Kyverno - v1.11.2

❗ Breaking (Potentially) ❗

  • The policy that applies to Deployment/scale subresource has been changed to use condition anchor for the condition check. This may break your existing policy if you used the policy restrict-scale to block the scale action (#9295)

✨ Added ✨

  • Added support for FIPS endpoints in AWS authentication (#9233)
  • Added deprecation warnings in both CLI test and apply commands (#9222)
  • Enabled additional report printer columns by default (#9194)
  • Added skipBackgroundRequests to configure loop protection option for Generate policies (#9157)
  • Supported more signature algorithms for Cosign image verification (#9102)

### Helm
* Added the option to specify imagePullSecrets for the post-upgrade-hook job (#9264)
* Added tolerations and affinity constraints to the post-upgrade hook (#9156)
* Added nodeSelector to the reports cleanup helm hook (#9065)

🐛 Fixed 🐛

  • Kyverno CLI: fixed excluded resources status in the test command (#9274)
  • Kyverno CLI: fixed an issue when a resource cannot be found in the apply command (#9282)
  • Kyverno CLI: fixed large table row ID number format in the apply command (#9281)
  • Fixed the content length header issue for APICall (#9268)
  • Converted chainsaw tests to kuttl (#9242)
  • Fixed force reconciliation for mutate existing rules (#9230, #9210)
  • Fixed an issue when applying mutate existing rules to a trigger resource whose name exceeds 63 characters (#9162)
  • Kyverno CLI: fixed registry authentication issue in the apply command (#9151)
  • Fixed an issue when updaterequests are stuck in pending/fail infinite loop for mutate existing rules (#9119)
  • Fixed an issue when ttl cleanup rules are applying to cluster-wide resources (#9060)
  • Fixed an issue allowing changes to pre-existing resources in violation of a Validation policy in Enforce mode (#9027)

### Helm
* Fixed Helm chart to not error when replicas defined (#9066)

🔧 Others 🔧

  • Disabled policy library kuttl tests (#9259)
  • Bumped k8s libraries to 1.29 stable (#9257)
  • Fixed launch.json (#9239)
  • Improved ValidatingAdmissionPolicy validation messages (#9168)
  • Updated chart.yaml with the changes (#9070)

Details

date
Dec. 28, 2023, 2:17 p.m.
name
v1.11.2
type
Patch
official page
https://github.com/kyverno/kyverno/releases/tag/v1.11.2
👇
Register or login to:
  • 🔍View and search all Kyverno releases.
  • 🛠️Create and share lists to track your tools.
  • 🚨Setup notifications for major, security, feature or patch updates.
  • 🚀Much more coming soon!
Continue with GitHub
Continue with Google
or