Skip to content

Releases: kyverno/kyverno

v1.12.6

27 Sep 09:07
@github-actions github-actions
v1.12.6
bf047e4
This commit was created on GitHub.com and signed with GitHubโ€™s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.12.6 Latest
Latest

๐Ÿ› Fixed ๐Ÿ›

  • Change: Disable updaterequest cleanup cronjob (#10678)
  • Fix(helm): Remove namespace from RoleBinding/roleRef field (#10685)
  • Fix: Properly use useCache field in image verification policies (#10709)
  • Fix: Check for the client being nil before applying a mutation (#10726)
  • Fix: Resource namespace checks for Kyverno CLI (#10738)
  • Fix: Range through all resources to build webhook (#10748)
  • Fix: Get namespace labels before creating a policy context (#10773)
  • Fix: Wrong evaluation of pod security standard version (#10924)
  • Fix: Frequent API GET/UPDATE requests regarding webhooks reconciliation when no policies (#11203, #11225, #11230, #11233)

๐Ÿ”ง Others ๐Ÿ”ง

  • Fix: Bump docker in release 1.12 (#11088)
  • Fix: Updated Go version to v1.22.7 to address CVE-2024-34156 (#11142)
  • Chore: Bump chainsaw (#10687)
  • Chore: Bump github.com/docker/docker from 26.1.3+incompatible to 26.1.4+incompatible (#10750)
Assets 45

v1.13.0-rc.1

26 Sep 11:11
@github-actions github-actions
v1.13.0-rc.1
abfea8f
This commit was created on GitHub.com and signed with GitHubโ€™s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.13.0-rc.1 Pre-release
Pre-release 
tag v1.13.0-rc.1
Assets 41
Loading

v1.12.6-rc.3

26 Sep 09:13
@github-actions github-actions
v1.12.6-rc.3
dbc2631
This commit was created on GitHub.com and signed with GitHubโ€™s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.12.6-rc.3 Pre-release
Pre-release 
tag v1.12.6-rc.3
Assets 45
Loading

v1.12.6-rc.2

18 Sep 08:04
@github-actions github-actions
v1.12.6-rc.2
3cc6911
This commit was created on GitHub.com and signed with GitHubโ€™s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.12.6-rc.2 Pre-release
Pre-release 
tag v1.12.6-rc.2
Assets 45
Loading

v1.12.6-rc.1

16 Sep 10:03
@github-actions github-actions
v1.12.6-rc.1
ba7aaac
This commit was created on GitHub.com and signed with GitHubโ€™s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.12.6-rc.1 Pre-release
Pre-release 
tag v1.12.6-rc.1
Assets 45
Loading

v1.13.0-beta.1

13 Sep 08:06
@github-actions github-actions
v1.13.0-beta.1
61c6e83
This commit was created on GitHub.com and signed with GitHubโ€™s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.13.0-beta.1 Pre-release
Pre-release

This is for internal testing only.

Assets 41
Loading

v1.12.5

12 Jul 09:56
@github-actions github-actions
v1.12.5
b7fb616
This commit was created on GitHub.com and signed with GitHubโ€™s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.12.5

โœจ Added โœจ

  • Added the circuit breaker for ephemeralreports generated from the admission events which is used to create policy reports (#10499, #10596, #10610, #10613)
  • Added the circuit breaker for updaterequests which is used to apply generate and mutate existing rules (#10382)

๐Ÿ› Fixed ๐Ÿ›

  • Fixed an issue for generate policies to correctly validate patterns for old and new objects (#10310)
  • Fixed a CLI issue to get namespace's labels in the cluster mode (#10348)
  • Normalized Global Context event's reason to be inline with other policies (#10395)
  • Fixed the ephemeralreports to use generate name to avoid duplicate names (#10491)
  • Fixed notary tests (#10579)
  • Fixed to delete resources for the cleanup policy (#10582)
  • Fixed a log issue to not append cleanup policy names (#10583)
  • Fixed CEL policies to be applied to deleted resources (#10611)
  • Fixed an Json context issue to delete non-exist old values for foreach rules (#10615)
  • Renamed level 1 logs to INFO from DEBUG (#10617)
  • Truncated event messages to 1024 chars (#10636)
  • Fixed mutatingwebhookconfiguraition configured rules (#10639)

๐Ÿ”ง Others ๐Ÿ”ง

  • Refactored VAPs registrations (#10014)
  • Removed unused parameters (#10330)
  • Bumped Chainsaw (#10345)
Assets 45
Loading

v1.12.5-rc.2

11 Jul 10:41
@github-actions github-actions
v1.12.5-rc.2
6d3cf59
This commit was created on GitHub.com and signed with GitHubโ€™s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.12.5-rc.2 Pre-release
Pre-release

๐Ÿ› Fixed ๐Ÿ›

  • Renamed level 1 logs to INFO from DEBUG (#10617)
  • Truncated event messages to 1024 chars (#10636)
  • Fixed mutatingwebhookconfiguraition configured rules (#10639)
Assets 45
Loading

v1.12.5-rc.1

09 Jul 15:14
@github-actions github-actions
v1.12.5-rc.1
547cbd9
This commit was created on GitHub.com and signed with GitHubโ€™s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.12.5-rc.1 Pre-release
Pre-release

โœจ Added โœจ

  • Added the circuit breaker for ephemeralreports generated from the admission events which is used to create policy reports (#10499, #10596, #10610, #10613)
  • Added the circuit breaker for updaterequests which is used to apply generate and mutate existing rules (#10382)

๐Ÿ› Fixed ๐Ÿ›

  • Fixed an issue for generate policies to correctly validate patterns for old and new objects (#10310)
  • Fixed a CLI issue to get namespace's labels in the cluster mode (#10348)
  • Normalized Global Context event's reason to be inline with other policies (#10395)
  • Fixed the ephemeralreports to use generate name to avoid duplicate names (#10491)
  • Fixed notary tests (#10579)
  • Fixed to delete resources for the cleanup policy (#10582)
  • Fixed a log issue to not append cleanup policy names (#10583)
  • Fixed CEL policies to be applied to deleted resources (#10611)
  • Fixed an Json context issue to delete non-exist old values for foreach rules (#10615)

๐Ÿ”ง Others ๐Ÿ”ง

  • Refactored VAPs registrations (#10014)
  • Removed unused parameters (#10330)
  • Bumped Chainsaw (#10345)
Assets 45
Loading

v1.12.4

17 Jun 10:33
@github-actions github-actions
v1.12.4
b488e68
This commit was created on GitHub.com and signed with GitHubโ€™s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.12.4

โ—Important Notice โ—

If you are running 1.12, please upgrade to this version to pick up the fix for the ephemeralreports piling-up issue. Check this post and understand how to recover from an ETCD outage:

Amazon EKS- managing and fixing ETCD database size

[updated] If you are seeing consistent creation of ephemeralreports, you can:

  1. disable reporting for admission events, please see this comment.
  2. tune --aggregationWorkers to increase the capacity of consuming ephemeralreports, see this comment. It can be configured directly via the container flag, or through Helm extraArgs.
  3. as a user of Argo CD, check whether something is causing continuous reconcile operations.

You can also find the script to delete a large number of reports here, thanks to @andrew-bulford-form3.

๐Ÿ› Fixed ๐Ÿ›

  • Added condition checking to notary attestation verify chainsaw test (#10288)
  • Fixed a CLI issue to apply namespace labels in the cluster mode (#10348)
  • Fixed a gloabl context look up issue to return the error properly (#10398)
  • Fixed logging verbosity got the background scanner (#10404)
  • Shutdown the controller properly when the context is canceled (#10415)
  • Fixed duplicate updaterequest creation for background policies (#10431)

๐Ÿ”ง Others ๐Ÿ”ง

  • Bumped chainsaw (#10345)
  • Added chainsaw test for controllers leader election (#10416)

Contributors

andrew-bulford-form3
Assets 45
Loading