giantswarm / kyverno-policy-operator

Apache License 2.0
0 stars 0 forks source link

Update module github.com/kyverno/kyverno to v1.11.3 #69

Closed renovate[bot] closed 10 months ago

renovate[bot] commented 11 months ago

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
github.com/kyverno/kyverno v1.11.0 -> v1.11.3 age adoption passing confidence

Release Notes

kyverno/kyverno (github.com/kyverno/kyverno) ### [`v1.11.3`](https://togithub.com/kyverno/kyverno/releases/tag/v1.11.3) [Compare Source](https://togithub.com/kyverno/kyverno/compare/v1.11.2...v1.11.3) #### 🐛 Fixed 🐛 - Fixed non-trigger resources to be skipped for background policies regardless of `skipBackgroundRequests` settings ([#​9333](https://togithub.com/kyverno/kyverno/issues/9333)) - Fixed the CLI to use "store" for fetching regclient ([#​9345](https://togithub.com/kyverno/kyverno/issues/9345)) **Full Changelog**: https://github.com/kyverno/kyverno/compare/v1.11.2...v1.11.3 ### [`v1.11.2`](https://togithub.com/kyverno/kyverno/releases/tag/v1.11.2) [Compare Source](https://togithub.com/kyverno/kyverno/compare/v1.11.1...v1.11.2) #### ❗ Breaking (Potentially) ❗ - The policy that applies to `Deployment/scale` subresource has been changed to use condition anchor for the condition check. This may break your existing policy if you used the policy [restrict-scale](https://kyverno.io/policies/other/restrict-scale/restrict-scale/) to block the scale action ([#​9295](https://togithub.com/kyverno/kyverno/issues/9295)) #### ✨ Added ✨ - Added support for FIPS endpoints in AWS authentication ([#​9233](https://togithub.com/kyverno/kyverno/issues/9233)) - Added deprecation warnings in both CLI `test` and `apply` commands ([#​9222](https://togithub.com/kyverno/kyverno/issues/9222)) - Enabled additional report printer columns by default ([#​9194](https://togithub.com/kyverno/kyverno/issues/9194)) - Added `skipBackgroundRequests` to configure loop protection option for Generate policies ([#​9157](https://togithub.com/kyverno/kyverno/issues/9157)) - Supported more signature algorithms for Cosign image verification ([#​9102](https://togithub.com/kyverno/kyverno/issues/9102)) ##### Helm - Added the option to specify `imagePullSecrets` for the post-upgrade-hook job ([#​9264](https://togithub.com/kyverno/kyverno/issues/9264)) - Added `tolerations` and affinity constraints to the post-upgrade hook ([#​9156](https://togithub.com/kyverno/kyverno/issues/9156)) - Added `nodeSelector` to the reports cleanup helm hook ([#​9065](https://togithub.com/kyverno/kyverno/issues/9065)) #### 🐛 Fixed 🐛 - Kyverno CLI: fixed excluded resources status in the `test` command ([#​9274](https://togithub.com/kyverno/kyverno/issues/9274)) - Kyverno CLI: fixed an issue when a resource cannot be found in the `apply` command ([#​9282](https://togithub.com/kyverno/kyverno/issues/9282)) - Kyverno CLI: fixed large table row ID number format in the `apply` command ([#​9281](https://togithub.com/kyverno/kyverno/issues/9281)) - Fixed the content length header issue for `APICall` ([#​9268](https://togithub.com/kyverno/kyverno/issues/9268)) - Converted chainsaw tests to kuttl ([#​9242](https://togithub.com/kyverno/kyverno/issues/9242)) - Fixed force reconciliation for mutate existing rules ([#​9230](https://togithub.com/kyverno/kyverno/issues/9230), [#​9210](https://togithub.com/kyverno/kyverno/issues/9210)) - Fixed an issue when applying mutate existing rules to a trigger resource whose name exceeds 63 characters ([#​9162](https://togithub.com/kyverno/kyverno/issues/9162)) - Kyverno CLI: fixed registry authentication issue in the `apply` command ([#​9151](https://togithub.com/kyverno/kyverno/issues/9151)) - Fixed an issue when `updaterequests` are stuck in pending/fail infinite loop for mutate existing rules ([#​9119](https://togithub.com/kyverno/kyverno/issues/9119)) - Fixed an issue when ttl cleanup rules are applying to cluster-wide resources ([#​9060](https://togithub.com/kyverno/kyverno/issues/9060)) - Fixed an issue allowing changes to pre-existing resources in violation of a Validation policy in Enforce mode ([#​9027](https://togithub.com/kyverno/kyverno/issues/9027)) ##### Helm - Fixed Helm chart to not error when replicas defined ([#​9066](https://togithub.com/kyverno/kyverno/issues/9066)) #### 🔧 Others 🔧 - Disabled policy library kuttl tests ([#​9259](https://togithub.com/kyverno/kyverno/issues/9259)) - Bumped k8s libraries to 1.29 stable ([#​9257](https://togithub.com/kyverno/kyverno/issues/9257)) - Fixed launch.json ([#​9239](https://togithub.com/kyverno/kyverno/issues/9239)) - Improved `ValidatingAdmissionPolicy` validation messages ([#​9168](https://togithub.com/kyverno/kyverno/issues/9168)) - Updated `chart.yaml` with the changes ([#​9070](https://togithub.com/kyverno/kyverno/issues/9070)) ### [`v1.11.1`](https://togithub.com/kyverno/kyverno/releases/tag/v1.11.1) [Compare Source](https://togithub.com/kyverno/kyverno/compare/v1.11.0...v1.11.1) #### What's Changed - Reduced verbosity of admission request filter INFO log message (cherry-pick [#​8712](https://togithub.com/kyverno/kyverno/issues/8712)) by [@​gcp-cherry-pick-bot](https://togithub.com/gcp-cherry-pick-bot) in [https://github.com/kyverno/kyverno/pull/8882](https://togithub.com/kyverno/kyverno/pull/8882) - Close reponse right after succesful request (cherry-pick [#​8894](https://togithub.com/kyverno/kyverno/issues/8894)) by [@​gcp-cherry-pick-bot](https://togithub.com/gcp-cherry-pick-bot) in [https://github.com/kyverno/kyverno/pull/8896](https://togithub.com/kyverno/kyverno/pull/8896) - chore(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.45.0 to 0.46.0 (cherry pick: [#​8893](https://togithub.com/kyverno/kyverno/issues/8893)) by [@​vishal-chdhry](https://togithub.com/vishal-chdhry) in [https://github.com/kyverno/kyverno/pull/8897](https://togithub.com/kyverno/kyverno/pull/8897) - Add policyKind option to kyverno-policies chart (cherry-pick [#​8827](https://togithub.com/kyverno/kyverno/issues/8827)) by [@​gcp-cherry-pick-bot](https://togithub.com/gcp-cherry-pick-bot) in [https://github.com/kyverno/kyverno/pull/8923](https://togithub.com/kyverno/kyverno/pull/8923) - \[Helm] correct typo in README for Kyverno 1.10+ (cherry-pick [#​8911](https://togithub.com/kyverno/kyverno/issues/8911)) by [@​gcp-cherry-pick-bot](https://togithub.com/gcp-cherry-pick-bot) in [https://github.com/kyverno/kyverno/pull/8927](https://togithub.com/kyverno/kyverno/pull/8927) - Revert "fix(chart): only create ServiceMonitor if cluster supports it ([#​7926](https://togithub.com/kyverno/kyverno/issues/7926)) (cherry-pick [#​8913](https://togithub.com/kyverno/kyverno/issues/8913)) by [@​gcp-cherry-pick-bot](https://togithub.com/gcp-cherry-pick-bot) in [https://github.com/kyverno/kyverno/pull/8931](https://togithub.com/kyverno/kyverno/pull/8931) - feat: add checks for max response size in API Call (cherry-pick [#​8957](https://togithub.com/kyverno/kyverno/issues/8957)) by [@​gcp-cherry-pick-bot](https://togithub.com/gcp-cherry-pick-bot) in [https://github.com/kyverno/kyverno/pull/8971](https://togithub.com/kyverno/kyverno/pull/8971) - fix: update KeysAreMissing() to ignore negations in resource (cherry-pick [#​8953](https://togithub.com/kyverno/kyverno/issues/8953)) by [@​gcp-cherry-pick-bot](https://togithub.com/gcp-cherry-pick-bot) in [https://github.com/kyverno/kyverno/pull/8982](https://togithub.com/kyverno/kyverno/pull/8982) - fix: block mutation only when failurePolicy is set to fail (cherry-pick [#​8952](https://togithub.com/kyverno/kyverno/issues/8952)) by [@​gcp-cherry-pick-bot](https://togithub.com/gcp-cherry-pick-bot) in [https://github.com/kyverno/kyverno/pull/8986](https://togithub.com/kyverno/kyverno/pull/8986) - fix: delete VAPs in case Kyverno policies can't be translated (cherry-pick [#​8887](https://togithub.com/kyverno/kyverno/issues/8887)) by [@​gcp-cherry-pick-bot](https://togithub.com/gcp-cherry-pick-bot) in [https://github.com/kyverno/kyverno/pull/9019](https://togithub.com/kyverno/kyverno/pull/9019) - fix: use v2beta1 version of exceptions in kyverno create CLI (cherry-pick [#​8908](https://togithub.com/kyverno/kyverno/issues/8908)) by [@​MariamFahmy98](https://togithub.com/MariamFahmy98) in [https://github.com/kyverno/kyverno/pull/9020](https://togithub.com/kyverno/kyverno/pull/9020) - fix: remove the additional dash in kyverno create exception (cherry-pick [#​8983](https://togithub.com/kyverno/kyverno/issues/8983)) by [@​MariamFahmy98](https://togithub.com/MariamFahmy98) in [https://github.com/kyverno/kyverno/pull/9021](https://togithub.com/kyverno/kyverno/pull/9021) - fix: use the default namespace in case --namespace isn't set in kyverno create exception (cherry-pick [#​9014](https://togithub.com/kyverno/kyverno/issues/9014)) by [@​MariamFahmy98](https://togithub.com/MariamFahmy98) in [https://github.com/kyverno/kyverno/pull/9022](https://togithub.com/kyverno/kyverno/pull/9022) - Remove var check (cherry-pick [#​8990](https://togithub.com/kyverno/kyverno/issues/8990)) by [@​gcp-cherry-pick-bot](https://togithub.com/gcp-cherry-pick-bot) in [https://github.com/kyverno/kyverno/pull/9024](https://togithub.com/kyverno/kyverno/pull/9024) - fix: use validate.message in case there is no message associated with the CEL expression (cherry-pick [#​8883](https://togithub.com/kyverno/kyverno/issues/8883)) by [@​MariamFahmy98](https://togithub.com/MariamFahmy98) in [https://github.com/kyverno/kyverno/pull/9025](https://togithub.com/kyverno/kyverno/pull/9025) - fix: cleanup older policy reports (cherry-pick [#​9026](https://togithub.com/kyverno/kyverno/issues/9026)) by [@​gcp-cherry-pick-bot](https://togithub.com/gcp-cherry-pick-bot) in [https://github.com/kyverno/kyverno/pull/9035](https://togithub.com/kyverno/kyverno/pull/9035) - Release 1.11.1 by [@​realshuting](https://togithub.com/realshuting) in [https://github.com/kyverno/kyverno/pull/9039](https://togithub.com/kyverno/kyverno/pull/9039) **Full Changelog**: https://github.com/kyverno/kyverno/compare/v1.11.0...v1.11.1

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.



This PR has been generated by Mend Renovate. View repository job log here.

renovate[bot] commented 10 months ago

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update (v1.11.3). You will get a PR once a newer version is released. To ignore this dependency forever, add it to the ignoreDeps array of your Renovate config.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.