github kubernetes-sigs/security-profiles-operator v0.1.0

Welcome to the first release of the seccomp-operator, we hope you enjoy this release as much as we do! The initial set of features can be found in our documentation. 🥳

To install the operator, simply run:

$ kubectl apply -f

Feel free to provide us any kind of feedback in the official Kubernetes Slack #seccomp-operator channel.

Changes by Kind


  • Added version,v subcommand and CLI parser (--version works too now) (#20, @saschagrunert)
  • Added ability to restrict seccomp-operator to watch config maps in a single namespace (#94, @hasheddan)
  • Added basic seccomp profile validation before syncing them on disk (#72, @saschagrunert)
  • Added default operator profiles to the deployment. For now we added an nginx:1.19.1 profile (#54, @saschagrunert)
  • Added manifest for deploying operator to watch for profile ConfigMaps in a single namespace. (#100, @hasheddan)
  • Added new seccompProfile field to examples/pod.yaml, which can be used for Kubernetes releases > v1.19.0 (#90, @saschagrunert)
  • Added support for seccomp operator in master nodes (#95, @pjbgf)
  • Do not requeue after successfully writing profile to disk and do not immediately requeue on errors. (#101, @hasheddan)
  • Link seccomp-operator statically for easier distribution (#16, @saschagrunert)
  • Make rootless operator deployment the default (#38, @saschagrunert)
  • Nodes not supporting seccomp will not reconcile profiles to disk. Additionally a warning event will be thrown for the config map. (#85, @saschagrunert)
  • Operator now runs under a specific seccomp profile. (#52, @pjbgf)
  • Profile controller will emit warning events on failure to get profile path or save profile to disk (#56, @hasheddan)
  • Seccomp profiles can be created in any namespace now. Profiles end up in different subdirectories per namespace. (#49, @rhafer)
latest release: v0.2.0
6 months ago