Skip to content

Releases: sighupio/fury-kubernetes-opa

Preview v1.3.0-rc2

30 Dec 10:31
@angelbarrera92 angelbarrera92
v1.3.0-rc2
af58790
Compare
Choose a tag to compare
Preview v1.3.0-rc2 Pre-release
Pre-release

OPA Core Module version TBD

SIGHUP team maintains this module updated and tested. That is the main reason why we worked on this new release.
With the Kubernetes 1.20 release, it became the perfect time to start testing this module against this Kubernetes
release. Minor works have been done in the constraint templates.

Continue reading the Changelog to discover them:

Changelog

  • Update OPA Gatekeeper version from: 3.1.1 to 3.2.2
  • Include Gatekeeper Policy Manager, GPM, from our amazing @ralgozino. 0.4.0.
  • Adds excludeIstio flag to:
    • K8sLivenessProbe
    • K8sReadinessProbe
    • SecurityControls
      This feature excludes the checks on istio sidecar containers.
  • Improve k8suniqueingresshost constraint template to check path + host tuple instead of just the host.
    Thanks to @phisco who made it possible.
  • Kubernetes support:
    • Deprecate Kubernetes 1.16 support.
    • Kubernetes 1.19 is considered stable.
    • Add tech-preview support to Kubernetes 1.20.

Upgrade path

To upgrade this core module from v1.2.1, you need to download this new version, then apply the
kustomize project. No further action is required.

kustomize build katalog/gatekeeper | kubectl apply -f - --force
Loading

Preview v1.3.0-rc1

30 Dec 09:38
@angelbarrera92 angelbarrera92
v1.3.0-rc1
2cf1ceb
Compare
Choose a tag to compare
Preview v1.3.0-rc1 Pre-release
Pre-release

OPA Core Module version TBD

SIGHUP team maintains this module updated and tested. That is the main reason why we worked on this new release.
With the Kubernetes 1.20 release, it became the perfect time to start testing this module against this Kubernetes
release. Minor works have been done in the constraint templates.

Continue reading the Changelog to discover them:

Changelog

  • Update OPA Gatekeeper version from: 3.1.1 to 3.2.2
  • Adds excludeIstio flag to:
    • K8sLivenessProbe
    • K8sReadinessProbe
    • SecurityControls
      This feature excludes the checks on istio sidecar containers.
  • Improve k8suniqueingresshost constraint template to check path + host tuple instead of just the host.
    Thanks to @phisco who made it possible.
  • Kubernetes support:
    • Deprecate Kubernetes 1.16 support.
    • Kubernetes 1.19 is considered stable.
    • Add tech-preview support to Kubernetes 1.20.

Upgrade path

To upgrade this core module from v1.2.1, you need to download this new version, then apply the
kustomize project. No further action is required.

kustomize build katalog/gatekeeper | kubectl apply -f - --force
Loading

Release v1.2.1

21 Sep 09:04
@angelbarrera92 angelbarrera92
v1.2.1
91846a6
Compare
Choose a tag to compare
Release v1.2.1

OPA Core Module version 1.2.1

This release removes the cert-manager dependency created in 1.2.0
due to a fix applied to the gatekeeper upstream project

Changelog

  • Update gatekeeper. From v3.1.0 to v3.1.1.
    • Avoid deploying cert-manager as a Gatekeeper requirement.

Upgrade path

To upgrade this core module from v1.1.0 or v1.2.0 to v1.2.1, you need to download this new version, then apply the
kustomize project. No further action is required.

kustomize build katalog/gatekeeper | kubectl apply -f - --force

Important note

Update from v1.1.0

This version changes the labels for gatekeeper-controller-manager, so the usual kustomize build | kubectl apply -f
should be used together with the --force flag, or the gatekeeper-controller-manager deployment should be deleted
manually before applying this new version.

Loading

Preview v1.2.1-rc1

21 Sep 08:48
@angelbarrera92 angelbarrera92
v1.2.1-rc1
cc1cb41
Compare
Choose a tag to compare
Preview v1.2.1-rc1 Pre-release
Pre-release

OPA Core Module version 1.2.1

This release removes the cert-manager dependency created in
1.2.0 due to a fix applied to the
gatekeeper upstream project

Changelog

  • Update gatekeeper. From v3.1.0 to v3.1.1.
    • Avoid deploying cert-manager as a Gatekeeper requirement.

Upgrade path

To upgrade this core module from v1.1.0 or v1.2.0 to v1.2.1, you need to download this new version, then apply the
kustomize project. No further action is required.

kustomize build katalog/gatekeeper | kubectl apply -f - --force

Important note

Update from v1.1.0

This version changes the labels for gatekeeper-controller-manager, so the usual kustomize build | kubectl apply -f
should be used together with the --force flag, or the gatekeeper-controller-manager deployment should be deleted
manually before applying this new version.

Loading

Release v1.2.0

21 Sep 07:15
@angelbarrera92 angelbarrera92
v1.2.0
1d8124c
Compare
Choose a tag to compare
Release v1.2.0

OPA Core Module version 1.2.0

SIGHUP team maintains this module updated and tested. That is the main reason why we worked on this new release.
With the Kubernetes 1.19 release, it became the perfect time to start testing this module against this Kubernetes
release. The team behind Open Policy Agent finally released the first 3 stable release and it includes something we
were waiting for some time: High Availability support.
Continue reading the Changelog to discover them:

Changelog

  • Update gatekeeper. From v3.1.0-beta.9 to v3.1.0. Awesome job by @ralgozino
    • Re-enable High Availability
    • The Grafana dashboard is now part of this module
    • Namespaces kube-system and gatekeeper-system namespaces are exempted.
    • huge kudos to @ralgozino for the amazing work done here

Upgrade path

To upgrade this core module from v1.1.0 to v1.2.0, you need to download this new version, then apply the
kustomize project. No further action is required.

kustomize build katalog/gatekeeper | kubectl apply -f - --force

Important note

This version changes the labels for gatekeeper-controller-manager, so the usual kustomize build | kubectl apply -f
should be used together with the --force flag, or the gatekeeper-controller-manager deployment should be deleted
manually before applying this new version.

Loading

Preview v1.2.0-rc5

17 Sep 17:03
@angelbarrera92 angelbarrera92
v1.2.0-rc5
9ca1407
Compare
Choose a tag to compare
Preview v1.2.0-rc5 Pre-release
Pre-release

OPA Core Module version 1.10.0

SIGHUP team maintains this module updated and tested. That is the main reason why we worked on this new release.
With the Kubernetes 1.19 release, it became the perfect time to start testing this module against this Kubernetes
release. The team behind Open Policy Agent finally released the first 3 stable release and it includes something we
were waiting for some time: High Availability support.
Continue reading the Changelog to discover them:

Changelog

  • Update gatekeeper. From v3.1.0-beta.9 to v3.1.0
    • Re-enable High Availability
    • The Grafana dashboard is now part of this module
    • Namespaces kube-system and gatekeeper-system namespaces are exempted.
    • huge kudos to @ralgozino for the amazing work done here

Upgrade path

To upgrade this core module from v1.1.0 to v1.2.0, you need to download this new version, then apply the
kustomize project. No further action is required.

kustomize build katalog/gatekeeper | kubectl apply -f - --force

Important note

This version changes the labels for gatekeeper-controller-manager, so the usual kustomize build | kubectl apply -f
should be used together with the --force flag, or the gatekeeper-controller-manager deployment should be deleted
manually before applying this new version.

Loading