Skip to content

Release v0.11.0
Compare
Choose a tag to compare
@github-actions github-actions released this 01 Sep 09:01
· 2379 commits to main since this release
v0.11.0
This tag was signed with the committer’s verified signature. The key has expired.
tpapagian Anastasios Papagiannis
GPG key ID: 0B3DBEC9DF296F9E
Expired
Learn about vigilant mode.
3c1f68d

Upgrade notes

  • tracingpolicies* CRDs need to be manually deleted. See #1394 for details.

What's Changed

  • fix(deps): update module sigs.k8s.io/controller-tools to v0.12.1 by @cilium-renovate in #1207
  • chore(deps): update all k8s pkg go dependencies main (patch) by @cilium-renovate in #1172
  • fix(deps): update module github.com/iancoleman/strcase to v0.3.0 by @cilium-renovate in #1236
  • docs update by @kkourt in #1233
  • metrics: Switch from gauges to counters by @lambdanis in #1220
  • chore(deps): update docker.io/library/golang docker tag to v1.20.6 by @cilium-renovate in #1226
  • Add _total suffix to counter metrics that didn't have it by @lambdanis in #1208
  • fix(deps): update module github.com/cilium/little-vm-helper to v0.0.9 by @cilium-renovate in #1239
  • Clang image Dockerfile and workflow improvements and renovate settings tuning by @mtardy in #1221
  • chore(deps): update all github action dependencies by @cilium-renovate in #1175
  • fix(deps): update module go.uber.org/multierr to v1.11.0 by @cilium-renovate in #1243
  • selector fixes by @kkourt in #1246
  • Adding Kind property to the openat_write tracingpolicy sample YAML file by @ashishkurmi in #1248
  • Infinite ports and CIDRs by @kevsecurity in #1222
  • fix replace directives for Cilium v1.13.4 by @rolinh in #1252
  • gh/vmtests: use -main for latest version and add bpf-next by @kkourt in #1247
  • Let renovate update Go toolchain in a single PR by @mtardy in #1259
  • Fix SKB test by @kevsecurity in #1258
  • chore(deps): update go to v1.20.6 (minor) by @cilium-renovate in #1261
  • fix(deps): update module github.com/cilium/little-vm-helper to v0.0.12 by @cilium-renovate in #1242
  • Implement DeleteTracingPolicy functionality by @inliquid in #1253
  • tetragon: Check final size for data event by @olsajiri in #1224
  • tetragon: Loader fixes by @olsajiri in #951
  • Renovate: let renovate update golangci-lint and various fixes by @mtardy in #1263
  • fix(deps): update module github.com/opencontainers/runtime-spec to v1.1.0 by @cilium-renovate in #1266
  • fix(deps): update kubernetes packages to v0.26.7 (patch) by @cilium-renovate in #1265
  • Simplify tetra and tetragon build without CGO, add binary stripping and improve Makefile by @mtardy in #1268
  • Update README.md Links by @saintdle in #1270
  • deps: remove unused cilium/metallb replace directive by @mtardy in #1269
  • e2e tests: remove gexe dependency in cilium management by @mtardy in #1271
  • docs: fix a link to contribution guide by @mtardy in #1277
  • tetragon: remove unnecessary GetProcessCopy() by @jrfastab in #1254
  • tetragon: Add support for multi kprobe override by @olsajiri in #1218
  • Handle non-utf8 strings in protobuf structures by @kkourt in #1282
  • tetragon: load tracingpolicies from directory by @tixxdz in #995
  • contrib: Support upgrade in install-tetragon.sh by @lambdanis in #1280
  • chore(deps): update docker.io/library/golang:1.20.6 docker digest to 010a0ff by @cilium-renovate in #1293
  • fix(deps): update all go dependencies main (patch) by @cilium-renovate in #1294
  • fix(deps): update module github.com/cilium/cilium to v1.13.5 by @cilium-renovate in #1297
  • deps: bump cilium/cilium to v1.14.0 by @mtardy in #1299
  • pkg/k8s: deps bump cilium/cilium Go dep to v1.14.0 by @mtardy in #1302
  • workflows: split static checks to parallelize jobs by @mtardy in #1300
  • chore(deps): update module github.com/cilium/controller-tools to v0.12.1 by @cilium-renovate in #1298
  • Makefile: Print messages only once by @lambdanis in #1295
  • fix(deps): update kubernetes packages to v0.27.4 (patch) by @cilium-renovate in #1303
  • kprobes: allow to override security_ hooks by @tixxdz in #1305
  • tetragon: kprobe fixes by @olsajiri in #1291
  • Copy Helm chart values doc to docs reference by @mtardy in #1288
  • use-case: advanced tracing of elf and flat execution by @tixxdz in #1307
  • cves:exploit: prevent cve-2023-2640 overlayfs exploit on ubuntu by @tixxdz in #1306
  • tetragon: bpf map handlers updates by @jrfastab in #1308
  • bugfix: Fix Prefix operator with file type in matchArgs by @tpapagian in #1301
  • tetragon: tty monitoring fixes by @olsajiri in #1289
  • sensors: harden string parsing from BPF events by @mtardy in #1276
  • Add three network policies by @kevsecurity in #1313
  • Create metrics registry explicitly instead of using promauto by @lambdanis in #1304
  • fix(deps): update module sigs.k8s.io/e2e-framework to v0.2.0 by @cilium-renovate in #1244
  • btf: Add support to load symbols from kernel modules by @tpapagian in #1316
  • Revert "renovate: fix usage of dot in regexes" by @mtardy in #1322
  • fix(deps): update module golang.org/x/sys to v0.11.0 by @cilium-renovate in #1323
  • fix(deps): update module google.golang.org/grpc to v1.57.0 by @cilium-renovate in #1324
  • generic traceponts: add support for string type by @kkourt in #1314
  • tetragon: Add stats support for errors by @jrfastab in #1311
  • chore(deps): update go to v1.20.7 (patch) by @cilium-renovate in #1320
  • Renovate settings for replace directive deps and cilium/cilium updates by @mtardy in #1330
  • tetragon: Remove pkg/bpf/map module by @olsajiri in #1315
  • misc fixes by @kkourt in #1317
  • refactor: Move readConfig{Dir,File} to the option package by @michi-covalent in #1336
  • Move observer_test_helpers.go to a separate package by @lambdanis in #1335
  • chore(deps): update renovatebot/github-action action to v39 by @cilium-renovate in #1334
  • Add tetragon-operator-config ConfigMap by @michi-covalent in #1337
  • chore(deps): update docker.io/library/alpine docker tag to v3.18.3 by @cilium-renovate in #1342
  • fix(deps): update module github.com/hashicorp/golang-lru/v2 to v2.0.5 by @cilium-renovate in #1343
  • tetragon-oci-hook: improvements by @kkourt in #1076
  • matchArgs: Add Not{Equal, Prefix, Postfix} in fd, file, path types by @tpapagian in #1325
  • Fix TestKprobeMatchArgsNonPrefix test by @tpapagian in #1347
  • use-case: add ProcessCredentials object and track credentials changes at kernel by @tixxdz in #888
  • renovate: group Helm chart version bump PRs by @mtardy in #1346
  • Fix tetra version injection by @mtardy in #1348
  • operator: Move the CRD registration logic to a separate package by @michi-covalent in #1350
  • docs: Update the link to the cosign installation page by @michi-covalent in #1352
  • tetragon: Do not update sensors.AllPrograms in kprobe sensor by @olsajiri in #1340
  • Add tetragon operator deployment into the helm chart by @prateek041 in #1351
  • Sock/skb: socket improvements by @kevsecurity in #1358
  • tetragon: Remove unnecessary computation line by @olsajiri in #1357
  • Delete pkg/podinfo/podinfo.go by @michi-covalent in #1362
  • Lists by @olsajiri in #1283
  • sock/skb: Add datagram example for kernel 5.18+ by @kevsecurity in #1364
  • sock/skb: Add IPv6 Support by @kevsecurity in #1361
  • Sock/skb: fix untrack sock by @kevsecurity in #1366
  • api: Deprecate Pod.labels field by @michi-covalent in #1363
  • bpf: fmodret override on security_ hooks is available from 5.7 by @tixxdz in #1349
  • tetragon-oci-hook: statically linked binary by @akshay196 in #1371
  • fix(deps): update all go dependencies main (patch) by @cilium-renovate in #1353
  • fix(deps): update module github.com/cilium/cilium to v1.14.1 by @cilium-renovate in #1373
  • fix(deps): update module github.com/google/cel-go to v0.17.1 by @cilium-renovate in #1354
  • tracing: multiple action fixes by @kkourt in #1367
  • Fix link in README.md by @0xE282B0 in #1376
  • Watch k8s services by @michi-covalent in #1370
  • chore: update lvh dependency by @kkourt in #1383
  • Ignore docs/** in packages-e2e-tests.yaml by @mtardy in #1379
  • golangci-lint: increase timeout and enable caching by @mtardy in #1382
  • fix(deps): update all go dependencies main (patch) by @cilium-renovate in #1381
  • chore(deps): update docker.io/golangci/golangci-lint docker tag to v1.54.2 by @cilium-renovate in #1345
  • sensors: modify unload hooks and remove GetConfig and SetConfig by @mtardy in #1385
  • improve tetra tracingpolicy generate by @kkourt in #1386
  • use case:credentials: record Linux capability usage by @tixxdz in #1189
  • docs: split Tracing Policy concept page into subpages by @mtardy in #1377
  • refactor: Clean up unused stuff by @michi-covalent in #1389
  • process: Add a function to access K8sResourceWatcher by @michi-covalent in #1391
  • watcher: Implement fake service functions by @michi-covalent in #1392
  • gha: add pr-validation GH action by @kkourt in #1384
  • Enforce SPDX headers in Go files with goheader linter by @lambdanis in #1388
  • Move tracing policy types to a separate file by @michi-covalent in #1393
  • docs: improve filename use-case by @kkourt in #1387
  • process.GetPodInfo: Don't return Cilium endpoint by @michi-covalent in #1398
  • cmd/tetra: retry failed gRPC connections with exponential backoff by @willfindlay in #1402
  • Delete metrics for deleted pods by @lambdanis in #1279
  • Add workload label to metrics with pod info by @lambdanis in #1403
  • tetragon: Factor InMap operators by @olsajiri in #1368
  • Add Registration logic for Pod Info Custom Resource Definition. by @prateek041 in #1369
  • Update the CRD schema version by @tpapagian in #1409
  • tetragon: Add missing selectors newBinVals setup by @olsajiri in #1405
  • Prepare for v0.11.0 release by @tpapagian in #1414

New Contributors

Full Changelog: v0.10.0...v0.11.0

Contributors

kkourt, tpapagian, and 15 other contributors
Assets 16
Loading