kubeaudit-v0.7.0

Changelog

c74f700 [BUG FIX] Change labels to valid syntax (#230)
fb2b354 [FEATURE] Support podtemplates (#229)
e60724d [BUG FIX] 224 fix go get (#226)
eda1e20 go get doesn't work readme update (#225)
019bf4a [BUG FIX] --auditConfig ---> --auditconfig in docs (#221)
912f08d [BUG FIX] Update link to config/caps in readme (#220)
ef7adb1 add CLA link to Contributing (#222)
9c1546f [BUG FIX] Put back autofix logic for ClusterRole and Role (#219)
650cc1b [FEATURE] Mount docker sock check feature (#217)
bd414da [BUG FIX] Add fix for issue 203 (#215)
c5b563f [BUG FIX] Custom resource definition fix (#213)
e4cee35 [FEATURE] return kubernetes parsing error to user (#210)

kubeaudit-v0.6.0

Changelog

f3eeb33 [FEATURE] Audit Pod Namespace Nix (#207)
9f7b46e [BUG FIX] Mismatch of Host's in case HTTP slice was the same in Ingress resource(#206)

kubeaudit-v0.5.3

Changelog

b19f650 Remove creationTimeStamp for JobSpec resource and remove 80 char line break while yaml marshalling (#200)

kubeaudit-v0.5.2

Changelog

a48ce74 KubeauditConfig Feature added (#193)
72736e7 Support for Namespace Network Policy Overrides added (#197)
9c1b76a Added probot features to repo (#192)

kubeaudit-v0.5.1

Changelog

e9d3d15 added Support DaemonSet apps/v1beta2 (#191)
61d5cd8 added support for Cert-manager Certificate resource (#190)
5465e24 local package schema created to manage external workloads (#189)
9266a5b remove NULL status and creationTimestamp when not in original manifest on autofix ( Issue #184) (#185)
2d62506 cmd: fix copy/paste on flag -dropCapConfig description (#186)

kubeaudit-v0.5.0

Changelog

7264348 Skip and report error for invalid Kubernetes Manifests (#181)
1d1ff7d Begin autofixed manifests with YAML separator (#179)
5d266d2 Replace Dep with Go Modules (#174)
e0c0f77 Use "ports" or "from" as identifying key for "ingress" (#177)
39655b1 Use Go 1.12 (#173)
2d35739 Fix default ServiceAccount name bug (#172)
da47283 Increase Code Coverage (#166)
36cd4df Drop error to warn for Unsupported Workloads and add Regression Test for all Fixtures (#164)
5c82fd4 Add support for multi-container override label (#153)
78a3cfa Deprecated Service Account Token replaced with Service Account Token (#158)
2734ba1 Autofix feature for Network Policy (#155)
b8e06d0 RunAsNonRootPodSecurityContextFalseContainerSecurityContextNil case was added for Autofix (#154)
484716b Add Comment Support for Autofix (#140)
20cf7fc Add templates for PR/Issues (#150)

kubeaudit-v0.4.1

Changelog

1c6047e Inherit from PodSecurityContext if ContainerSecurityContext is not defined (#147)
a3dd038 Limits use of acronyms (#147)
e0a2636 Add containerName field to occurrences in PodSecurityContext Error and cleanup (#147)
8a6ef46 Add tests for PodSecurityContext, change error ID's and messages, cleanup code (#147)
79077d9 add initial functionality tests, add Pod field to RANRFalse error, refactor tests (#147)
014f332 Fix check for ContainerSecurityContext definition and order of function calls (#147)
c84eb5b Add podHostName for Occurrences object and split RunAsNonRoot to RunAsNonRoot check
PodSecurityContext/ContainerSecurityContext check (#147)

kubeaudit v0.4.1 fixes the bug (#138), now it inherits RunAsNonRoot from PodSecurityContext in case ContainerSecurityContext or RunAsNonRoot in ContainerSecurityContext is not defined.

kubeaudit-v0.4.0

Notable Changes

0ce9f06 Audit all containers (#144)
e35c464 Initial support for networkPolicy audit (#118)
1c29b4f Add Resource type (#101)
37c6317 Include k8s versions for type aliases, files, and tests (#137)
7953f02 Add support for apps v1 (#130)
db02dff Clean up version command.
2017ef4 Remove broken client version.
2c543da Use makefile/goreleaser to set version.
6f06cd5 Enforce go1.10+.
7c32ede Use go1.11.
87446f2 Add auditing for apparmor and seccomp (#124)
e9250c4 add an option to install kubeaudit as a kubectl plugin (#121)

kubeaudit v0.4.0 allows auditing for apparmor and seccomp, installation as a kubectl plugin, using apps/v1. It adds initial support for auditing network policies and contains additional updates and bug fixes. It now requires go1.10+.

kubeaudit-v0.3.1

Changelog

60c846a Automatically detect local/cluster mode (#113)
3013754 Add description to capabilities command
00a28f9 Update command examples to match actual command
0995e3c capabilities: Fix a false positive when all capabilities dropped (#111)

kubeaudit-v0.3.0

kubeaudit v0.3.0 adds new options to check CPU and memory limits, ignore checks with override lables, run all checks, and check specific namespaces. It checks all containers in a pod, supports CronJobs, and contains various bugfixes and other improvements.

Changelog

dd1e8b3 Merge pull request #109 from Shopify/fix_gofmt
166b748 Fix spacing and typos
f2fc144 Merge pull request #108 from Shopify/fix_golint
f824cec Reword type comments
39b951b Make comments ~120 chars per line
9bdbe23 Change capitalization to match style guide.
fb56062 Remove unused constants
ec9ac50 Add comments
0af40c9 Merge pull request #106 from Shopify/fix_config_file_location
fedcde1 Remove local config path dependency and make it a config flag
a241b15 Merge pull request #105 from Shopify/fix_readme
e2c4d4c Update readme labels section
87d82cc Merge pull request #102 from lrakai/Fix-README-list-numbering
f9d0771 Remove leading spaces in service account list
76ae0f0 Update README.md
3a36301 Bugfixes: Allow any of the deployment types to be used, fix spurious errors on services (#99)
987d36f Add kind CronJob
b8d7882 Merge pull request #97 from Shopify/fix96
870c707 import oidc auth-provider to support oidc based kubconfig
c0491db Merge pull request #90 from Shopify/container-handling-bug
fdf57e2 Kubeaudit audits all containers now
ab321df Fixes #87 autofix (#89)
dde84a6 Merge pull request #82 from Shopify/all-cmd
6a22472 Merge pull request #86 from Shopify/refactor-labels
2f6b230 Make labels conform to standards
14f5e3a Merge pull request #83 from CameronLonsdale/patch-1
40729fe Update privileged.go documentation
cbab6c4 Add all command
681607c Merge pull request #81 from Shopify/update-readme-autofix
7aaca31 Add autofix to readme
05f86ec Merge pull request #75 from Shopify/autofix
17626e2 Add "autofix" to automatically fix potential security issues in the manifest
fd1cd79 Merge pull request #79 from Shopify/improve-tests
a2f41cf Add stricter check for audit tests
e28a609 Merge pull request #77 from Shopify/show_coverage
8001fe9 Add a rule in makefile to show coverage in HTML format
ecd2c49 Merge pull request #73 from Shopify/adding-labels
278c4bf Add options to override audits using labels
29cca5b Merge pull request #76 from Shopify/refactor-own-types-away
24197af Refactors util.go switches to runtime.Object from kubeaudit types
47196b7 Merge pull request #74 from Shopify/refactor-util-create-result
d0401af Break type result out of util
1e125f2 Merge pull request #72 from jerr/with-namespace
104dce4 Adding namespace option.
86d331b Merge pull request #71 from jerr/quota_cmd
7f78a3f Adding limits command
15a8743 Merge pull request #69 from Shopify/allowpe-readme-update
0d4a277 Add allowpe to readme