Welcome to our glorious next release of the security-profiles-operator! We hope you enjoy this release as much as we do! The general usage and setup can be found in our documentation. 🥳 👯
To install the operator, run:
$ kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/security-profiles-operator/v0.4.1/deploy/operator.yaml
Feel free to provide us any kind of feedback in the official Kubernetes Slack #security-profiles-operator channel.
Changes by Kind
Feature
- Added support for Seccomp Profiles that make use of the Seccomp Notify feature. (#801, @alban)
- Added
hostProcVolumePathoption to spod to define a custom/procvolume on the host. (#788, @saschagrunert) - Support
verbosity=1for log-enricher (#787, @saschagrunert) - When deploying on OpenShift, cert-manager is no longer required. (#740, @jhrozek)
Bug or Regression
- Increase manager memory limit to 128MiB (#764, @saschagrunert)
Other (Cleanup or Flake)
- Updated libbpf to v0.6.1 (#796, @saschagrunert)
Dependencies
Added
- github.com/antlr/antlr4/runtime/Go/antlr: b48c857
- github.com/getkin/kin-openapi: v0.76.0
- github.com/google/cel-go: v0.9.0
- github.com/google/cel-spec: v0.6.0
- sigs.k8s.io/json: c049b76
Changed
- github.com/ReneKroon/ttlcache/v2: v2.10.0 → v2.11.0
- github.com/aquasecurity/libbpfgo: f097a01 → 0.6.1
- github.com/cespare/xxhash/v2: v2.1.1 → v2.1.2
- github.com/evanphx/json-patch: v4.11.0+incompatible → v4.12.0+incompatible
- github.com/fsnotify/fsnotify: v1.4.9 → v1.5.1
- github.com/go-logr/logr: v0.4.0 → v1.2.2
- github.com/go-logr/zapr: v0.4.0 → v1.2.0
- github.com/golang/glog: 23def4e → v1.0.0
- github.com/json-iterator/go: v1.1.11 → v1.1.12
- github.com/moby/term: 9d4ed18 → 3f7ff69
- github.com/modern-go/reflect2: v1.0.1 → v1.0.2
- github.com/onsi/ginkgo: v1.16.4 → v1.16.5
- github.com/onsi/gomega: v1.16.0 → v1.17.0
- github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring: v0.52.1 → v0.54.0
- github.com/prometheus/client_golang: v1.11.0 → v1.12.1
- github.com/prometheus/common: v0.26.0 → v0.32.1
- github.com/prometheus/procfs: v0.6.0 → v0.7.3
- github.com/yuin/goldmark: v1.3.5 → v1.4.0
- go.uber.org/goleak: v1.1.10 → v1.1.12
- go.uber.org/zap: v1.19.0 → v1.19.1
- golang.org/x/crypto: 0c34fe9 → 32db794
- golang.org/x/net: 37e1c6a → 491a49a
- golang.org/x/oauth2: 2e8d934 → 2bc19b1
- golang.org/x/sys: 0a5406a → da31bd3
- golang.org/x/term: 6a3ed07 → 6886f2d
- golang.org/x/tools: v0.1.5 → d4cc65f
- google.golang.org/genproto: f16073e → fe13028
- google.golang.org/grpc/cmd/protoc-gen-go-grpc: v1.1.0 → v1.2.0
- google.golang.org/grpc: v1.42.0 → v1.44.0
- k8s.io/api: v0.22.4 → v0.23.3
- k8s.io/apiextensions-apiserver: v0.22.3 → v0.23.0
- k8s.io/apimachinery: v0.22.4 → v0.23.3
- k8s.io/apiserver: v0.22.3 → v0.23.0
- k8s.io/client-go: v0.22.4 → v0.23.3
- k8s.io/code-generator: v0.22.3 → v0.23.0
- k8s.io/component-base: v0.22.3 → v0.23.0
- k8s.io/gengo: b6c5ce2 → 485abfe
- k8s.io/klog/v2: v2.10.0 → v2.40.1
- k8s.io/kube-openapi: 2043435 → e816edb
- k8s.io/utils: bdf08cb → 6203023
- sigs.k8s.io/apiserver-network-proxy/konnectivity-client: v0.0.22 → v0.0.25
- sigs.k8s.io/controller-runtime: v0.10.3 → v0.11.0
- sigs.k8s.io/controller-tools: v0.7.0 → v0.8.0
- sigs.k8s.io/release-utils: v0.3.0 → v0.4.0
- sigs.k8s.io/structured-merge-diff/v4: v4.1.2 → v4.2.1
- sigs.k8s.io/yaml: v1.2.0 → v1.3.0
Removed
Nothing has changed.