kapparmor-0.1.5

Changelog

All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog,
and this project adheres to Semantic Versioning.

[Unreleased]

1. E2E tests
   • Create a new profile
   • Update an existing profile
   • Remove an existing profile
   • Remove a non existing profile
   • check current confinement state of the app
2. Remove kubernetes Service and DaemonSet exposed ports if useless
3. Add daemonset commands for checking readiness
4. Add different logging levels

---

0.1.5 - 2023-05-16

• Feature: manage custom labels
• Feature: validate profile file content
• Feature: Validate app and chart version
• Feature: catch SIGTERM signal
• Fix: profile content checking when they have same name
• update to go 1.20
• Docs update

---

0.1.2 - 2023-02-22

Fixed

• Support for profile names coming after comments and include lines

Added

• Tested on multiple nodes cluster
• Base images switched to go 1.20

0.1.1 - 2023-02-13

Fixed

• Moved shared testing functions to a dedicated module
• Minor documentation and readme fixes

Added

• Enforce profiles filenames to be the same as the profile names
• Changelog automatically read by chart-releaser

0.1.0 - 2023-02-01

Fixed

1. "Unable to replace profiles. Permission denied, app seems still confined." - Switched to ubuntu image
2. No need for SYS_ADMIN capabilities
3. Ignore hidden and system folders while scanning for profiles

Added

1. Instructions to test the app in a virtual machine directly running the go app or in microk8s pushing the built container to the local registry

0.0.6 - 2023-01-26

Added

Helm:

• Added SYS_ADMIN capabilities to the daemonset
• Mounted needed folders in the Dockerfile and in the daemonset
• Added POLL_TIME and profiles files as configurable options through configmaps

Go:

• Added first testing function
• Moved file operations functions to dedicated module
  • Fixed POLL_TIME value passing from configmap

CI/CD:

• Explicit changelog to help users understanding the project features
  • Automatic generation of release notes based on changelog file
• Configurable poll time and profiles directory in the helm values file

0.0.5 - 2023-01-23

Added

Helm:

• Helm Chart based mainly on a DaemonSet and a configmap. No operator needed.
• Load all AppArmor profiles in the configmap template

Go:

• Possibility to load continuously the security profiles from a configmap with a configurable poll time

CI/CD:

• Helm chart linting and testing before releasing
• Security vulnerability tests on Go dependencies and container file.
• Auto generation of GitHub pages
• Container image tag is set to current commit SHA for every release.

Fixed

• Being still an alpha release I will add everything in the "Added" section

What's Changed

• Origin/gh pages by @tuxerrante in #1
• Dev by @tuxerrante in #2
• Dev by @tuxerrante in #3
• test alpha release by @tuxerrante in #4
• release also from PR by @tuxerrante in #5
• Dev by @tuxerrante in #6
• Dev by @tuxerrante in #7
• chanmged chart-testing charts setting by @tuxerrante in #8
• configmap template auto filled by profiles by @tuxerrante in #9
• release only during a PR or when tagging by @tuxerrante in #10
• fix GITHUB_SHA writtend during CI by @tuxerrante in #11
• Feature/has the same content test by @tuxerrante in #12
• 0.1.0 First working release by @tuxerrante in #13
• Feature: continuous unit testing and test coverage by @tuxerrante in #14
• feature: Enforce profiles filenames to be the same as the profile names by @tuxerrante in #15
• Feature: support profiles not starting with their names as first line, hostPath creation by @tuxerrante in #16
• Start build-app also on tags by @tuxerrante in #17
• #18 - Manage custom labels, validate profile content, manage SIGTERM by @tuxerrante in #18

New Contributors

• @tuxerrante made their first contribution in #1

Full Changelog: https://github.com/tuxerrante/kapparmor/commits/kapparmor-0.1.5