Skip to content

v0.2.0
Compare
Choose a tag to compare
@FabianKramm FabianKramm released this 21 Dec 08:27
· 94 commits to main since this release
v0.2.0
efe5f05
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

!!! Breaking !!!

Make sure you reapply the jspolicy crds via the following command before upgrading:

kubectl apply -f https://raw.githubusercontent.com/loft-sh/jspolicy/5211a03e9258d2f9917da3f4511af3af77fe441a/chart/crds/crds.yaml

Changes

  • Decreased jsPolicy image size
  • jsPolicy is now running as non root
  • jsPolicy can now bundle multiple policies in parallel
  • jsPolicy now applies changes to webhook configurations rather than overwriting them
  • jsPolicy now supports PolicyReport and ClusterPolicyReport. PolicyReport and ClusterPolicyReport are CRDs created by the Kubernetes Policy WG (https://github.com/kubernetes-sigs/wg-policy-prototypes). These CRDs will be created besides the existing JsPolicyViolations CRD. jsPolicy can now creates one PolicyReport per Namespace for all JsPolices and one ClusterPolicyReport for all Cluster scoped violations. (thanks @fjogeleit) This makes it possible to use JsPolicy together with Policy Reporter and creates observability capabilities like integrations in Prometheus, Grafana Loki or the standalone Policy Reporter UI.
  • New imagePullSecrets in the jsPolicy chart to define custom image pull secrets (thanks @infa-ddeore)
  • Refactored jsPolicy controller to use conditions
  • Fixed an issue where jsPolicy would end up in a retry loop on AKS clusters
  • Changed health probe port from 80 to 9080
  • Updated k8s dependencies to v1.23.0
  • Updated v8 engine to 9.6.180.12

Contributors

fjogeleit and infa-ddeore
Assets 2
Loading