Releases
v4.0.0
Features
add tracing to gator test, verify (open-policy-agent#2364 ) #2364 (alex )
add --image flag in gator test|expand (open-policy-agent#2398 ) #2398 (davis-haba )
log constraint annotations (open-policy-agent#2464 ) #2464 (alex )
helm : extra annotations for postInstall/postUpgrade jobs (open-policy-agent#2468 ) #2468 (Mathieu Parent )
allow for log-level to be independently configured (open-policy-agent#2389 ) #2389 (congiv )
Allow writing logs to custom file (open-policy-agent#2473 ) #2473 (Max Smythe )
More verbose logging for audit (open-policy-agent#2503 ) #2503 (Max Smythe )
helm : Add a network policy for the controller manager (open-policy-agent#2514 ) #2514 (Kyle Michel )
enforce kind on admission review (open-policy-agent#2512 ) #2512 (alex )
add the errorlint check for golangci-lint (open-policy-agent#2519 ) #2519 (Fish-pro )
implement AssignImage mutator (open-policy-agent#2429 ) #2429 (Davis Haba )
introduce gci
to unify the order of package import (open-policy-agent#2545 ) #2545 (Fish-pro )
add unconvert check for golang-lint (open-policy-agent#2554 ) #2554 (Fish-pro )
Emit events in the involved objects namespace (open-policy-agent#2360 ) #2360 (Craig Trought )
add support for exempt namespace suffix (open-policy-agent#2636 ) #2636 (Janusz Marcinkiewicz )
implement expansion template pod status (open-policy-agent#2598 ) #2598 (Davis Haba )
stats in webhook, audit & gator (open-policy-agent#2686 ) #2979 ,#2686 (alex )
recursive expansion (open-policy-agent#2679 ) #2979 ,#2679 (Davis Haba )
add webhookURL helm option (open-policy-agent#2722 ) #2979 ,#2722 (Navid )
activate stats when flag is on in audit, webhook (open-policy-agent#2749 ) #2979 ,#2749 (alex )
add gvk aggregator (open-policy-agent#2733 ) #2979 ,#2733 (alex )
Sync annotation unmarshaling in gator (open-policy-agent#2734 ) #2979 ,#2734 (Anlan Du )
Adding pubsub interface (open-policy-agent#2538 ) #2979 ,#2538 (Jaydipkumar Arvindbhai Gabani )
add syncset crd (open-policy-agent#2775 ) #2979 ,#2775 (alex )
log details on log denies (open-policy-agent#2813 ) #2979 ,#2813 (alex )
Support adding priority class to Jobs (open-policy-agent#2822 ) #2979 ,#2822 (Grace Do )
Upgrade to k8s v1.27.2; controller-runtime v0.15.0; add VAP prototype (open-policy-agent#2819 ) #2979 ,#2819 (Max Smythe )
Graduate ExpansionTemplate CRD to beta (open-policy-agent#2857 ) #2979 ,#2857 (Davis Haba )
implements external data response cache (open-policy-agent#2823 ) #2979 ,#2823 (Nilekh Chaudhari )
disables provider response cache when TTL is set to 0 (open-policy-agent#3028 ) (open-policy-agent#3033 ) #3033 (Nilekh Chaudhari )
Bug Fixes
Documentation
add expansion and warn to demo (open-policy-agent#2368 ) #2368 (Rita Zhang )
clairfy g8r requires user for tracing (open-policy-agent#2358 ) #2358 (alex )
adding doc to enable apiserver authentication in versioned docs (open-policy-agent#2378 ) #2378 (Jaydipkumar Arvindbhai Gabani )
rename policy library on website (open-policy-agent#2414 ) #2414 (Rita Zhang )
add library and new features to website (open-policy-agent#2417 ) #2417 (Sertaç Özercan )
gator: add addmission review doc (open-policy-agent#2388 ) #2388 (alex )
clarify supported k8s versions (open-policy-agent#2475 ) #2475 (Sertaç Özercan )
audit-from-cache uses the informer cache instead of opa cache (open-policy-agent#2479 ) #2479 (Rita Zhang )
generate 3.11 docs (open-policy-agent#2501 ) #2501 (Sertaç Özercan )
fix syntax errors (open-policy-agent#2513 ) #2513 (Nico Wang )
Fix typo in website docs (open-policy-agent#2528 ) #2528 (triangularcover )
fix example code snippet for docs (open-policy-agent#2539 ) #2539 (triangularcover )
fix expansion yaml example (open-policy-agent#2551 ) #2551 (Sertaç Özercan )
update k8s.gcr.io to registry.k8s.io (open-policy-agent#2588 ) #2588 (Rita Zhang )
Add background information on mutation (open-policy-agent#2387 ) #2387 (Max Smythe )
Add mutation background to 3.11 (open-policy-agent#2590 ) #2590 (Max Smythe )
helm : Fix helm chart documentation for setting audit and webhook selectors and affinity (open-policy-agent#2617 ) #2617 (Max Falk )
update applyTo description to mention AssignImage (open-policy-agent#2648 ) #2648 (Davis Haba )
add sbom and provenance (open-policy-agent#2665 ) #2665 (Sertaç Özercan )
Add sync resource proposal to design docs (open-policy-agent#2674 ) #2674 (Anlan Du )
Fix typo (open-policy-agent#2669 ) #2669 (Matthias Teich )
Add External Data Response Cache design doc and reorg links based on … (open-policy-agent#2724 ) #2979 ,#2724 (Rita Zhang )
add landing page to website (open-policy-agent#2677 ) #2979 ,#2677 (Xander Grzywinski )
add assignImage mutation demo (open-policy-agent#2694 ) #2979 ,#2694 (Rita Zhang )
Fix meeting link in website bottom bar (open-policy-agent#2736 ) #2979 ,#2736 (Max Smythe )
remove old redirect for website (open-policy-agent#2729 ) #2979 ,#2729 (Xander Grzywinski )
expansion docs rewrite (open-policy-agent#2707 ) #2979 ,#2707 (alex )
fix link to policy library on website (open-policy-agent#2738 ) #2979 ,#2738 (Xander Grzywinski )
Adding pubsub design to docs (open-policy-agent#2732 ) #2979 ,#2732 (Jaydipkumar Arvindbhai Gabani )
add docs about stats (open-policy-agent#2776 ) #2979 ,#2776 (alex )
Gator syncset doc (open-policy-agent#2833 ) #2979 ,#2833 (Anlan Du )
fix link coloring issue in dark mode (open-policy-agent#2867 ) #2979 ,#2867 (Rajeesh C V )
adding doc for benchmarking (open-policy-agent#2866 ) #2979 ,#2866 (Jaydipkumar Arvindbhai Gabani )
update all design doc links to new drive locations (open-policy-agent#2791 ) #2979 ,#2791 (Xander Grzywinski )
Fix typo in ExpansionTemplate (open-policy-agent#2884 ) #2979 ,#2884 (Calle Pettersson )
Code Refactoring
Tests
Continuous Integration
Chores
Authenticating api server against webhook (open-policy-agent#2359 ) #2359 (Jaydipkumar Arvindbhai Gabani )
bump github/codeql-action from 2.1.29 to 2.1.30 (open-policy-agent#2383 ) #2383 (dependabot[bot] )
bump github.com/prometheus/client_golang from 1.13.0 to 1.13.1 (open-policy-agent#2384 ) #2384 (dependabot[bot] )
adding a tag to indicate dry run requests in valication request count metric (open-policy-agent#2379 ) #2379 (Jaydipkumar Arvindbhai Gabani )
bump loader-utils from 2.0.2 to 2.0.3 in /website (open-policy-agent#2392 ) #2392 (dependabot[bot] )
bump github/codeql-action from 2.1.30 to 2.1.31 (open-policy-agent#2391 ) #2391 (dependabot[bot] )
bump k8s.io/client-go from 0.24.7 to 0.24.8 (open-policy-agent#2405 ) #2405 (dependabot[bot] )
bump github/codeql-action from 2.1.31 to 2.1.32 (open-policy-agent#2409 ) #2409 (dependabot[bot] )
bump loader-utils from 2.0.3 to 2.0.4 in /website (open-policy-agent#2411 ) #2411 (dependabot[bot] )
bump stefanprodan/helm-gh-pages from 1.6.0 to 1.7.0 (open-policy-agent#2412 ) #2412 (dependabot[bot] )
bump github/codeql-action from 2.1.32 to 2.1.33 (open-policy-agent#2415 ) #2415 (dependabot[bot] )
Verify CN name as part of client cert check while authenticating api server (open-policy-agent#2396 ) #2396 (Jaydipkumar Arvindbhai Gabani )
helmify : Add icon to Chart.yaml (open-policy-agent#2419 ) #2419 (Manuel Rüger )
bump github/codeql-action from 2.1.33 to 2.1.35 (open-policy-agent#2424 ) #2424 (dependabot[bot] )
upgrade CF to 1c9ce4f and fix gator tests (open-policy-agent#2436 ) #2436 (alex )
promote gator to beta for v3.11.0 (open-policy-agent#2437 ) #2437 (alex )
bump github/codeql-action from 2.1.35 to 2.1.36 (open-policy-agent#2444 ) #2444 (dependabot[bot] )
adds Google Analytics (open-policy-agent#2439 ) #2439 (Nilekh Chaudhari )
bump k8s.io/client-go from 0.24.8 to 0.24.9 (open-policy-agent#2449 ) #2449 (dependabot[bot] )
bump actions/checkout from 3.1.0 to 3.2.0 (open-policy-agent#2456 ) #2456 (dependabot[bot] )
bump externaldata v1beta1 api (open-policy-agent#2438 ) #2438 (Sertaç Özercan )
bump github/codeql-action from 2.1.36 to 2.1.37 (open-policy-agent#2463 ) #2463 (dependabot[bot] )
use errors.Is to check for a specific error (open-policy-agent#2483 ) #2483 (Fish-pro )
bump oras.land/oras-go from 1.2.1 to 1.2.2 (open-policy-agent#2480 ) #2480 (dependabot[bot] )
bump json5 from 2.2.1 to 2.2.3 in /website (open-policy-agent#2494 ) #2494 (dependabot[bot] )
Prepare v3.12.0-beta.0 release (open-policy-agent#2493 ) #2493 (github-actions[bot] )
modify all error contrast judgments by errors (open-policy-agent#2491 ) #2491 (Fish-pro )
bump actions/checkout from 3.2.0 to 3.3.0 (open-policy-agent#2499 ) #2499 (dependabot[bot] )
bump peaceiris/actions-gh-pages from 3.9.0 to 3.9.1 (open-policy-agent#2500 ) #2500 (dependabot[bot] )
bump github/codeql-action from 2.1.37 to 2.1.38 (open-policy-agent#2517 ) #2517 (dependabot[bot] )
bump peaceiris/actions-gh-pages from 3.9.1 to 3.9.2 (open-policy-agent#2521 ) #2521 (dependabot[bot] )
bump github/codeql-action from 2.1.38 to 2.1.39 (open-policy-agent#2525 ) #2525 (dependabot[bot] )
update docs (open-policy-agent#2526 ) #2526 (Shawn Warren )
bump k8s.io/client-go from 0.24.9 to 0.24.10 (open-policy-agent#2533 ) #2533 (dependabot[bot] )
Upgrade to k8s v0.26.1 and controller-runtime fork (open-policy-agent#2530 ) #2530 (Max Smythe )
bump github.com/onsi/gomega from 1.24.1 to 1.24.2 (open-policy-agent#2536 ) #2536 (dependabot[bot] )
bump ua-parser-js from 0.7.31 to 0.7.33 in /website (open-policy-agent#2535 ) #2535 (dependabot[bot] )
bump github/codeql-action from 2.1.39 to 2.2.1 (open-policy-agent#2543 ) #2543 (dependabot[bot] )
bump @docusaurus/core from 2.1.0 to 2.3.0 in /website (open-policy-agent#2547 ) #2547 (dependabot[bot] )
bump @docusaurus/preset-classic from 2.1.0 to 2.3.0 in /website (open-policy-agent#2546 ) #2546 (dependabot[bot] )
the linter structcheck
varcheck
and deadcode
are deprecated (since v1.49.0) (open-policy-agent#2550 ) #2550 (Fish-pro )
modify the typecheck as prompted (open-policy-agent#2553 ) #2553 (Fish-pro )
bump github/codeql-action from 2.2.1 to 2.2.4 (open-policy-agent#2581 ) #2581 (dependabot[bot] )
bump @docusaurus/core from 2.3.0 to 2.3.1 in /website (open-policy-agent#2566 ) #2566 (dependabot[bot] )
bump http-cache-semantics from 4.1.0 to 4.1.1 in /website (open-policy-agent#2565 ) #2565 (dependabot[bot] )
bump @docusaurus/preset-classic from 2.3.0 to 2.3.1 in /website (open-policy-agent#2567 ) #2567 (dependabot[bot] )
bump sigs.k8s.io/controller-runtime from 0.14.1 to 0.14.4 (open-policy-agent#2568 ) #2568 (dependabot[bot] )
clean up repeated package import (open-policy-agent#2579 ) #2579 (Fish-pro )
bump github.com/containerd/containerd from 1.6.12 to 1.6.18 (open-policy-agent#2586 ) #2586 (dependabot[bot] )
bump golang.org/x/net from 0.4.0 to 0.7.0 (open-policy-agent#2594 ) #2594 (dependabot[bot] )
bump github.com/stretchr/testify from 1.8.1 to 1.8.2 (open-policy-agent#2604 ) #2604 (dependabot[bot] )
bump dns-packet from 5.3.1 to 5.4.0 in /website (open-policy-agent#2610 ) #2610 (dependabot[bot] )
bump github/codeql-action from 2.2.4 to 2.2.5 (open-policy-agent#2603 ) #2603 (dependabot[bot] )
update frameworks to 89ae90 (open-policy-agent#2611 ) #2611 (Sertaç Özercan )
bump k8s.io/apiextensions-apiserver from 0.26.1 to 0.26.2 (open-policy-agent#2615 ) #2615 (dependabot[bot] )
Upgrade CF for multi-engine (open-policy-agent#2616 ) #2616 (Max Smythe )
bump github/codeql-action from 2.2.5 to 2.2.6 (open-policy-agent#2619 ) #2619 (dependabot[bot] )
bump @sideway/formula from 3.0.0 to 3.0.1 in /website (open-policy-agent#2621 ) #2621 (dependabot[bot] )
bump github.com/onsi/gomega from 1.27.2 to 1.27.4 (open-policy-agent#2623 ) #2623 (dependabot[bot] )
bump kubectl (open-policy-agent#2624 ) #2624 (Rita Zhang )
bump go.uber.org/automaxprocs from 1.5.1 to 1.5.2 (open-policy-agent#2627 ) #2627 (dependabot[bot] )
bump k8s.io/apiextensions-apiserver from 0.26.2 to 0.26.3 (open-policy-agent#2630 ) #2630 (dependabot[bot] )
bump actions/setup-go from 3 to 4 (open-policy-agent#2625 ) #2625 (dependabot[bot] )
bump github/codeql-action from 2.2.6 to 2.2.8 (open-policy-agent#2637 ) #2637 (dependabot[bot] )
bump @docusaurus/core from 2.3.1 to 2.4.0 in /website (open-policy-agent#2640 ) #2640 (dependabot[bot] )
bump @docusaurus/preset-classic from 2.3.1 to 2.4.0 in /website (open-policy-agent#2639 ) #2639 (dependabot[bot] )
bump github.com/onsi/gomega from 1.27.4 to 1.27.5 (open-policy-agent#2644 ) #2644 (dependabot[bot] )
bump github/codeql-action from 2.2.8 to 2.2.9 (open-policy-agent#2651 ) #2651 (dependabot[bot] )
bump peaceiris/actions-gh-pages from 3.9.2 to 3.9.3 (open-policy-agent#2664 ) #2664 (dependabot[bot] )
bump webpack from 5.73.0 to 5.76.3 in /website (open-policy-agent#2652 ) #2652 (dependabot[bot] )
bump sigs.k8s.io/controller-runtime from 0.14.5 to 0.14.6 (open-policy-agent#2673 ) #2673 (dependabot[bot] )
bump github.com/onsi/gomega from 1.27.5 to 1.27.6 (open-policy-agent#2671 ) #2671 (dependabot[bot] )
bump github.com/go-logr/logr from 1.2.3 to 1.2.4 (open-policy-agent#2672 ) #2672 (dependabot[bot] )
bump peter-evans/create-or-update-comment from 2 to 3 (open-policy-agent#2680 ) #2680 (dependabot[bot] )
bump github/codeql-action from 2.2.9 to 2.2.11 (open-policy-agent#2689 ) #2689 (dependabot[bot] )
bump peter-evans/create-pull-request from 4 to 5 (open-policy-agent#2681 ) #2681 (dependabot[bot] )
bump github.com/docker/docker from 20.10.21+incompatible to 20.10.24+incompatible (open-policy-agent#2676 ) #2676 (dependabot[bot] )
upgrade CF for stats (open-policy-agent#2698 ) #2698 (alex )
Prepare v3.13.0-beta.0 release (open-policy-agent#2701 ) #2701 (github-actions[bot] )
bump k8s.io/apiextensions-apiserver from 0.26.3 to 0.26.4 (open-policy-agent#2704 ) #2704 (dependabot[bot] )
bump github/codeql-action from 2.2.11 to 2.2.12 (open-policy-agent#2700 ) #2700 (dependabot[bot] )
bump github/codeql-action from 2.2.12 to 2.3.0 (open-policy-agent#2714 ) #2979 ,#2714 (dependabot[bot] )
configure retries in pre-upgrade hook job (helm) (open-policy-agent#2710 ) #2979 ,#2710 (Anish Ramasekar )
add k8s 1.27 to tests (open-policy-agent#2692 ) #2979 ,#2692 (Sertaç Özercan )
bump github/codeql-action from 2.3.0 to 2.3.2 (open-policy-agent#2728 ) #2979 ,#2728 (dependabot[bot] )
bump github.com/onsi/ginkgo/v2 from 2.9.2 to 2.9.4 (open-policy-agent#2745 ) #2979 ,#2745 (dependabot[bot] )
bump github/codeql-action from 2.3.2 to 2.3.3 (open-policy-agent#2741 ) #2979 ,#2741 (dependabot[bot] )
Replace ghodss/yaml with sigs.k8s.io/yaml (open-policy-agent#2697 ) #2979 ,#2697 (Manuel Rüger )
update go module with /v3 (open-policy-agent#2742 ) #2979 ,#2742 (Sertaç Özercan )
bump actions/checkout from 3.3.0 to 3.5.2 (open-policy-agent#2764 ) #2979 ,#2764 (dependabot[bot] )
bump actions/setup-go from 4.0.0 to 4.0.1 (open-policy-agent#2763 ) #2979 ,#2763 (dependabot[bot] )
bump codecov/codecov-action from 3.1.3 to 3.1.4 (open-policy-agent#2766 ) #2979 ,#2766 (dependabot[bot] )
bump actions/dependency-review-action from 2.5.1 to 3.0.4 (open-policy-agent#2765 ) #2979 ,#2765 (dependabot[bot] )
bump golang from 595c9af
to 2dc5c56
in /build/tooling (open-policy-agent#2761 ) #2979 ,#2761 (dependabot[bot] )
bump peter-evans/create-or-update-comment from 3.0.0 to 3.0.1 (open-policy-agent#2762 ) #2979 ,#2762 (dependabot[bot] )
bump ossf/scorecard-action from 2.0.6 to 2.1.3 (open-policy-agent#2770 ) #2979 ,#2770 (dependabot[bot] )
bump golang from 595c9af
to 2dc5c56
in /test/image (open-policy-agent#2760 ) #2979 ,#2760 (dependabot[bot] )
bump step-security/harden-runner from 2.3.1 to 2.4.0 (open-policy-agent#2771 ) #2979 ,#2771 (dependabot[bot] )
bump github/codeql-action from 2.3.1 to 2.3.3 (open-policy-agent#2772 ) #2979 ,#2772 (dependabot[bot] )
migrate to dl.k8s.io storage (open-policy-agent#2759 ) #2979 ,#2759 (Sertaç Özercan )
bump peter-evans/create-pull-request from 5.0.0 to 5.0.1 (open-policy-agent#2773 ) #2979 ,#2773 (dependabot[bot] )
bump github.com/onsi/ginkgo/v2 from 2.9.4 to 2.9.5 (open-policy-agent#2769 ) #2979 ,#2769 (dependabot[bot] )
bump golang from 2dc5c56
to 918857f
in /build/tooling (open-policy-agent#2804 ) #2979 ,#2804 (dependabot[bot] )
bump golang from 2dc5c56
to 918857f
in /test/image (open-policy-agent#2803 ) #2979 ,#2803 (dependabot[bot] )
Prepare v3.13.0-beta.1 release (open-policy-agent#2806 ) #2979 ,#2806 (github-actions[bot] )
upgrade cf to have the defaults injection (open-policy-agent#2811 ) #2979 ,#2811 (alex )
pkg imported more than once (open-policy-agent#2851 ) #2979 ,#2851 (guangwu )
bump golang from 918857f
to 419bc89
in /test/image (open-policy-agent#2830 ) #2979 ,#2830 (dependabot[bot] )
bump golang from 918857f
to 419bc89
in /build/tooling (open-policy-agent#2831 ) #2979 ,#2831 (dependabot[bot] )
add ability to choose deployment strategy for controller-manager (open-policy-agent#2777 ) #2979 ,#2777 (Patrik Chadima )
bump golang from a3598b9
to d9f7519
in /test/image (open-policy-agent#2868 ) #2979 ,#2868 (dependabot[bot] )
bump golang from a3598b9
to d9f7519
in /build/tooling (open-policy-agent#2869 ) #2979 ,#2869 (dependabot[bot] )
update cert-controller (open-policy-agent#2876 ) #2979 ,#2876 (alex )
bump golang from d9f7519
to 851af0a
in /test/image (open-policy-agent#2882 ) #2979 ,#2882 (dependabot[bot] )
bump golang from d9f7519
to 851af0a
in /build/tooling (open-policy-agent#2880 ) #2979 ,#2880 (dependabot[bot] )
bump github/codeql-action from 2.3.3 to 2.20.4 (open-policy-agent#2883 ) #2979 ,#2883 (dependabot[bot] )
bump github.com/stretchr/testify from 1.8.2 to 1.8.4 (open-policy-agent#2815 ) #2979 ,#2815 (dependabot[bot] )
bump github.com/go-logr/zapr from 1.2.3 to 1.2.4 (open-policy-agent#2756 ) #2979 ,#2756 (dependabot[bot] )
bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible (open-policy-agent#2752 ) #2979 ,#2752 (dependabot[bot] )
bump actions/dependency-review-action from 3.0.4 to 3.0.6 (open-policy-agent#2809 ) #2979 ,#2809 (dependabot[bot] )
bump actions/checkout from 3.3.0 to 3.5.3 (open-policy-agent#2828 ) #2979 ,#2828 (dependabot[bot] )
Prepare v3.13.0-rc.1 release (open-policy-agent#2901 ) #2901 (github-actions[bot] )
Prepare v3.13.0 release (open-policy-agent#2934 ) #2934 (github-actions[bot] )
Prepare v3.13.1 release (open-policy-agent#3035 ) #3035 (github-actions[bot] )
Commits
You can’t perform that action at this time.