Releases: daemon1024/KubeArmor
Releases · daemon1024/KubeArmor
v10.0
v0.6-testsyscheck
v0.5-testhost
Changelog
- d6d95e2 enforcer: add host security enforcement support
- 7197c7c enforcer: graceful clean up on termination
- 5f38a37 update dev environment
- 938d262 pkg: detect and handle BPF LSM in annotation controller
- f10c2b8 test license header updates
- f1d82f9 bpf: update perm denied code
- 86668ff enforcer: handle default posture updates and fix exec perms
- 5e5a7fd fix license headers
- d4a2bef enforcer: update rules map to limit paths to 256B
- f2e6026 enforcer: handle network policies
- dd737e5 enforcer: handle process/file enforcement
- d715d49 remove hashing of path keys
- fe7fce5 enforcer: handle process/file/network enforcement
- db27853 enforcer: handle process based policies
- c02db7e enforcer: update Container Rules on K8s events
- a25cf3f handle eBPF objects on container events
- 590d420 enforcer: setup bpf lsm enforcer
- b7a0176 Merge pull request kubearmor#743 from Ankurk99/dev-branch
- fd5028f Merge pull request kubearmor#748 from boanlab/main
- 928dfbb Merge pull request kubearmor#757 from achrefbensaad/fixcontrollerdeleetebug
- 9d2644f Merge pull request kubearmor#758 from daemon1024/bottlerocket-dep
- 6e69c58 add Bottlerocket OS to support matrix
- 4932304 deploy: add bottlerocket env
- c714aa6 Merge pull request kubearmor#686 from achrefbensaad/add-controller-documentations
- 199c563 fix annotation controller delete bug
- 5b40a6b Merge pull request kubearmor#747 from daemon1024/fix-cri
- 51241f2 Merge pull request kubearmor#755 from nam-jaehyun/main
- e798ff5 fix failed CI
- 6d85e92 add annotation controller docs
- 8a0c7e2 cri: handle bugs and edge cases
- 8e74a24 Merge pull request kubearmor#751 from nam-jaehyun/main
- 27bb664 update setup scripts
- b334e26 update selinux
- a8bf185 clean up the code
- 0752687 update scripts
- c57fb93 update GitHub Action
- 992a6ab Update deployment_guide.md
- 847173a fix k3s installation script to use proper kubectl command
- e1d6818 Merge pull request kubearmor#739 from DelusionalOptimist/DelusionalOptimist/test/crio
- 50c1c03 add tests for crio and golint
- 24dab96 Merge pull request kubearmor#697 from DelusionalOptimist/DelusionalOptimist/feat/crio-support
- 2c56af2 add support for CRI-O runtime
- 7e1810d Merge pull request kubearmor#738 from kloudmax/main
- c9b60c8 Merge pull request #1 from achrefbensaad/updateFailbehavior
- 7ae03c5 update deployments yaml
- 3e4d219 honor controller failback logic
- 7277a6d update deployment_guide.md
- dddadee update docker-registry.sh
- 319e4e1 update kubeArmor.go
- 0b7d0e3 update go.{mod,sum}
- 7dbdeec update KubeArmorAnnotation
- d39dbb0 update workflows
- cd78955 Merge pull request kubearmor#695 from achrefbensaad/update-ci-and-scripts
- 16c2455 Merge pull request kubearmor#671 from achrefbensaad/add-annotations-controller-deploy
- b5eb99b use random grpc port (kubearmor#672)
- 8405914 fixes k8s-nodeName, hostname mismatch issue (kubearmor#736)
- 45dd42e Merge pull request kubearmor#735 from nyrahul/main
- e95d178 updated the stable release to 0.4.4
- 2fe5dc9 Merge pull request kubearmor#734 from kloudmax/main
- 32eb929 fix defaultPosture=audit
- b01ea21 Merge pull request kubearmor#727 from kloudmax/main
- 9abb9d2 update default posture and audit mode
- 288511f Merge pull request kubearmor#732 from nyrahul/main
- e0c63f6 kubearmor support matrix
- c9c63c5 Merge pull request kubearmor#731 from bmelbourne/bugfix/update-go-containerd-pkg
- ebee0d3 Update github.com/containerd/containerd to v1.5.13 to fix security issues
- e195eb2 Merge pull request kubearmor#730 from kubearmor/revert-729-kubearmor-main
- a7a9a76 Revert "Kubearmor main"
- 66c6673 Merge pull request kubearmor#729 from asifalix/kubearmor-main
- 50b1ad8 removed hostlogupdate.go
- fe1ccb3 Merge pull request kubearmor#721 from DelusionalOptimist/DelusionalOptimist/test/AKS-support
- 2f1416c update getting started guide and deployments for AKS
- a588b0b update ci scripts
- 1aaee57 Merge pull request kubearmor#723 from kloudmax/main
- 5a1f8ca fix ResolvedProcessWhiteListConflicts
- 1c63466 Merge pull request kubearmor#722 from kloudmax/CleanUpExitedHostPids
- 7b593ef fix CleanUpExitedHostPids
- 658b254 Merge pull request kubearmor#715 from kloudmax/hostname
- 72de65d Merge pull request kubearmor#719 from Akshit42-hue/main
- 0f79e8e add debug info
- 4e80725 updated
- aaa038c Merge pull request kubearmor#717 from Ankurk99/test-GA
- 1e376e3 Merge pull request kubearmor#713 from kloudmax/deployment_guide
- 2eca94d Merge pull request kubearmor#702 from kloudmax/Helm
- 8a5b9ce Merge pull request kubearmor#714 from kloudmax/k3s
- 863aae1 fix github action workflow to create stable release
- 055a959 Merge pull request kubearmor#716 from kloudmax/processName
- 5281155 update systemMonitor
- 8230692 update install_k3s.sh
- 26dad77 update deployment_guide.md
- 8ceb3f1 Minikube Cluster Setup (kubearmor#694)
- 4cebdc1 Merge pull request kubearmor#707 from kloudmax/LatestRelease
- 07c95be Merge pull request kubearmor#706 from kloudmax/NodeInfo
- 75cc216 update latest-release CI
- a02509f update k3s env
- 631c0ad fix hostname
- 418554a Merge pull request kubearmor#703 from kloudmax/ProcessNames
- 982a790 fix process names
- 4df6b4f update helm
- a916028 Fix for identical source/resource value for process operations (kubearmor#696)
- 74ae2a8 add controller deployment
- 7410c1c Merge pull request kubearmor#685 from DelusionalOptimist/DelusionalOptimist/feat/raw-support
- e53fac7 Merge pull request kubearmor#690 from kloudmax/main
- b21fd7f arping -> ping
- 4f8df94 apply suggested changes from review
- 84c0166 Merge pull request kubearmor#689 from nam-jaehyun/main
- 3439561 feat: add support for SOCK_RAW
- ccbabc4 remove unused selinux field
- 9b558c4 update README.md
- 0adea8b update KubeArmorAnnotation
- 7c8c7e2 update k8s scripts
- 97321a3 update CRDs
- e3d2083 update KubeArmorPolicy
- d2053a7 update KubeArmorHostPolicy
- 6451e04 Merge pull request kubearmor#682 from nam-jaehyun/main
- 68f3ba2 Merge pull request kubearmor#683 from kloudmax/main
- cf7d732 Merge pull request kubearmor#655 from achrefbensaad/annotations-webhook
- bb9f2bb update setup scripts
- ce04875 add mutation webhook controller
- 3d3ef11 add a field for labels
- 2ce14fb fix audit mode (w/ policy matcher)
- 441a380 update test scenarios
- 89a420b fix the auto-testing framework
- 27818c1 add dependencies in rpm
- 334a791 update setup scripts
- 0277a47 update documents
- 772c7c2 update feature-request-enhancement.md
- 6b1c4cc update CONTRIBUTING.md
- 93794fe Merge pull request kubearmor#674 from kloudmax/main
- e774bef fix typo
- 8c2848e update documents
- 2c854c2 update test scenarios
- bf6087f Merge pull request kubearmor#673 from nam-jaehyun/main
- 8e6ad80 update host policies
- e54c3fe update host policies
- a3b9b3f update SELinux Enforcer
- 251a133 Merge pull request kubearmor#668 from kloudmax/main
- 9f2816d update kubeArmor.go
- ce8eb65 update setup scripts
- 24a304a update test scenarios
- 30c8f54 update Policy Mathcer
- 4faeb7f KubeArmor fails to send alerts/logs for Host on specific scenario (kubearmor#664)
- e0ba982 Merge pull request kubearmor#665 from nyrahul/main
- 28ea045 deprecated two tests related to net_raw cap
- c1903f4 apparmor-enforcer: skip non-regular profiles
- 7b7d325 updated symbolic link events
- f22bc07 Merge pull request kubearmor#662 from nyrahul/main
- 9e3c450 update stable release to v0.3
- 5d47974 Merge pull request kubearmor#630 from daemon1024/default-posture-ns
- 13417ca doc: add documentation for default posture
- 160a89a handle per namespace default posture implementation
- 0971f72 Merge pull request kubearmor#602 from daemon1024/default-armor-opt
- dbfb5cc add default posture block test case based fromsourceallow
- 3db6618 consider default posture when atleast one allow policy OR from source allow policy
- d2d04cb check policy list to consider posture or not
- f383637 consider default posture if fromsourceallowpolicy exists
- 5c61070 Remove backed-up host policy on policy removal (kubearmor#658)
- 76baf1c Merge pull request kubearmor#656 from nyrahul/main
- 4145fcb fix for disabling HostLogs in k8s env
- 7d78301 Merge pull request kubearmor#654 from nyrahul/main
- 14913d1 GH-actions: release only from upstream repo only
- 9162922 Merge pull request kubearmor#652 from Ankurk99/main
- 4cd92e3 fix stable version release to match correct release name
- b2c7d82 Merge pull request kubearmor#648 from nyrahul/main
- e2737ef deploy/core: kubearmor for GKE latest COS images
- 925a26a Merge pull request kubearmor#645 from kloudmax/main
- a97df0d update documents
- a9af4bd Merge pull request kubearmor#646 from daemon1024/handle-races
- 4834169 Merge pull request kubearmor#634 from Ankurk99/issue620
- 36ec082 feeder: handle race condition
- c0aedf2 Merge pull request kubearmor#644 from seswarrajan/main
- 61756fd String comparison modified
- 56cbec8 Segafult issue fix and compare fromSource with processWhiteList for generating fusionProcessWhiteList
- 36e2f75 add hostppid field
- e8f4352 update setup scripts
- ffcb957 update documents
- 1d7776e update deployment yamls (kubearmor#641)
- 19928f5 Sigfault on policy enforcement
- 710a774 Merge branch 'kubearmor:main' into main
- 91f87d4 update logs to not print EINPROGRESS error
- 0a98271 Merge pull request kubearmor#643 from daemon1024/fix-crd-validation
- 85ae2ad Segfault on policy handling
- 391e396 pkg: update path and dir validation regex
- 84323cc redirect logs to alerts based on default posture
- 57abac4 introduce configurable default posture
- db1779e Merge pull request kubearmor#626 from viveksahu26/correct_logs
- 86954a6 Kubearmor policies are not getting enforced on reboot (kubearmor#631)
- 005cdeb Merge pull request kubearmor#632 from kloudmax/main
- 8ff2277 get full paths
- 7c8a47f Merge pull request kubearmor#639 from daemon1024/fix-config
- 8ff52ba cfg: use SetDefault instead of Set for flag values
- 1f2be24 Merge pull request kubearmor#637 from achrefbensaad/set-bcc-to-v0.24.0
- 6eba59d set bcc to tag v0.24.0
- 0cfb87e Merge pull request kubearmor#635 from Ankurk99/main
- 27444ed update release CI and the self-managed-k8s setup to use latest bcc release
- 2275b90 Merge pull request kubearmor#633 from daemon1024/ci-fix
- 6d3c78c ci: fetch latest release of bcc
- bc53db2 added standard way to see logs
- eb71e99 Merge pull request kubearmor#610 from Ankurk99/deployment-stable-release
- b23641b deploygen: explicitly mention ImagePullPolicy as Always
- 1b4c3a9 Merge pull request kubearmor#627 from nyrahul/main
- 7b0baa4 Merge pull request kubearmor#628 from Ankurk99/branchstable
- babf216 update stable tag when the latest version release branch i...
v0.4
Changelog
- cd6f0e3 update systemd packaging
- c788e77 deploy: update object to include init container
- 6c607fd build: update build system to use init container
- 788d551 ci: update tests for new system monitor
- bbaeb31 monitor: migrate system monitor from bcc to cilium ebpf
- c14583a bpf: migrate bcc based ebpf code to libbpf
- 6451e04 Merge pull request kubearmor#682 from nam-jaehyun/main
- 68f3ba2 Merge pull request kubearmor#683 from kloudmax/main
- cf7d732 Merge pull request kubearmor#655 from achrefbensaad/annotations-webhook
- bb9f2bb update setup scripts
- ce04875 add mutation webhook controller
- 3d3ef11 add a field for labels
- 2ce14fb fix audit mode (w/ policy matcher)
- 441a380 update test scenarios
- 89a420b fix the auto-testing framework
- 27818c1 add dependencies in rpm
- 334a791 update setup scripts
- 0277a47 update documents
- 772c7c2 update feature-request-enhancement.md
- 6b1c4cc update CONTRIBUTING.md
- 93794fe Merge pull request kubearmor#674 from kloudmax/main
- e774bef fix typo
- 8c2848e update documents
- 2c854c2 update test scenarios
- bf6087f Merge pull request kubearmor#673 from nam-jaehyun/main
- 8e6ad80 update host policies
- e54c3fe update host policies
- a3b9b3f update SELinux Enforcer
- 251a133 Merge pull request kubearmor#668 from kloudmax/main
- 9f2816d update kubeArmor.go
- ce8eb65 update setup scripts
- 24a304a update test scenarios
- 30c8f54 update Policy Mathcer
- 4faeb7f KubeArmor fails to send alerts/logs for Host on specific scenario (kubearmor#664)
- e0ba982 Merge pull request kubearmor#665 from nyrahul/main
- 28ea045 deprecated two tests related to net_raw cap
- c1903f4 apparmor-enforcer: skip non-regular profiles
- f22bc07 Merge pull request kubearmor#662 from nyrahul/main
- 9e3c450 update stable release to v0.3
- 5d47974 Merge pull request kubearmor#630 from daemon1024/default-posture-ns
- 13417ca doc: add documentation for default posture
- 160a89a handle per namespace default posture implementation
- 0971f72 Merge pull request kubearmor#602 from daemon1024/default-armor-opt
- dbfb5cc add default posture block test case based fromsourceallow
- 3db6618 consider default posture when atleast one allow policy OR from source allow policy
- d2d04cb check policy list to consider posture or not
- f383637 consider default posture if fromsourceallowpolicy exists
- 5c61070 Remove backed-up host policy on policy removal (kubearmor#658)
- 76baf1c Merge pull request kubearmor#656 from nyrahul/main
- 4145fcb fix for disabling HostLogs in k8s env
- 7d78301 Merge pull request kubearmor#654 from nyrahul/main
- 14913d1 GH-actions: release only from upstream repo only
- 9162922 Merge pull request kubearmor#652 from Ankurk99/main
- 4cd92e3 fix stable version release to match correct release name
- b2c7d82 Merge pull request kubearmor#648 from nyrahul/main
- e2737ef deploy/core: kubearmor for GKE latest COS images
- 925a26a Merge pull request kubearmor#645 from kloudmax/main
- a97df0d update documents
- a9af4bd Merge pull request kubearmor#646 from daemon1024/handle-races
- 4834169 Merge pull request kubearmor#634 from Ankurk99/issue620
- 36ec082 feeder: handle race condition
- c0aedf2 Merge pull request kubearmor#644 from seswarrajan/main
- 61756fd String comparison modified
- 56cbec8 Segafult issue fix and compare fromSource with processWhiteList for generating fusionProcessWhiteList
- 36e2f75 add hostppid field
- e8f4352 update setup scripts
- ffcb957 update documents
- 1d7776e update deployment yamls (kubearmor#641)
- 19928f5 Sigfault on policy enforcement
- 710a774 Merge branch 'kubearmor:main' into main
- 91f87d4 update logs to not print EINPROGRESS error
- 0a98271 Merge pull request kubearmor#643 from daemon1024/fix-crd-validation
- 85ae2ad Segfault on policy handling
- 391e396 pkg: update path and dir validation regex
- 84323cc redirect logs to alerts based on default posture
- 57abac4 introduce configurable default posture
- db1779e Merge pull request kubearmor#626 from viveksahu26/correct_logs
- 86954a6 Kubearmor policies are not getting enforced on reboot (kubearmor#631)
- 005cdeb Merge pull request kubearmor#632 from kloudmax/main
- 8ff2277 get full paths
- 7c8a47f Merge pull request kubearmor#639 from daemon1024/fix-config
- 8ff52ba cfg: use SetDefault instead of Set for flag values
- 1f2be24 Merge pull request kubearmor#637 from achrefbensaad/set-bcc-to-v0.24.0
- 6eba59d set bcc to tag v0.24.0
- 0cfb87e Merge pull request kubearmor#635 from Ankurk99/main
- 27444ed update release CI and the self-managed-k8s setup to use latest bcc release
- 2275b90 Merge pull request kubearmor#633 from daemon1024/ci-fix
- 6d3c78c ci: fetch latest release of bcc
- bc53db2 added standard way to see logs
- eb71e99 Merge pull request kubearmor#610 from Ankurk99/deployment-stable-release
- b23641b deploygen: explicitly mention ImagePullPolicy as Always
- 1b4c3a9 Merge pull request kubearmor#627 from nyrahul/main
- 7b0baa4 Merge pull request kubearmor#628 from Ankurk99/branchstable
- babf216 update stable tag when the latest version release branch is updated
- ab6aa90 apparmor: refactored code
- 975ab49 Merge pull request kubearmor#624 from nyrahul/main
- 2a27439 feeder: solved deadlock issue with telemetry
- bf39613 Enabling KubearmorVM on extra flags
- 01bd255 Start kubearmor in VM mode only if k8s false and enableKubeArmorHostPOlicy true
- 38b9224 Merge pull request kubearmor#612 from viveksahu26/command-repeated
- dadd889 cat aommand repeated twice
- f9d444c update deployment to use stable release instead of latest
v0.3.1
v0.3.0
Full Changelog: v0.2.3...v0.3.0
v0.2.3
v0.2.2
v0.2.1
Full Changelog: v0.1.2...v0.2.1
v0.2.0
Full Changelog: v0.1.2...v0.2.0