Releases: CheckPointSW/charts
Releases · CheckPointSW/charts
2.15.1: k8s 1.25 adjustments; custom annotations; daemonsets rollout
- inventory agent 1.7.1:
adjust support for PSP and CronJobs in k8s 1.25
fix memory footprint issue in large clusters - support for custom pod annotations for cloudguard agents
- improve daemonsets rollout
Full Changelog: 2.15.0...2.15.1
2.15.1 ea: k8s 1.25 adjustments; custom annotations; daemonsets rollout
- inventory agent 1.7.1
adjust support for PSP and CronJobs in k8s 1.25 - fix memory footprint issue in large clusters
- support for custom pod annotations for cloudguard agents
- improve daemonsets rollout
Full Changelog: 2.15.0-ea...2.15.1-ea
2.15.0: GCR, OpenShift alternative image export, priority class
- Admission Control Enforcer 2.2.0:
Effective policy indication: log indication once a new policy is updated in the cluster. - Image Assurance 2.15.0:
Release Google Container Registry Scanning support with 2 authentication methods: Service Account Key and GKE internal authentication
Supporting export of signed images on OpenShift clusters - All features:
Pod Priority Class support - https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/
Full Changelog: 2.14.1...2.15.0
2.15.0 ea: GCR, OpenShift alternative image export, priority class
- Admission Control Enforcer 2.2.0:
Effective policy indication: log indication once a new policy is updated in the cluster. - Image Assurance 2.15.0:
Release Google Container Registry Scanning support with 2 authentication methods: Service Account Key and GKE internal authentication
Supporting export of signed images on OpenShift clusters - All features:
Pod Priority Class support - https://kubernetes.io/docs/concepts/scheduling-eviction/pod-priority-preemption/
Full Changelog: 2.14.1-ea...2.15.0-ea
2.14.1: admission enforcer unite containers, large inventory etc
- AC:
enforcer 2.0.0: fluentbit and gsl containers removed; resources reduced
policy 1.2.1: update packages - Image Assurance 2.14.0:
exposed new scan status ‘Unsupported OS’ for Windows images - Inventory 1.6.1:
fix: handle big collections - All features:
for helm template use seccompProfile by default instead of annotation
Full Changelog: 2.13.0...2.14.1
2.14.1 ea: admission enforcer unite containers, large inventory etc
- AC:
enforcer 2.0.0: fluentbit and gsl containers removed; resources reduced
policy 1.2.1: update packages - Image Assurance 2.14.0:
exposed new scan status ‘Unsupported OS’ for Windows images - Inventory 1.6.1:
fix: handle big collections - All features:
for helm template use seccompProfile by default instead of annotation
Full Changelog: 2.13.0-ea...2.14.1-ea
2.13.0: image admission, registry scan ACR and ECR GA, ECS scan
2.13.0
- Admission Control policy 1.2.0, enforcer 1.5.0:
** Image Admission (new feature) that integrates Admission Control and Image Assurance allowing users to block the deployment of workloads based on the Image Assurance policy. - Image Assurance 2.13.0:
** Registry Scanning for ACR and ECR GA
** Registry listing functionality has been split from engine agent into a separate 'imagescan-list' deployment
** Support for scanner scaling - All features:
** improving telemetry infrastructure
** fluentbit container has been removed from all agents except for Admission Control enforcer & gsl, Runtime Protection daemon. - Resources reduced for:
** Admission Control enforcer and policy
** Image Assurance engine
** Runtime Protection policy
2.12.0: Bottlerocket support; misc enhancements in Inventory, IA, AC, RP
- Support AWS BottleRocket OS by using a flag “--set platform=eks.bottlerocket”
- Inventory 1.5.0: Agent status improvement: discovery of missing permissions for Kubernetes API
- Image Assurance 2.12.0: remove fluentbit container
- Admission Control GSL 1.3.3: update packages
- Runtime Protection daemon 0.0.740:
** Added support for AWS BottleRocket OS
** Updated procedure for Linux kernel headers installation
2.11.1: cace1, manual platform, ECR, OpenShift 3.x, FL defaults
- Image Assurance 2.10.0: support ECR, send platform and last update, Shiftleft version update, support max images per repository limitation
- inventory 1.4.4: fix OpenShift configuration handling, support OpenShift 3.x
- Admission Control GSL 1.3.2: update packages
- Flowlogs 0.6.0: update default reporting interval and max report size
- all agents: telemetry fix
- helm: fix manual platform value, support cace1 datacenter
- Runtime Protection: remove signatureGroup CRD
Full Changelog: 2.10.2...2.13.0
2.13.0 ea: image admission, registry scan ACR and ECR GA, ECS scan
- Admission Control policy 1.2.0, enforcer 1.5.0:
** Image Admission (new feature) that integrates Admission Control and Image Assurance allowing users to block the deployment of workloads based on the Image Assurance policy. - Image Assurance 2.13.0:
** Registry Scanning for ACR and ECR GA
** Registry listing functionality has been split from engine agent into a separate 'imagescan-list' deployment
** Support for scanner scaling - All features:
** improving telemetry infrastructure
** fluentbit container has been removed from all agents except for Admission Control enforcer & gsl, Runtime Protection daemon. - Resources reduced for:
** Admission Control enforcer and policy
** Image Assurance engine
** Runtime Protection policy
Full Changelog: 2.12.0-ea...2.13.0-ea
2.12.0 ea: Bottlerocket support; misc enhancements in Inventory, IA, AC, RP
- Support AWS BottleRocket OS (auto-detection or via flag '--set platform=eks.bottlerocket')
- Inventory 1.5.0: agent status improvement: missing permissions for Kubernetes API
- Image Assurance 2.12.0: remove fluentbit container
- Admission Control GSL 1.3.3: update packages
- Runtime Protection daemon 0.0.740: bottlerocket support; kernel headers installation prereq
Full Changelog: 2.11.1-ea...2.12.0-ea
2.11.1: IA 2.10.0 max images per repository
Image Assurance 2.10.0: support max images per repository limitation
Full Changelog: 2.11.0-ea...2.11.1-ea