kubernetes-sigs/security-profiles-operator v0.4.2

on GitHub

Release notes:

Welcome to our glorious next release of the security-profiles-operator! We hope you enjoy this release as much as we do! The general usage and setup can be found in our documentation. 🥳 👯

To install the operator, run:

$ kubectl apply -f https://raw.githubusercontent.com/kubernetes-sigs/security-profiles-operator/v0.4.2/deploy/operator.yaml

Feel free to provide us any kind of feedback in the official Kubernetes Slack #security-profiles-operator channel.

Changes by Kind

Feature

• Added more verbose output to operator version information. (#859, @saschagrunert)
• Automatically determine if cert-manager is required or not, for example in OpenShift deployments.
  • Automatically enable SELinux support in OpenShift deployments. (#810, @saschagrunert)
• Update BTF to remove unnecessary distributions. (#812, @saschagrunert)
• Updated metrics container to contain a read-only root filesystem. (#869, @saschagrunert)
• Add a new field selinuxTypeTag in the SPOD CRD which allows to configure the SELinux type in the SPOd deployment (#851, @ccojocar)
• Extend the ProfileRecording CRD with a containers list which allows to select only specific containers in a pod for which the profile will be recorded (#833, @ccojocar)

Documentation

• Added list of kernels supporting the bpf recorder via BTF. (#805, @saschagrunert)
• Added note about OpenShift in installation docs. (#813, @saschagrunert)

Other (Cleanup or Flake)

• Updated cert-manager to v1.7.1 (#804, @saschagrunert)
• Updated cert-manager to v1.7.2. (#863, @saschagrunert)
• Updated libbpf to v0.7.0 (#821, @saschagrunert)
• Keep retrieving the remaining profiles when a PID is no longer found. (#824, @ccojocar)

Dependencies

Added

• github.com/Azure/go-autorest/autorest/to: v0.4.0
• github.com/Azure/go-autorest/autorest/validation: v0.3.1
• github.com/MakeNowJust/heredoc: bb23615
• github.com/Masterminds/goutils: v1.1.1
• github.com/Masterminds/semver/v3: v3.1.1
• github.com/Masterminds/sprig/v3: v3.2.2
• github.com/Masterminds/squirrel: v1.5.0
• github.com/Nvveen/Gotty: cd52737
• github.com/Venafi/vcert/v4: v4.14.3
• github.com/akamai/AkamaiOPEN-edgegrid-golang: v1.1.1
• github.com/cenkalti/backoff/v3: v3.0.0
• github.com/chai2010/gettext-go: c6fed77
• github.com/cloudflare/cloudflare-go: v0.20.0
• github.com/common-nighthawk/go-figure: 734e95f
• github.com/cpu/goacmedns: v0.1.1
• github.com/dave/dst: v0.26.2
• github.com/dave/gopackages: 46e7023
• github.com/dave/jennifer: v1.2.0
• github.com/dave/kerr: bc25dd6
• github.com/dave/rebecca: v0.9.1
• github.com/digitalocean/godo: v1.65.0
• github.com/exponent-io/jsonpath: d6023ce
• github.com/fatih/camelcase: v1.0.0
• github.com/go-errors/errors: v1.0.1
• github.com/gobwas/glob: v0.2.3
• github.com/google/shlex: e7afc7f
• github.com/gosuri/uitable: v0.0.4
• github.com/gotestyourself/gotestyourself: v2.2.0+incompatible
• github.com/hashicorp/vault/api: v1.1.1
• github.com/hashicorp/vault/sdk: v0.2.1
• github.com/huandu/xstrings: v1.3.2
• github.com/jetstack/cert-manager: v1.7.2
• github.com/jmoiron/sqlx: v1.3.1
• github.com/lann/builder: 47ae307
• github.com/lann/ps: 62de8c4
• github.com/lib/pq: v1.10.0
• github.com/liggitt/tabwriter: 89fcab3
• github.com/mitchellh/copystructure: v1.1.1
• github.com/mitchellh/go-wordwrap: v1.0.0
• github.com/mitchellh/reflectwalk: v1.0.1
• github.com/monochromegane/go-gitignore: 205db1a
• github.com/munnerz/crd-schema-fuzz: v1.0.0
• github.com/openshift/api: b632c5f
• github.com/openshift/build-machinery-go: 7e33a7e
• github.com/patrickmn/go-cache: v2.1.0+incompatible
• github.com/pavel-v-chernykh/keystore-go/v4: v4.2.0
• github.com/pierrec/lz4: v2.5.2+incompatible
• github.com/rubenv/sql-migrate: 55d5740
• github.com/ryanuber/go-glob: v1.0.0
• github.com/shopspring/decimal: v1.2.0
• github.com/xlab/treeprint: a009c39
• go.starlark.net: 8dd3e2e
• golang.org/x/arch: b19384d
• gopkg.in/gorp.v1: v1.7.2
• gopkg.in/src-d/go-billy.v4: v4.3.0
• helm.sh/helm/v3: v3.7.1
• k8s.io/cli-runtime: v0.23.1
• k8s.io/kube-aggregator: v0.23.1
• k8s.io/kubectl: v0.23.1
• oras.land/oras-go: v0.4.0
• sigs.k8s.io/gateway-api: v0.3.0
• sigs.k8s.io/kustomize/api: v0.10.1
• sigs.k8s.io/kustomize/kyaml: v0.13.0
• software.sslmate.com/src/go-pkcs12: c5206de

Changed

• github.com/Azure/azure-sdk-for-go: v16.2.1+incompatible → v56.2.0+incompatible
• github.com/Azure/go-autorest/autorest/adal: v0.9.13 → v0.9.14
• github.com/Azure/go-autorest/autorest: v0.11.18 → v0.11.19
• github.com/aquasecurity/libbpfgo: 0.6.1 → 0.7.0
• github.com/asaskevich/govalidator: f61b66f → 21a406d
• github.com/aws/aws-sdk-go: v1.37.6 → v1.40.21
• github.com/carolynvs/magex: v0.6.0 → v0.7.0
• github.com/containerd/cgroups: v1.0.1 → v1.0.2
• github.com/containerd/continuity: v0.1.0 → v0.2.2
• github.com/containers/common: v0.47.3 → v0.47.5
• github.com/docker/cli: a8ff7f8 → v20.10.7+incompatible
• github.com/docker/distribution: v2.7.1+incompatible → v2.8.0+incompatible
• github.com/go-logr/logr: v1.2.2 → v1.2.3
• github.com/google/gofuzz: v1.1.0 → v1.2.0
• github.com/hashicorp/go-retryablehttp: v0.6.4 → v0.6.6
• github.com/hashicorp/go-sockaddr: v1.0.0 → v1.0.2
• github.com/kr/pretty: v0.2.1 → v0.3.0
• github.com/maxbrunsfeld/counterfeiter/v6: v6.4.1 → v6.5.0
• github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring: v0.54.0 → v0.55.1
• github.com/rogpeppe/go-internal: v1.3.0 → v1.6.1
• github.com/spf13/cobra: v1.3.0 → v1.4.0
• github.com/stretchr/testify: v1.7.0 → v1.7.1
• github.com/urfave/cli/v2: v2.3.0 → v2.4.0
• github.com/yuin/goldmark: v1.4.0 → v1.4.1
• golang.org/x/mod: v0.5.0 → 9b9b3d8
• golang.org/x/net: 491a49a → 27dd868
• golang.org/x/sys: da31bd3 → 039c03c
• golang.org/x/term: 6886f2d → 03fcf44
• golang.org/x/tools: d4cc65f → v0.1.10
• google.golang.org/genproto: 3a66f56 → 00ab72f
• google.golang.org/grpc: v1.44.0 → v1.45.0
• google.golang.org/protobuf: v1.27.1 → v1.28.0
• k8s.io/api: v0.23.3 → v0.23.5
• k8s.io/apiextensions-apiserver: v0.23.0 → v0.23.5
• k8s.io/apimachinery: v0.23.3 → v0.23.5
• k8s.io/apiserver: v0.23.0 → v0.23.5
• k8s.io/client-go: v0.23.3 → v0.23.5
• k8s.io/code-generator: v0.23.0 → v0.23.5
• k8s.io/component-base: v0.23.0 → v0.23.5
• k8s.io/klog/v2: v2.40.1 → v2.60.1
• k8s.io/utils: 6203023 → 3a6ce19
• sigs.k8s.io/apiserver-network-proxy/konnectivity-client: v0.0.25 → v0.0.30
• sigs.k8s.io/controller-runtime: v0.11.0 → v0.11.2
• sigs.k8s.io/release-utils: v0.4.0 → v0.6.0

Removed

• github.com/andybalholm/brotli: v1.0.0
• github.com/dsnet/compress: v0.0.1
• github.com/dsnet/golib: 1ea1667
• github.com/klauspost/cpuid: v1.2.0
• github.com/mholt/archiver/v3: v3.5.0
• github.com/nwaples/rardecode: v1.1.0
• github.com/pierrec/lz4/v4: v4.0.3
• github.com/xi2/xz: 48954b6