Welcome to the next release of the security-profiles-operator, the former seccomp-operator. We hope you enjoy this release as much as we do! The general usage and setup can be found in our documentation. 🥳
To install the operator, simply run:
$ kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/security-profiles-operator/v0.2.0/deploy/operator.yaml
Feel free to provide us any kind of feedback in the official Kubernetes Slack #security-profiles-operator channel.
Changes by Kind
API Change
- Added new Custom Resource Definition
seccompprofiles.seccomp-operator.k8s-sigs.ioas an alternative to an annotated ConfigMap for defining seccomp profiles. (#125, @cmurphy) - Seccomp profiles can now no longer be configured using the ConfigMap native resource, and instead may now only be defined using the provided SeccompProfile custom resource. (#138, @cmurphy)
Feature
- Added a new example
SeccompProfileto provide a starting point on which to build custom profiles, and an attributeBaseProfileNameto theSeccompProfilekind to allow merging syscalls from two profiles. (#152, @cmurphy) - Added profile name to events (#129, @saschagrunert)
- Added Status field to SeccompProfile CRD to provide the path on disk to the profile. (#144, @cmurphy)
Documentation
- Renamed seccomp-operator to security-profiles-operator (#139, @saschagrunert)
Bug or Regression
- Fixed bug to reconcile all profiles in a configMap if one of them is invalid. (#122, @saschagrunert)
- Fixed error messages in operator log to be displayed correctly, without any additional "reason" field. (#124, @saschagrunert)
Dependencies
Added
- cloud.google.com/go/firestore: v1.1.0
- cloud.google.com/go/pubsub: v1.3.1
- cloud.google.com/go/storage: v1.11.0
- dmitri.shuralyov.com/gpu/mtl: 666a987
- github.com/14rcole/gopopulate: b175b21
- github.com/MakeNowJust/heredoc: bb23615
- github.com/Microsoft/go-winio: fc70bd9
- github.com/Microsoft/hcsshim: v0.8.9
- github.com/VividCortex/ewma: v1.1.1
- github.com/acarl005/stripansi: 5a71ef0
- github.com/armon/circbuf: bbbad09
- github.com/armon/go-metrics: f0300d1
- github.com/armon/go-radix: 7fddfc3
- github.com/bketelsen/crypt: 5cbc8cc
- github.com/cespare/xxhash/v2: v2.1.1
- github.com/chai2010/gettext-go: c6fed77
- github.com/checkpoint-restore/go-criu/v4: v4.0.2
- github.com/chzyer/logex: v1.1.10
- github.com/chzyer/readline: 2972be2
- github.com/chzyer/test: a1ea475
- github.com/cilium/ebpf: a9f01ed
- github.com/cncf/udpa/go: 269d4d4
- github.com/containerd/cgroups: bf292b2
- github.com/containerd/console: v1.0.0
- github.com/containerd/containerd: v1.3.2
- github.com/containerd/continuity: aaeac12
- github.com/containerd/fifo: a9fb20d
- github.com/containerd/go-runc: 5a6d9f3
- github.com/containerd/ttrpc: 0e0f228
- github.com/containerd/typeurl: a93fcdb
- github.com/containers/common: v0.26.3
- github.com/containers/image/v5: v5.7.0
- github.com/containers/libtrust: 14b9617
- github.com/containers/ocicrypt: v1.0.3
- github.com/containers/storage: v1.23.7
- github.com/coreos/go-systemd/v22: v22.0.0
- github.com/cyphar/filepath-securejoin: v0.2.2
- github.com/daviddengcn/go-colortext: 511bcaf
- github.com/docker/distribution: v2.7.1+incompatible
- github.com/docker/docker-credential-helpers: v0.6.3
- github.com/docker/go-connections: v0.4.0
- github.com/docker/go-metrics: v0.0.1
- github.com/docker/libtrust: aabc10e
- github.com/exponent-io/jsonpath: d6023ce
- github.com/fatih/camelcase: v1.0.0
- github.com/fvbommel/sortorder: v1.0.1
- github.com/go-gl/glfw/v3.3/glfw: 6f7a984
- github.com/go-gl/glfw: e6da0ac
- github.com/godbus/dbus/v5: v5.0.3
- github.com/godbus/dbus: ade71ed
- github.com/golangplus/bytes: 45c989f
- github.com/golangplus/fmt: 2a5d6d7
- github.com/golangplus/testing: af21d9c
- github.com/google/martian/v3: v3.0.0
- github.com/gorilla/mux: v1.7.4
- github.com/hashicorp/consul/api: v1.1.0
- github.com/hashicorp/consul/sdk: v0.1.1
- github.com/hashicorp/go-immutable-radix: v1.0.0
- github.com/hashicorp/go-msgpack: v0.5.3
- github.com/hashicorp/go-rootcerts: v1.0.0
- github.com/hashicorp/go-sockaddr: v1.0.0
- github.com/hashicorp/go-syslog: v1.0.0
- github.com/hashicorp/go-uuid: v1.0.1
- github.com/hashicorp/go.net: v0.0.1
- github.com/hashicorp/logutils: v1.0.0
- github.com/hashicorp/mdns: v1.0.0
- github.com/hashicorp/memberlist: v0.1.3
- github.com/hashicorp/serf: v0.8.2
- github.com/ianlancetaylor/demangle: 5e5cf60
- github.com/klauspost/pgzip: v1.2.5
- github.com/liggitt/tabwriter: 89fcab3
- github.com/lithammer/dedent: v1.1.0
- github.com/mattn/go-shellwords: v1.0.10
- github.com/miekg/dns: v1.0.14
- github.com/mistifyio/go-zfs: v2.1.1+incompatible
- github.com/mitchellh/cli: v1.0.0
- github.com/mitchellh/go-wordwrap: v1.0.0
- github.com/mitchellh/gox: v0.4.0
- github.com/mitchellh/iochan: v1.0.0
- github.com/moby/sys/mountinfo: v0.4.0
- github.com/moby/term: 672ec06
- github.com/morikuni/aec: v1.0.0
- github.com/mrunalp/fileutils: 7d4729f
- github.com/mtrmac/gpgme: v0.1.2
- github.com/opencontainers/go-digest: v1.0.0
- github.com/opencontainers/image-spec: 775207b
- github.com/opencontainers/runc: v1.0.0-rc91
- github.com/ostreedev/ostree-go: 759a8c1
- github.com/pascaldekloe/goe: 57f6aae
- github.com/posener/complete: v1.1.1
- github.com/pquerna/ffjson: dac163c
- github.com/ryanuber/columnize: 9b3edd6
- github.com/sean-/seed: e2103e2
- github.com/tchap/go-patricia: v2.3.0+incompatible
- github.com/vbatts/tar-split: v0.11.1
- github.com/vbauerster/mpb/v5: v5.3.0
- github.com/vishvananda/netlink: v1.1.0
- github.com/vishvananda/netns: 0a2b9b5
- go.mozilla.org/pkcs7: 432b235
- gotest.tools/v3: v3.0.2
- k8s.io/cli-runtime: v0.19.2
- k8s.io/kubectl: v0.19.2
- k8s.io/metrics: v0.19.2
- rsc.io/quote/v3: v3.1.0
- rsc.io/sampler: v1.3.0
- sigs.k8s.io/kustomize: v2.0.3+incompatible
- sigs.k8s.io/structured-merge-diff/v4: v4.0.1
Changed
- cloud.google.com/go/bigquery: v1.0.1 → v1.8.0
- cloud.google.com/go/datastore: v1.0.0 → v1.1.0
- cloud.google.com/go: v0.45.1 → v0.65.0
- github.com/Azure/go-autorest/autorest/adal: v0.8.0 → v0.8.2
- github.com/Azure/go-autorest/autorest: v0.9.2 → v0.9.6
- github.com/GoogleCloudPlatform/testgrid: v0.0.10 → v0.0.22
- github.com/alecthomas/units: f65c72e → c3de453
- github.com/bazelbuild/rules_go: v0.23.3 → v0.22.1
- github.com/crossplane/crossplane-runtime: v0.9.0 → v0.10.0
- github.com/docker/docker: be7ac8b → a9416c6
- github.com/envoyproxy/go-control-plane: 5f8ba28 → v0.9.4
- github.com/evanphx/json-patch: v4.5.0+incompatible → v4.9.0+incompatible
- github.com/go-kit/kit: v0.8.0 → v0.9.0
- github.com/go-logr/logr: ee2de8d → v0.3.0
- github.com/go-logr/zapr: v0.1.1 → v0.1.0
- github.com/golang/groupcache: 869f871 → 8c9f03a
- github.com/golang/mock: v1.3.1 → v1.4.4
- github.com/google/go-cmp: v0.4.0 → v0.5.2
- github.com/google/pprof: 54271f7 → 1a94d86
- github.com/google/uuid: v1.1.1 → v1.1.2
- github.com/googleapis/gnostic: v0.3.1 → v0.4.1
- github.com/gophercloud/gophercloud: v0.6.0 → v0.1.0
- github.com/gorilla/websocket: v1.4.0 → v1.4.2
- github.com/hashicorp/go-cleanhttp: v0.5.0 → v0.5.1
- github.com/imdario/mergo: v0.3.9 → v0.3.11
- github.com/jstemmer/go-junit-report: af01ea7 → v0.9.1
- github.com/klauspost/compress: v1.4.1 → v1.11.1
- github.com/kr/pretty: v0.1.0 → v0.2.0
- github.com/matttproud/golang_protobuf_extensions: v1.0.1 → c182aff
- github.com/onsi/ginkgo: v1.12.1 → v1.14.2
- github.com/onsi/gomega: v1.10.1 → v1.10.3
- github.com/opencontainers/runtime-spec: 3e4195d → 237cc4f
- github.com/prometheus/client_golang: v1.1.0 → v1.7.1
- github.com/prometheus/common: v0.6.0 → v0.10.0
- github.com/prometheus/procfs: v0.0.11 → v0.1.3
- github.com/seccomp/libseccomp-golang: v0.9.1 → 847368b
- github.com/sendgrid/rest: v2.6.0+incompatible → v2.6.1+incompatible
- github.com/sendgrid/sendgrid-go: v3.6.0+incompatible → v3.6.3+incompatible
- github.com/sirupsen/logrus: v1.6.0 → v1.7.0
- github.com/spf13/cobra: v1.0.0 → v1.1.1
- github.com/spf13/viper: v1.6.1 → v1.7.0
- github.com/ulikunitz/xz: v0.5.5 → v0.5.8
- github.com/urfave/cli/v2: v2.2.0 → v2.3.0
- github.com/urfave/cli: v1.20.0 → v1.22.1
- github.com/xeipuuv/gojsonpointer: 4e3ac27 → df4f5c8
- github.com/yuin/goldmark: v1.1.32 → v1.2.1
- go.etcd.io/bbolt: v1.3.3 → v1.3.5
- go.opencensus.io: v0.22.1 → v0.22.4
- golang.org/x/crypto: 78000ba → 75b2880
- golang.org/x/exp: efd6b22 → 6cc2880
- golang.org/x/image: 0694c2d → cff245a
- golang.org/x/lint: 959b441 → 738671d
- golang.org/x/mobile: d3739f8 → d2bd2a2
- golang.org/x/mod: v0.2.0 → v0.3.0
- golang.org/x/net: 627f964 → a7d1128
- golang.org/x/oauth2: bf48bf1 → 5d25da1
- golang.org/x/sync: cd5d95a → 6e8e738
- golang.org/x/sys: 5acd03e → fdedc70
- golang.org/x/time: 9d24e82 → 555d28b
- golang.org/x/tools: 3d57cf2 → 39188db
- golang.org/x/xerrors: 9bdfabe → 5ec99f8
- google.golang.org/api: v0.21.0 → v0.32.0
- google.golang.org/appengine: v1.6.2 → v1.6.6
- google.golang.org/genproto: 24fa4b2 → 0bd0a95
- google.golang.org/grpc: v1.27.0 → v1.31.1
- google.golang.org/protobuf: v1.23.0 → v1.25.0
- gopkg.in/square/go-jose.v2: v2.2.2 → v2.3.1
- honnef.co/go/tools: v0.0.1-2019.2.3 → v0.0.1-2020.1.4
- k8s.io/api: v0.18.6 → v0.19.3
- k8s.io/apimachinery: v0.18.6 → v0.19.3
- k8s.io/client-go: v0.18.6 → v0.19.2
- k8s.io/code-generator: v0.18.6 → v0.19.2
- k8s.io/component-base: v0.18.6 → v0.19.2
- k8s.io/gengo: 36b2048 → 8167cfd
- k8s.io/klog/v2: v2.3.0 → v2.4.0
- k8s.io/kube-openapi: 61e04a5 → 6aeccd4
- k8s.io/release: v0.4.0 → v0.4.1
- k8s.io/utils: c1c6865 → 4140de9
- sigs.k8s.io/controller-runtime: v0.6.2 → v0.6.3