github kyverno/kyverno v1.8.3
on GitHub

latest releases: v1.12.6-rc.2, kyverno-chart-3.2.7-rc.2, kyverno-policies-chart-3.2.6-rc.2...
21 months ago

Special Note

Two panics which may occur randomly have been identified in 1.8.3 which are being addressed in 1.8.4. We recommend waiting until 1.8.4 if possible.

❗ Breaking ❗

  • The new field verifyImages.attestations.attestors is added for verifying attestations. Note that the existing verifyImages.attestors field is only used to verify signatures (#5409)

✨ Added ✨

  • Helm: Add default CI test values for helm charts (#5518)
  • Helm: Add ability to set autogen behavior into the kyverno-policies chart (#5517)

⚠️ Changed ⚠️

  • Restore to the log the value of validationFailureAction (#5416)

🐛 Fixed 🐛

  • Fixed multiple issues related to the new reporting system introduced in 1.8 (#5525, #5486, #5457, #5449)
  • Fixed an issue when calling kustomize concurrently which resulted in variable errors especially with Kyverno running in HA mode (#5465)
  • Fixed an issue which prevented creating of a generate Policy (Namespaced) with a data object (#5459)
  • Fixed an issue with a mutate existing policy not get applied when background=false (#5439)
  • Fixed an issue which prevented multiple attestors to work in a keyless verifyImage policy (#5432)
  • Fixed an issue which prevented proper matching of CustomResources which had the same kind but in different groups (#5421)
  • Fixed an issue which prevented mutation of some CustomResources in their metadata path (#5374)

Complete List of PRs

Click to expand
  • #5518 feat: Add default CI test values for helm charts
  • #5525 fix: bug in report resource watcher
  • #5517 feat(policies chart): Add ability to set autogen behavior
  • #5491 Migrate all mutate e2e tests to kuttl and expand
  • #5486 fix: report deletion fighting with garbage collection
  • #5483 Migrate validate e2e tests to kuttl tests
  • #5480 fix: typo in autogen package
  • #5465 fix: issue when calling kustomize concurrently
  • #5459 fix: add clone check before validating namespace policy
  • #5457 fix: admission reports stacking up
  • #5449 fix: log watcher error in reports controller
  • #5439 fix: mutate existing policy does not get applied when background=false
  • #5432 Fix multi attestor keyless
  • #5421 Handle GVK properly with the same kind but different apiVersion/group
  • #5416 cleanup: bring back action on validation failed logging
  • #5413 Add most basic kuttl tests for generate rules, clone and sync
  • #5409 feat: support attestations with multiple signatures
  • #5374 fix: fix mutating the "/metadata/serverAddress" section of a keda.s/v1alpha1/ScaledObject object
Check out latest releases or
releases around kyverno/kyverno v1.8.3

Don't miss a new kyverno release

NewReleases is sending notifications on new releases.

Get notifications