Release v1.5.2 · kyverno/kyverno

v1.5.2

Signatures & sbom for Kyverno image should be stored in a different repository #2504
[VULNERABILITY] I can violate Kyverno Policies #2164
Allow Helm CRD management to be disabled #2655
Upgrade in-toto-golang to fix CVE-2021-41087 #2670
Way to escape braces #2513
Extend preconditions operations that support storage size comparision #2558

Add images to allowed variables #2628
Kyverno panics on interface conversion #2588
Policies with PreConditions are marked as "failed" in the metrics #2629
RuleResult label to be correctly populated while registering respective metrics #2643
Custom deepCopy functions for objects do not work #805, #2663
Kyverno policies block uninstall of Kyverno #2623
Invalid variables #2625
Pre-built image vars not resolving in the test command with mutate rules using foreach #2660
Memory leak with validate policy #2427
imagePullSecrets are not refreshed in verifyImages rule resulting in expired credential failures #2790
Change ClusterRole kyverno:webhook labels #2776
kyverno initContainer fail to start when external.metrics.k8s.io/v1beta1 return empty array for resources #1490
Installing kyverno as helm dependency fails when trying to use CustomResourceDefinition #2783
Fix profiling issue #2529
Handle reports with missing result property #2696
Hard-coded ClusterRoleName in OwnerRef breaks when Kyverno Helm Chart name is unique #2713
Kyverno crashLooping with TypeAssertionError #2752
When uninstalling kyverno helm chart pods are stuck in "terminating" state indefinitely #2750
Verify-image attestation signature is not checked #2739
Fix package vulnerabilities #2768
Signatures & sbom for Kyverno image should be stored in a different repository #2504
[VULNERABILITY] I can violate Kyverno Policies #2164
Allow Helm CRD management to be disabled #2655
Upgrade in-toto-golang to fix CVE-2021-41087 #2670

Full Changelog: v1.5.1...v1.5.2