8a0b858
This commit was signed with the committer’s verified signature.
tuxerrante
Affinito Alessandro
Changelog
All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog,
and this project adheres to Semantic Versioning.
0.1.6 - 2024-07-16
- Update to go 1.22.5
- Security: fix CVE-2024-24790
- Fixed produced image to ubuntu:24.04@sha256:2e863c44b718727c860746568e1d54afd13b2fa71b160f5cd9058fc436217b30
- Publication of a roadmap
- Docs update
0.1.5 - 2023-05-16
- Feature: manage custom labels
- Feature: validate profile file content
- Feature: Validate app and chart version
- Feature: catch SIGTERM signal
- Fix: profile content checking when they have same name
- update to go 1.20
- Docs update
0.1.2 - 2023-02-22
Fixed
- Support for profile names coming after comments and include lines
Added
- Tested on multiple nodes cluster
- Base images switched to go 1.20
0.1.1 - 2023-02-13
Fixed
- Moved shared testing functions to a dedicated module
- Minor documentation and readme fixes
Added
- Enforce profiles filenames to be the same as the profile names
- Changelog automatically read by chart-releaser
0.1.0 - 2023-02-01
Fixed
- "Unable to replace profiles. Permission denied, app seems still confined." - Switched to ubuntu image
- No need for SYS_ADMIN capabilities
- Ignore hidden and system folders while scanning for profiles
Added
- Instructions to test the app in a virtual machine directly running the go app or in microk8s pushing the built container to the local registry
0.0.6 - 2023-01-26
Added
Helm:
- Added SYS_ADMIN capabilities to the daemonset
- Mounted needed folders in the Dockerfile and in the daemonset
- Added POLL_TIME and profiles files as configurable options through configmaps
Go:
- Added first testing function
- Moved file operations functions to dedicated module
- Fixed POLL_TIME value passing from configmap
CI/CD:
- Explicit changelog to help users understanding the project features
- Automatic generation of release notes based on changelog file
- Configurable poll time and profiles directory in the helm values file
0.0.5 - 2023-01-23
Added
Helm:
- Helm Chart based mainly on a DaemonSet and a configmap. No operator needed.
- Load all AppArmor profiles in the configmap template
Go:
- Possibility to load continuously the security profiles from a configmap with a configurable poll time
CI/CD:
- Helm chart linting and testing before releasing
- Security vulnerability tests on Go dependencies and container file.
- Auto generation of GitHub pages
- Container image tag is set to current commit SHA for every release.
Fixed
- Being still an alpha release I will add everything in the "Added" section
What's Changed
- Origin/gh pages by @tuxerrante in #1
- Dev by @tuxerrante in #2
- Dev by @tuxerrante in #3
- test alpha release by @tuxerrante in #4
- release also from PR by @tuxerrante in #5
- Dev by @tuxerrante in #6
- Dev by @tuxerrante in #7
- chanmged chart-testing charts setting by @tuxerrante in #8
- configmap template auto filled by profiles by @tuxerrante in #9
- release only during a PR or when tagging by @tuxerrante in #10
- fix GITHUB_SHA writtend during CI by @tuxerrante in #11
- Feature/has the same content test by @tuxerrante in #12
- 0.1.0 First working release by @tuxerrante in #13
- Feature: continuous unit testing and test coverage by @tuxerrante in #14
- feature: Enforce profiles filenames to be the same as the profile names by @tuxerrante in #15
- Feature: support profiles not starting with their names as first line, hostPath creation by @tuxerrante in #16
- Start build-app also on tags by @tuxerrante in #17
- #18 - Manage custom labels, validate profile content, manage SIGTERM by @tuxerrante in #18
Full Changelog: https://github.com/tuxerrante/kapparmor/commits/kapparmor-0.1.6
Contributors
tuxerrante