Releases: FairwindsOps/polaris
Releases · FairwindsOps/polaris
7.2.1
Changelog
- c2d1b1c Bump alpine from 3.16 to 3.17 (#885)
- 81755e3 Bump github.com/spf13/cobra from 1.6.0 to 1.6.1 (#870)
- 531322c Bump github.com/stretchr/testify from 1.8.0 to 1.8.1 (#869)
- e3f3254 Managed by Terraform
- 8bc1a4b refactor: move from io/ioutil to io and os packages (#858)
- 8af4363 update dependencies (#898)
You can verify the signature of the checksums.txt file using cosign.
cosign verify-blob checksums.txt --signature=checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub
7.2.0
Changelog
- 467d06f FWI-2719: Enable new RBAC / sensitive content / Pod exec checks, add
hasPrefixandhasSuffixfunctions to the GO template, exemptsystem:name prefixes for RBAC checks, sensitive content checks ignorevalueFrom, (#832)
You can verify the signature of the checksums.txt file using cosign.
cosign verify-blob checksums.txt --signature=checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub
7.1.6
Changelog
- 29102de Build docker images using goreleaser and support arm64 (#845)
- 587396a Bump k8s.io/api from 0.25.0 to 0.25.3 (#862)
- 45be5cb FWI-2912: Add logging to improve debugging of JSON Schema (#859)
- b3d842a Fix CI tag filters and re-enable docs (#852)
- 4091355 Managed by Terraform
- 6ef87be update dependencies (#867)
You can verify the signature of the checksums.txt file using cosign.
cosign verify-blob checksums.txt --signature=checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub
7.1.5
Changelog
- 29102de Build docker images using goreleaser and support arm64 (#845)
- 7e09952 Define tag filters for all jobs in the workflow
- 98d8646 Fix 7e09952
- 21ca5ee Re-enable build/push of documentation
You can verify the signature of the checksums.txt file using cosign.
cosign verify-blob checksums.txt --signature=checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub
7.1.4
7.0.2
Changelog
- be45519 Add
target PodTemplatewhich exposes the full Pod (not only the spec) (#801) - f9e2603 Bump alpine from 3.16.0 to 3.16.1 (#810)
- 7addced Bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0 (#815)
- 76c42c4 Bump github.com/spf13/cobra from 1.4.0 to 1.5.0 (#813)
- 4103032 Bump github.com/stretchr/testify from 1.7.1 to 1.8.0 (#786)
- 65add73 Bump k8s.io/api from 0.24.1 to 0.24.3 (#808)
- af0d548 Bump k8s.io/apimachinery from 0.24.1 to 0.24.3 (#807)
- 3efa3b4 Bump k8s.io/client-go from 0.24.1 to 0.24.3 (#806)
- 7e77350 Bump sigs.k8s.io/controller-runtime from 0.12.1 to 0.12.3 (#814)
- e5b9236 FWI-2476: Add missingNetworkPolicy, automountServiceAccountToken, and linuxHardening checks (#816)
- 2063222 FWI-2509: Add sensitiveContainerEnvVar and sensitiveConfigMapContent checks (#817)
- 50d789f Fix
resourceKindMap.addResource()to not assume every Kind has an APIGroup (#805) - e3a6cb3 Fix namespace checking when validating additional schemas which are not namespaced (#822)
- a0000e1 Suppress empty results when --only-show-failed-tests is passed (#811)
- 25ab600 Update docs to reflect
target: PodTemplateRE: PR #801 (#804) - c3b57bf
target: containeralso populates.Polaris.PodSpec|PodTemplate+ a new.Polaris.Containerrepresenting the currently checked container,GetPodTemplateserializes data to work around a DeepCopy bug with type int (#812) - ccaa384 expose
Polaris.PodSpecfor PodSpec targeted checks (#793) - b90f091 fix polaris cves (#824)
- 652b65b fix: properly remove emojis in pretty format with no color (#765)
You can verify the signature of the checksums.txt file using cosign.
cosign verify-blob checksums.txt --signature=checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub
7.0.1
7.0.0
Changelog
- f713d43 ensure path exists when adding mutations (#789)
- e3e7900 Add
checksflag to fix specific checks (#797) - c3eb081 Add flag to enable mutations in webhook (#794)
- a2ec025 Add more mutations, fix mutation tests (#790)
- 276c168 Bump alpine from 3.15.4 to 3.16.0 (#773)
- f71ca99 Change
target: Podtotarget: PodSpec(#726) - 0868207 Enable pullPolicyNotAlways (#795)
- e896eec Expose GetValidateResults function to be used in the polaris package (#763)
- 5423449 Use orb to publish docs (#791)
- acadebe add docs for mutation (#792)
- 92f0b6e fix issue when the files-path is actual file path instead of directory (#761)
- 50319fb fix webhook test (#798)
- 3b865fc skip incomplete or broken YAML - warn user (#678)
- 25a120b update dependencies (#777)
You can verify the signature of the checksums.txt file using cosign.
cosign verify-blob checksums.txt --signature=checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub
6.0.0
Changelog
- a59063b Add fix command to mutate and update IaC (#746)
- 6b7d6ab Added Mutation webhook (#755)
- 321bfa8 Added more mutations and refactor test to test each mutation separately (#734)
- 57d0ae3 Bump alpine from 3.15.3 to 3.15.4 (#745)
- c597b16 Managed by Terraform
- c92819c Save last podspec when walking owner hierarchy (#748)
- 322e6f7 fix kinds (#752)
- 8a8ac2d update go modules (#743)
- 6c33168 update release process (#744)
You can verify the signature of the checksums.txt file using cosign.
cosign verify-blob checksums.txt --signature=checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub
5.2.0
Changelog
- 78838a6 Add a --namespace flag to the in-cluster audit (#742)
- a4c0b0f Add mutation field to
imagePolicyNotAlways(#712) - a7e3007 Bump alpine from 3.15.0 to 3.15.1 (#731)
- f2833f2 Bump alpine from 3.15.1 to 3.15.2 (#733)
- 82d3663 Bump alpine from 3.15.2 to 3.15.3 (#739)
- 861fd42 Bump golang from 1.17.7 to 1.17.8 (#716)
- bd8b296 Fix license headers (#736)
- 1841b74 audit check specific checks when passing checks args (#737)
- fd16fb9 merge the list of resources from custom checks and the generated controller list before deduplicating them (#727)
- ce8786b update x/text (#740)
You can verify the signature of the checksums.txt file using cosign.
cosign verify-blob checksums.txt --signature=checksums.txt.sig --key https://artifacts.fairwinds.com/cosign.pub