chore(deps): Bump github.com/kyverno/kyverno from 1.11.0-beta.4 to 1.11.0-rc.2

[dependabot]

Bumps github.com/kyverno/kyverno from 1.11.0-beta.4 to 1.11.0-rc.2.

Release notes

Sourced from github.com/kyverno/kyverno's releases.

v1.11.0-rc.2

No release notes provided.

v1.11.0-rc.1

No release notes provided.

Changelog

Sourced from github.com/kyverno/kyverno's changelog.

v1.11.0

v1.11.0-rc.1

Note

• Added --tufRoot and --tufMirror flags to configure tuf for custom sigstore deployments.
• Remove description from deprecated fields in CRDs
• Remove CLI kyverno test manifest ... commands (replaced by kyverno create ...).
• Added --caSecretName and --tlsSecretName flags to control names of certificate related secrets.
• Added match conditions support in kyverno config map.
• Deprecated flag --imageSignatureRepository. Will be removed in 1.12. Use per rule configuration verifyImages.Repository instead.
• Added --aggregateReports flag for reports controller to enable/disable aggregated reports (default value is true).
• Added --policyReports flag for reports controller to enable/disable policy reports (default value is true).
• Renamed CLI flag --compact to --detailed-results (and changed default value from true to false).
• Changed the default value of --enablePolicyException from false to true.

v1.10.0

v1.10.0-rc.1

Note

• Removed GenerateRequest CRD.
• Refactored kyverno chart, migration instructions are available in chart README.md.
• Image references in the json context are not mutated to canonical form anymore, do not assume a registry domain is always present.
• Added support for configuring webhook annotations in the config map through webhookAnnotations stanza.
• Added excludeRoles and excludeClusterRoles support in configuration.
• Added new flag skipResourceFilters to reports controller to enable/disable considering resource filters in the background (default value is true)
• Removed hardcoded defaults for excludeGroups and excludeUsernames. They are always read from the config map.

v1.9.0-rc.1

Note

• Flag backgroundScanInterval was added to force background scans at regular intervals (default value is 1h).
• Flag splitPolicyReport was removed, was unused and marked for removal in 1.9.
• Webhook is no longer updated to match pods/ephemeralcontainers when policy only specifies pods. If users want to match on pods/ephemeralcontainers, they must specify pods/ephemeralcontainers in the policy.
• Webhook is no longer updated to match services/status when policy only specifies services. If users want to match on services/status, they must specify services/status in the policy.
• Flag autogenInternals was removed, policy mutation has been removed.
• Flag leaderElectionRetryPeriod was added to control leader election renewal frequency (default value is 2s).
• Support upper case Audit and Enforce in .spec.validationFailureAction of the Kyverno policy, failure actions audit and enforce are deprecated and will be removed in v1.11.0.
• Flag profileAddress was added to configure address of profiling server (default value is "").

v1.8.1-rc3

Note

• A new flag backgroundScanWorkers to configure the number of background scan workers (default value is 2).

... (truncated)

Commits

• 6be88f3 release v1.11.0-rc.2 (#8643)
• a4e47ef bump Go 1.21.3 (#8638)
• 4ba2724 chore(deps): bump golang.org/x/net from 0.15.0 to 0.17.0 (#8626) (#8636)
• 762f939 release v1.11.0-rc.1 (#8634)
• 783b27d chore: bump cleanup policies to v2beta1 (#8621) (#8632)
• 26b99ce feat: move crds to a subchart (#8623) (#8630)
• 63b2376 fix: allow dropping metrics, labels and configuring histogram bucket boundari...
• 6594e11 feat: move grafana dashboard to a subchart (#8619) (#8620)
• 52f1452 Revert "chore: bump cleanup policies to v2beta1 (#8594)" (#8609) (#8610)
• da29e02 chore: bump cleanup policies to v2beta1 (#8594) (#8607)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)