What's Changed
- fix(monitor): fix issue 1053 by @achrefbensaad in #1054
- docs(support-matrix): update support matrix by @rksharma95 in #1061
- fix(chore): build time printed during kubearmor startup by @saurabh3460 in #1067
- fix: handle bpf maps per container in crio by @daemon1024 in #1069
- Update maintainers list by @Ankurk99 in #1074
- support matrix update for ubuntu 16.04 by @VedRatan in #1073
- code(bpf): skip unwatched probes by @achrefbensaad in #1066
- CODEOWNERS FILE by @PrimalPimmy in #1075
- docs: Provides documentation on Kubearmor container visibility by @TheRealSibasishBehera in #1028
- fix(logs): Fix missing startup events & fix memory leak. by @achrefbensaad in #1068
- fix of make run command in self managed k8s env by @jatinagwal in #1085
- Replaced new .gitbook/fork_button.png file by @Chinwendu20 in #1095
- Use configmap for configuration handling by @s1ntaxe770r in #832
- docs(FAQ): add instructions for installing UEK R7 on OL 8.6 by @rksharma95 in #1076
- fix(core, common): handle error for closing io streams by @rksharma95 in #1098
- feat(monitor): mount/unmount syscall support by @rksharma95 in #1043
- fix(core, monitor, feeder): data races conditions by @rksharma95 in #884
- forced the protocol to lowercase in AppArmorProfile by @kanhaiya04 in #1092
- enforcer(bpf): fix panic during cleanup by @daemon1024 in #1100
- docs(support-matrix): update oke support as full support by @rksharma95 in #1072
- enforcer(bpf): automatically mount bpffs by @DelusionalOptimist in #1097
- Fix(pkg): build multi-arch controllers by @rksharma95 in #1103
- docs(support-matrix): Update Support Matrix for IBM Cloud by @rksharma95 in #1108
- Updated Support Matrix after testing kubearmor on AWS Graviton by Har… by @HariVamsiK in #1112
- docs: restructured support matrix by @nyrahul in #1117
- test case: Adding gingko tests for block posture by @PrimalPimmy in #1099
- fix(deployments): Update ClusterRole Rules by @rksharma95 in #1109
- fix(ci): Upgrade Init Container Dockerfile by @daemon1024 in #1127
- enhancement(bpf,enforcer): BPF LSM Path Hooks by @daemon1024 in #1116
- fix(monitor(bpf)): store full path from path_mknod by @daemon1024 in #1124
- fix(core, monitor): events getting lost/missing pod metadata by @DelusionalOptimist in #1125
- manifest: update default init container tag to stable by @daemon1024 in #1136
- enhancement(monitor): enable dropping events at the kernel level by @achrefbensaad in #1087
- manifest(deploy): do not enable Host Policy Enforcement by default by @daemon1024 in #1137
- revert to previous cosign release by @kranurag7 in #1138
- sign images with cosign 2.0 by @kranurag7 in #1140
New Contributors
- @saurabh3460 made their first contribution in #1067
- @VedRatan made their first contribution in #1073
- @TheRealSibasishBehera made their first contribution in #1028
- @jatinagwal made their first contribution in #1085
- @kanhaiya04 made their first contribution in #1092
- @HariVamsiK made their first contribution in #1112
Full Changelog: v0.8.0...v0.9.0
What is KubeArmor?
KubeArmor is a cloud-native runtime security policy enforcement system that restricts the behavior (such as process execution, file access, and networking operations) of pods, containers, and nodes (VMs) at the system level.
