kubescape-operator-1.18.12

1.18.12 Release Notes

📢 Updates

We updated the internal package responsible for generating the SBOM and the vulnerabilities report. This change might impact some scanning results, making them more accurate.

🚀 Enhancements

• Bump syft and grype versions by @dwertent in #431
• Update the microservices images by @matthyx in #432

Rule-based alerting installation guide

Full Changelog: kubescape-operator-1.18.11...kubescape-operator-1.18.12

kubescape-operator-1.18.11

1.18.11 Release Notes

🚀 Enhancements

Beta (release candidate): rule-based alerting

• Rule-based alerting - beta version RC by @dwertent in #427

Install

For installation, add the following flags to the installation command:

runtimeDetection: Detect unexpected file exec/file open and network
malwareDetection: Anti-virus

--set capabilities.runtimeDetection=enable --set capabilities.malwareDetection=enable --set alertCRD.installDefault=true --set alertCRD.scopeClustered=true --set nodeAgent.config.prometheusExporter=enable

🐞 Fixed issues

• Fixed SBOM encoding in storage by @dwertent in #424

Full Changelog: kubescape-operator-1.18.10...kubescape-operator-1.18.11

kubescape-operator-1.18.10

1.18.10 Release Notes

🚀 Enhancements

Alpha release: rule-based alerting
In this release, we are introducing runtime-based alerting to detect malicious behavior in the applications running in the cluster.
Feel free to contact us if you are interested in testing it out :)

Install

For installation, add the following flags to the installation command:

• runtimeDetection: Detect unexpected file exec/file open and network
• malwareDetection: Anti-virus

--set capabilities.runtimeDetection=enable --set capabilities.malwareDetection=enable 

Alerts

The alerts should be available in Prometheus.
Enable the serviceMonitor:

--set nodeAgent.serviceMonitor.enabled=true

@dwertent @amirmalka @amitschendel #416

🐞 Fixed issues

• Fixed cronJob headers by @matthyx in #415
• Operator getting stuck by @matthyx in #415

Full Changelog: kubescape-operator-1.18.8...kubescape-operator-1.18.10

kubescape-operator-1.18.9

1.18.9 Release Notes

🚀 Enhancements

Alpha release: rule-based alerting
In this release, we are introducing runtime-based alerting to detect malicious behavior in the applications running in the cluster.
Feel free to contact us if you are interested in testing it out :)

Install

For installation, add the following flags to the installation command:

• runtimeDetection: Detect unexpected file exec/file open and network
• malwareDetection: Anti-virus

--set capabilities.runtimeDetection=enable --set capabilities.malwareDetection=enable 

Alerts

The alerts should be available in Prometheus.
Enable the serviceMonitor:

--set nodeAgent.serviceMonitor.enabled=true

@dwertent @amirmalka @amitschendel #416

🐞 Fixed issues

• Fixed cronJob headers by @matthyx in #415
• Operator getting stuck by @matthyx in #415

Full Changelog: kubescape-operator-1.18.8...kubescape-operator-1.18.9

kubescape-operator-1.18.8

1.18.8 Release Notes

🚀 Enhancements

• Adding contextual remediation (remediation based on runtime data) by @matthyx in #410

🐞 Fixed issues

• Fix potential race conditions in the synchronizer
• Removed deprecated summary objects

Full Changelog: kubescape-operator-1.18.7...kubescape-operator-1.18.8

kubescape-operator-1.18.7

Kubescape is an E2E Kubernetes cluster security platform

kubescape-operator-1.18.6

1.18.6 Release Notes

🐞 Fixed issues

• Hotfix registry scanning

Full Changelog: kubescape-operator-1.18.5...kubescape-operator-1.18.6

kubescape-operator-1.18.5

1.18.5 Release Notes

🚀 Enhancements

• Set default cluster name by @dwertent in #400
• add skip TLS verify in registry creds secret by @amirmalka in #402
• Bump images to the latest release by @matthyx in #403

🐞 Fixed issues

• Set continues-scanning to disable when there is an adaptor
• Improve image vulnerability scanning results

Full Changelog: kubescape-operator-1.18.4...kubescape-operator-1.18.5

kubescape-operator-1.18.4

1.18.4 Release Notes

🚀 Enhancements

• Synchronizer GA by @amirmalka in #394
• Generating network policies is enabled:

  kubectl -n <namespace> get generatednetworkpolicies <workload-kind>-<workload-name> -o yaml
  

• Adding ignore label to all resources by @dwertent in #395 (This is for future support)
• bump images by @matthyx in #396

🐞 Fixed issues

• Fix: missing imagePullSecrets in storage deployment by @jbertozzi in #391
• Fix panic in node-agent
• Fix panic in storage

New Contributors

• @jbertozzi made their first contribution in #391

Full Changelog: kubescape-operator-1.18.3...kubescape-operator-1.18.4

kubescape-operator-1.18.3

1.18.3 Release Notes

🐞 Fixed issues

• Fix RBAC permission for storage class by @matthyx in #392

Full Changelog: kubescape-operator-1.18.2...kubescape-operator-1.18.3