- Fix Helm Chart uihost template function.
- Fix Helm Chart
values.yaml. Cleanup unused default configurations. [#103 by AndersBennedsgaard]
- Fix Typo in values.yaml [#102 by christophefromparis]
- Policy Reporter UI v1.2.0
- New configurations to customize the dashboard by disable PolicyReport- or ClusterPolicyReport information
- Fix KyvernoPlugin Metrics ServiceMonitor Port [#96 by z0rc]
- Remove unused Port from KyvernoPlugin Deployment and Service
- KyvernoPlugin v1.1.0
- New KyvernoPlugin API - VerifyImages Rules (details)
- Policy Reporter UI v1.1.0
- New Kyverno VerifyImages view in Policy Reporter UI
- New configurations to disable views (details)
- Remove NetworkPolicy ingress rule for UI if not enabled
- Update Policy Reporter UI
- Fix: Show PolicyReportResult Properties in Tables
- Removed deprecated values
crdVersion,cleanupDebounceTime - Simplify
policyPriorities,policyPriorities.enabledwas removed along with the watch feature- Priority determined mainly over severity
- Add
sourcesfilter to target configurations - Improved
NetworkPolicyconfiguration for all components - Metrics now an optional feature
- Each component expose a single Port
8080
See Migration Docs for details
- modular functions for separate activation/deactivation
- REST API
- Metrics API
- Target pushes
- PolicyReports are now stored in an internal SQLite
- extended REST API based on the new SQLite DB for filters and grouping of data
- metrics API is now optional
- metrics and REST API using the same HTTP Server (were separated before)
- improved CRD watch logic with Kubernetes client informer
Yandexchanged to a generalS3target.
- Rewrite with NuxtJS
- Simplified Proxy
- Improved SPA file handling
- modular functions for separate activation/deactivation
- REST API
- Metrics API
- metrics and REST API using the same HTTP Server (were separated before)
- improved CRD watch logic with Kubernetes client informer
- Update Go Base Image for all Components
- Policy Reporter [#90 by fjogeleit]
- Policy Reporter UI [#11 by realshuting]
- Policy Reporter Kyverno Plugin [#9 by realshuting]
- Dependency Update
- Fix policy-reporter-ui ServiceName function [#87 by m-yosefpor]
- Fix policy-reporter-ui backend name [#85 by m-yosefpor]
- Fix CRD registration for PolicyReport and ClusterPolicyReport
- Add Yandex as new Target for Policy Reporter
- Add Yandex as new Target for Policy Reporter
- Update Policy Reporter UI to v0.15.0
- Add Filters as Query Parameters, make them shareable over links
- Hosting all new Images on the GitHub Container Registry instead of DockerHub
- Go Version updates to Go 1.17 of all components
- Fix loki target messages for labels with dots
- Add additional egress rules to kyvernoPlugin and UI subchart with
networkPolicy.egress
- Configure the Kubernetes API Port for NetworkPolicy with
networkPolicy.kubernetesApiPort
- Implement NetworkPolicy for Policy Reporter and related Components [#68 by windowsrefund]
- Customize liveness- and readinessProbe for Policy Reporter [#67 by windowsrefund]
- Fix ServiceMonitor Namespace overwrite with
monitoring.serviceMonitor.namespaceinstead ofmonitoring.namespace
- Ensure Backward Compatibility for
monitoring.namespaceconfiguration
- Optional Namespace Configuration for Monitoring ServiceMonitor
- Separat Namespace Configuration for Monitoring ConfigMaps with
monitoring.grafana.namespace
- Update Policy Reporter UI to 0.14.0
- Colored Diagrams
- Suppport SubPath Configuration
- Restart CRD Watches when no CRDs are found
- Fix Ingress Resource in the UI Subchart
- Allow to override namespace for serviceMonitor [#57 by Issif]
- Update Policy Reporter UI to 0.13.1
- Hide Rule Chips if rule name is empty
- Update Policy Reporter Kyvern Plugin to 0.3.2
- Improved LivenessProbe, checks now if Kyverno CRDs are available
- Update Policy Reporter to 1.8.4
- Improved LivenessProbe, checks now if any PolicyReport CRD is available
- Changed Organization
- Update Policy Reporter UI to 0.13.0
- Change Result Grouping between by Status and by Category
- Add source filter to ClusterPolicyReports
- Fix
scoredmapping forv1alpha2/policyreports - Disable KyvernPlugin as default as expected
- Support
sourceandpropertiesforpolicyreports/v1alpha2in Policy Reporter UI- Update Policy Reporter UI to
0.12.0
- Update Policy Reporter UI to
- Customize label and annotation for Grafana dashboards [#43 by nlamirault]
- ARM64 Support for all Components
- Update Policy Reporter - Kyverno Plugin to 0.2.0
- New APIs for Liveness and Readiness Probes
- Update Policy Reporter - Kyverno Plugin to 0.1.2
- Fix Handling of Validations with empty messages
- Fix HelmChart - Deployment Probes for Policy Reporter
- Enable REST API by default
- Add
/healthzand/readyAPIs as new endpoints for readinessProbe and livenessProbe
- Add
- Helm Chart Updates
- Add
global.labelsto addlabelson every resource created - Add default labels on every resource
- Add
- Increase Result Caching Time to handle Kyverno issues with Policy reconcilation Issue
- Fix golint errors
- Add .global.fullnameOverride as new configuration for Policy Reporter Helm Chart
- Add static manifests to install Policy Reporter without Helm or Kustomize
- Internal refactoring
- Unification of PolicyReports and ClusterPolicyReports processing, APIs still stable
- DEPRECETED
crdVersion, Policy Reporter handels now both versions by default - DEPRECETED
cleanupDebounceTime, new internal caching replaced the debounce mechanism, debounce still exist with a fixed period to improve stable metric values.
- Support multiple Resources for a single Result
- Mapping Result with multiple Resources in multiple Results with a single Resource
- Upate UI handling with Results without Resources
- Update Kyverno Plugin
- Fix Rule Type mapping
- Update Policy Reporter UI
- Fix Chart rerender when values are the same
- Add Kyverno Plugins to the Helm Chart
- Configure Debounce Time in seconds for Cleanup Events over Helm Chart
- Helm Value
cleanupDebounceTime- default: 20
- Helm Value
- Improved securityContext defaults
- Update Policy Reporter UI to v0.9.0
- expand Tables with Validation Message
- Reduce log messages
- Compress REST API with GZIP
- Update Policy Reporter UI to 0.8.0
- Support for GZIP Responses
- Debounce reconcile modification events for 10s to prevent resending violations
- New Helm Configuration
crdVersionchanges the version of the PolicyReporter CRD - v1alpha1 is the current default
- Fix resend violations after KubeAPI reconnect
- Fix PolicyReportResult.timestamp parsing
- Support PolicyReportResult.status as well as PolicyReportResult.result for newer CRD versions
- Support for (Cluster)PolicyReport CRD Properties in Target Output
- Support for (Cluster)PolicyReport CRD Timestamp in Target Output
- Fix resend violations after Kyverno Cleanup with ResultHashes
- Added PolicyReport Category to Metrics
- New (Cluster)PolicyReport filter for Grafana Dashboards
- Add All Selection for Policy Filter
- Category Filter
- Severity Filter
- Kind Filter
- Namespacefilter (PolicyReports only)
- New (Cluster)PolicyReport filter for Policy Reporter UI
- Category Filter
- Severity Filter
- Kind Filter
- Support Priority by Severity
- high -> critical
- medium -> warning
- low -> information
- Severity is added as label to result metrics
- Severity is added in Policy Reporter UI tables
- Add "Critical" as new Priority to differ between Errored Policies and Failed priorities with High Severity
- Use "Warning" as new default Priority instead of Error which should now used for Policies in Error Status
- New Target Policy Reporter UI
- New Log View in the Policy Reporter UI to see the latest log entries
- Default: latest 200 logs with priority >= warning
- New Target MS Teams
- Policy Reporter UI update
- Select All option for Policy Filter
- New Namespace Filter for PolicyReport View
- [Breaking Change] rename policy-reporter-ui Subchart to ui
- Simplify the customization by configure all PolicyReporter UI values under
ui
- Simplify the customization by configure all PolicyReporter UI values under
- PolicyResult Priority mapping is now configurable over the Helm Chart
- Helm Chart updates #16 fixes #14
- Target Configuration are now configured under
targetin the HelmChartvalues.yaml - config.yaml are now deployed as Secret with encoded data body (plain stringData before)
- Target Configuration are now configured under
- New Helm Linting Workflow by kolikons #15
- Improved Helm Chart by kolikons #13
- More configuration possibilities like UI Ingress, ReplicaCount
- Role and RoleBindings for ConfigMaps are now optional (required for Priority configuration)
- New Optional REST API
- New Optional Policy Reporter UI Helm SubChart
- Add a checksum for the target configuration secret to the deployment. This enforces a pod recreation when the configuration changed by a Helm upgrade.
- Customizable Dashboards via new Helm values for the Monitoring Subchart.
- Internal refactoring
- Improved test coverage
- Removed duplicated caching
- Updated Dashboard
- Filter zero values from Policy Report Detail after Policies / Resources are deleted
- Split the Monitoring out in a Sub Helm chart
- Changed naming from
metricstomonitoring
- Changed naming from
- Make Annotations for the Deployment configurable
- Add two new Grafana Dashboard (PolicyReport Details, ClusterPolicyReport Details)
- Add support for a special
defaultkey in the Policy Priority. Thedefaultkey can be used to configure a global default priority instead oferror
- Use a Secret instead of ConfigMap to persist target configurations
- Helm Chart Value
metrics.serviceMonitorchanged tometrics.serviceMonitor.enabled - New Helm Chart Value
metrics.serviceMonitor.labelscan be used to add additionallabelsto theSeriveMonitor. This helps to fullfil theserviceMonitorSelectorof thePrometheusResource in the MonitoringStack.
- Implement Discord as Target for PolicyReportResults
- Implement Slack as Target for PolicyReportResults
- Implement Elasticsearch as Target for PolicyReportResults
- Replace CLI flags with a single
config.yamlto manage target-configurations as separateConfigMap - Set
loki.skipExistingOnStartupdefault value totrue