v1.3.1

What's Changed

• feat: add cluster visibility to FalconAdmission by @gpontejos in #583

Full Changelog: v1.2.0...v1.3.1

v1.2.0

What's Changed

• fix handling of invalid tags in artifactory by @redhatrises in #549
• docs: update openshift installation docs for new certified operator by @redhatrises in #550
• fix: only run release workflow on full releases by @mhyson-cs in #561
• feat: make eBPF primary sensor by @redhatrises in #495
• build(deps): bump docker/build-push-action from 5 to 6 by @dependabot in #562
• Add missing OpenShift uninstall steps by @evanstoner in #554
• fix: force the use of a single replica in FalconAdmission by @mhyson-cs in #560
• fix: replace Artifactory tag workaround with updated library by @mhyson-cs in #569
• feat: allow API host override during NodeSensor config-cache tests by @mhyson-cs in #565
• build(deps): bump github.com/docker/docker from 26.1.3+incompatible to 26.1.4+incompatible by @dependabot in #572
• build(deps): bump github.com/docker/docker from 26.1.4+incompatible to 26.1.5+incompatible by @dependabot in #576
• feat: add support for sensor version selection by update policy by @mhyson-cs in #570
• fix: add warning in docs about AutoPilot resource mismatches by @mhyson-cs in #578
• fix: disable provenance in Docker builds by @mhyson-cs in #579
• feat: automatic sensor updates by @mhyson-cs in #580
• feat: advanced settings by @mhyson-cs in #581

Full Changelog: v1.1.0...v1.2.0

v1.1.0

What's Changed

• fix: only run release workflow on full releases
• feat: make eBPF primary sensor
• build(deps): bump docker/build-push-action from 5 to 6
• add missing OpenShift uninstall steps
• fix: ignore the KAC replica setting but say so in the logs

Full Changelog: v1.0.1...v1.1.0

v1.0.1

What's Changed

• fix handling of invalid tags in artifactory

Full Changelog: v1.0.0...v1.0.1

v1.0.0

What's Changed

• build(deps): bump golangci/golangci-lint-action from 5 to 6
• docs: update docs for iar and openshift
• chore(bundle): add arm64 support label
• cleanup(bundle): remove legacy unused falconcontainer role
• --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: indirect ...
• --- updated-dependencies: - dependency-name: github.com/containers/image/v5 dependency-type: direct:production ...
• Bumping to version 0.9.6
• regenerate boilerplate code
• add docs
• more code cleanup
• configure ocp scc for iar
• cleanup old iar code
• exclude docs in gosec testing
• configure volumesize before default is generated
• make volume and volumemount configuration simpler
• update IAR types for exclusions and registry configs, etc.
• Remove Falcon sensor settings for IAR
• add volumes and volumemount configs
• remove unused functions and add azureconfig and priorityclassname to config
• security context
• minor fix
• non-olm
• cleanup configmap
• add bundle
• add manager config
• remove unused
• generate manifest and api
• add imageanalyzer role
• remove resourceQuota
• cleanup deployment
• cleanup controller
• image tag
• update rbac
• add configmap
• lint
• update manifests
• IAR controller and templates
• falcon image deployment function
• falcon image constants
• falcon image type definitions
• cleanup: conditionsupdate should get resource
• cleanup: remove tautological conditions
• cleanup: remove unused parameters
• feat: allow sidecar sensor to customize namespace
• chore: add arch requirements for single-arch deployments
• feat(admission): automate ocp & falcon ns exclusions
• docs(nodesensor): update docs
• fix(nodesensor): use operator naming for node clusterrolebinding
• chore(nodesensor): add privileged labels to node sensor ns
• feat(sec): do not allow any workloads to run in falcon install namespaces
• feat: allow node sensor to customize namespace
• chore: use retry on conflict to update the status
• build(deps): bump golangci/golangci-lint-action from 4 to 5
• build(deps): bump helm/kind-action from 1.9.0 to 1.10.0
• fix(admission): version 7.14 of admission controller requires webhook to exist before the service can start
• feat(node): handle multi-arch container images
• feat: operator upgrade docs
• chore(admission): sync clusterrole perms
• fix src
• build(deps): bump golang.org/x/net from 0.21.0 to 0.23.0
• fix admission readme
• make tags array
• chore(action): update metadata action to add non-olm target
• fix(ci): fix broken tests due to upstream envtest changes
• build(deps): bump github.com/docker/docker
• ran make and added generated files
• imagePullSecretName is no longer valid, updated readme with imagePullSecret
• fix(iar): return IAR tags
• cleanup(nodesensor): remove legacy initContainer code
• build(deps): bump google.golang.org/protobuf from 1.31.0 to 1.33.0
• feat: determine cluster install features such as OpenShift and cert-manager
• build(deps): bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3
• build(deps): bump gopkg.in/go-jose/go-jose.v2 from 2.6.1 to 2.6.3
• cleanup: Remove WATCH_NAMESPACE usage
• feat: update to operator-sdk 1.34.1
• fix(admission): always return existing tls certs on reconciliation
• Clarify FalconContainer is not intended for OpenShift.
• fix(admission): Fix admission controller yaml for azure
• feat: update gofalcon to v0.6.0
• feat: remove CGO_ENABLED=0 references in order to enable FIPS compliance
• build(deps): bump helm/kind-action from 1.8.0 to 1.9.0
• build(deps): bump golangci/golangci-lint-action from 3 to 4
• feat(node): merge tolerations when injected
• docs: add managed OpenShift control plan/infra caveats
• feat: add new OpenShift feature annotations to CSV
• fix: remove deprecated configmap for componentconfig
• fix: update leader election ID
• fix: update oom guidance for openshift to makes changes to the subscription
• fix: operator pull policy should follow the default
• feat: add some utils tests
• fix: TestMakeSensorEnvMap should test for automatic proxy vs manual
• fixing the automatic proxy host config commenting the test TestMakeSensorEnvMapWithAutomaticProxy for refactor
• fix: priorityclass handling should be deployable to more than just GKE
• feat: OLM updates
• feat: generate boilerplate for IAR
• fix: downloaded kustomize if needed when non-olm make target is run
• build(deps): bump github.com/opencontainers/runc from 1.1.10 to 1.1.12
• cleanup: remove logging from version.go
• Bump channel in docs/src.
• Fix a readme link so it works from OperatorHub.
• Bump OpenShift Subscription channel to 0.9.
• cleanup: remove cloudformation content
• fix: update go crypto version
• build(deps): bump github.com/containerd/containerd from 1.7.0 to 1.7.11
• fix: update manifests
• fix: update controller-runtime cache handling from deprecated method
• fix: go mod tidy
• feat: use gofalcon for registry config and sensor types
• fix: use valid yaml sequence
• fix: remove deprecated componentConfig and controller manager options
• feat: migrate controllers to new folder to match golang project standards
• fix: use LOCALBIN for opm install
• build(deps): bump github/codeql-action from 2 to 3
• build(deps): bump actions/setup-go from 4 to 5
• update CRD to fix the display name on the proxy host
• fix: checkout branch to get release commit during release run
• feat: update to operator-sdk version 1.33.0
• feat: set operator to be permanently globally scoped
• feat: add infra node toleration by default
• clean(node-sensor): remove some unnecessary functions
• feat: Add network permissions for GKE Autopilot
• feat: update to latest gofalcon
• feat: loosen up the default resource quota the admission controller
• fix: admission controller doc fixes
• fix: fix typo in configmap_test.go

New Contributors

• @evanstoner made their first contribution in #480
• @ryanjpayne made their first contribution in #483
• @crwdzantinelli made their first contribution in #519

Full Changelog: v1.0.1...v1.0.0

v0.9.6

What's Changed

• feat: support multi-arch cs images
• fix(ci): fix broken tests due to upstream envtest changes

Full Changelog: v0.9.5...v0.9.6

v0.9.5

What's Changed

• build(deps): bump google.golang.org/protobuf from 1.31.0 to 1.33.0
• build(deps): bump gopkg.in/go-jose/go-jose.v2 from 2.6.1 to 2.6.3
• cleanup(nodesensor): remove legacy initContainer code

Full Changelog: v0.9.4...v0.9.5

v0.9.4

What's Changed

• Clarify FalconContainer is not intended for OpenShift.
• fix(admission): Fix admission controller yaml for azure
• docs: add managed OpenShift control plan/infra caveats
• feat: add new OpenShift feature annotations to CSV
• fix: update oom guidance for openshift to makes changes to the subscription
• fix(admission): always return existing tls certs on reconciliation

Full Changelog: v0.9.3...v0.9.4

v0.9.3

What's Changed

• fix: TestMakeSensorEnvMap should test for automatic proxy vs manual
• fixing the automatic proxy host config commenting the test TestMakeSensorEnvMapWithAutomaticProxy for refactor
• fix: priorityclass handling should be deployable to more than just GKE
• fix: downloaded kustomize if needed when non-olm make target is run
• Bump channel in docs/src.
• Fix a readme link so it works from OperatorHub.
• Bump OpenShift Subscription channel to 0.9.
• fix: update go crypto version
• update CRD to fix the display name on the proxy host
• feat: update to latest gofalcon
• feat: loosen up the default resource quota the admission controller
• fix: admission controller doc fixes
• fix: fix typo in configmap_test.go

Full Changelog: v0.9.2...v0.9.3

v0.9.2

What's Changed

• feat: add infra node toleration by default
• fix: checkout branch to get release commit during release run
• feat: Add network permissions for GKE Autopilot

Full Changelog: v0.9.1...v0.9.2