filtered SBOMs by @matthyx in kubescape/kubevuln#274
- fix compatibility with node-agent SBOMs by @matthyx in kubescape/kubevuln#273
- only use registry provider to pull images by @matthyx in kubescape/kubevuln#275
- kubescape/storage@v0.0.159...v0.0.161
- notify watchers when cleanup deletes objects by @matthyx in kubescape/storage#195
- add timeout to storage locks by @matthyx in kubescape/storage#196
- kubescape/node-agent@v0.2.246...v0.2.259
- avoid panic on shared container data by getting it once by @matthyx in kubescape/node-agent#478
- Fixing panic when application profile is nil and being passed to inde… by @amitschendel in kubescape/node-agent#479
- Feature/iouring detection by @afek854 in kubescape/node-agent#476
- memlock enable when not checking kernel by @amitschendel in kubescape/node-agent#482
- use ToolVersionMetadataKey from k8s-interface by @matthyx in kubescape/node-agent#480
- add retry to patchApplicationProfile in case of timeout by @matthyx in kubescape/node-agent#481
- add nil check for appProfile in ApplicationProfileCacheImpl by @matthyx in kubescape/node-agent#483
- Host hash sensor by @slashben in kubescape/node-agent#484
- Imporving fileless execution detection and removing paths from senset… by @amitschendel in kubescape/node-agent#489
- Add ignored comms for /etc/shadow access by @slashben in kubescape/node-agent#490
- Remove perl from whitelist by @slashben in kubescape/node-agent#491
- kubescape/synchronizer@v0.0.98...v0.0.99
- fatal on pulsar channel closed by @matthyx in kubescape/synchronizer#105
- kubescape/prometheus-exporter@v0.2.1...v0.2.2
- Added use of refresh interval time by @jayantpranjal0 in kubescape/prometheus-exporter#29
Full Changelog: kubescape-operator-1.25.6...kubescape-operator-1.25.7
Contributors
matthyx, kooomix, and 10 other contributors
Assets 3
kubescape-operator-1.25.6
Kubescape is an E2E Kubernetes cluster security platform
What's Changed
- Updating rules & bumping in-cluster components by @amitschendel in #614
- prepare next release by @matthyx in #615
- kubescape/storage@v0.0.156...v0.0.159
- add call stack feature
- improve list/watch for virtual CRDs
- kubescape/node-agent@v0.2.238...v0.2.246
- add call stack feature
- improve list/watch calls with fullSpec option
Full Changelog: kubescape-operator-1.25.5...kubescape-operator-1.25.6
Contributors
matthyx and amitschendel
Assets 3
kubescape-operator-1.25.5
Kubescape is an E2E Kubernetes cluster security platform
What's Changed
- Add support for mapping extra CA certificates in Kubescape Helm chart by @slashben in #610
- Add kubescape offline capability by @matthyx in #611
- prepare new release by @matthyx in #612
- kubescape/operator@v0.2.68...v0.2.69
- acknoledge that imagePullSecrets can contain multiple credentials
- kubescape/http-request@v0.2.9...v0.2.11
- bump deps for vulnerabilities
Full Changelog: kubescape-operator-1.25.4...kubescape-operator-1.25.5
Contributors
matthyx and slashben
Assets 3
kubescape-operator-1.25.4
Kubescape is an E2E Kubernetes cluster security platform
What's Changed
- Feature/secretless setup by @slashben in #604
- added configmaps to node agent RBAC by @amirmalka in #605
- kubescape/kubescape@v3.0.24...v3.0.25
- fix empty sarif document in CLI scans
- kubescape/operator@v0.2.66...v0.2.68
- bump k8s-interface to fix GenerateInstanceID for statefulsets
- host-scanner
- bump deps for vulns
- kubescape/storage@v0.0.154...v0.0.156
- add option to return full spec to watch events
- kubescape/node-agent@v0.2.236...v0.2.238
- fix node-agent on 5.4 kernels
Full Changelog: kubescape-operator-1.25.3...kubescape-operator-1.25.4
Contributors
amirmalka and slashben
Assets 3
kubescape-operator-1.25.3
Kubescape is an E2E Kubernetes cluster security platform
- fix kubescape-volume for non-airgaped deployments
- kubescape/kubevuln@v0.3.57...v0.3.58
- fix ImageHash in scanCVE when it only contains a hash
- kubescape/storage@v0.0.153...v0.0.154
- add option to return full specs in GetList
kubescape-operator-1.25.2
Kubescape is an E2E Kubernetes cluster security platform
- fix otel collector port for host-scanner and storage
- add few rule bindings to node-agent
- fix mTLS option for storage
- kubescape/kubescape@v3.0.23...v3.0.24
- add prerequisites command to CLI
- kubescape/operator@v0.2.65...v0.2.66
- bump deps for vulns
- kubescape/kubevuln@v0.3.54...v0.3.57
- bump deps for vulns
- improve logs
- fix SBOM version comparison with semver
- host-scanner
- bump deps for vulns
- kubescape/storage@v0.0.150...v0.0.153
- improve mTLS support
- replace golang.org/x/exp/maps with maps from stdlib
- kubescape/node-agent@v0.2.227...v0.2.236
- bump deps for vulns
- reduce calls to api-server again
- fix SetContainerInfo for initcontainers
- fix object cache when runtime observability is disabled
- use cri runtime for enrichment to get pod labels
kubescape-operator-1.25.1
Kubescape is an E2E Kubernetes cluster security platform
- kubevuln kubescape/kubevuln@v0.3.52...v0.3.54
- add option to use default matchers
- move scanID to annotations
- operator kubescape/operator@v0.2.63...v0.2.65
- fix panic in cooldownqueue
- storage kubescape/storage@v0.0.148...v0.0.150
- return metadata for GetList on virtual CRDs
- avoid double RBAC checks when deployed behind api-server
- node-agent kubescape/node-agent@v0.2.210...v0.2.227
- fix vulnerabilities
- replace Kubernetes enricher
- skip previously running containers for relevancy
kubescape-operator-1.25.0
Kubescape is an E2E Kubernetes cluster security platform
What's Changed
- deprecate gateway by @amirmalka in #565
- Fix serviceScanConfig.enabled whitespace by @explsd in #578
- Added node-agent mounts by @afek854 in #579
- fix: annotation for node-agent should use dynamic name by @cyberox in #584
- fix: stop synchronizer from retrying connection on invalid credentials by @amirmalka in #585
- Update E2E tests by @amirmalka in #587
- Update missing tests values by @amirmalka in #589
- added necessary resources to ClusterRole when workload metrics are enabled by @hebestreit in #588
- Ks recurring body configurable by @Bezbran in #590
- enable air-gapped scans by @matthyx in #582
- Prepare new release 1.25.0 by @amirmalka in #586
New Contributors
Full Changelog: kubescape-operator-1.24.2...kubescape-operator-1.25.0
Contributors
cyberox, Bezbran, and 5 other contributors