diff --git a/charts/falco/CHANGELOG.md b/charts/falco/CHANGELOG.md index 00a437fbe..8062ce339 100644 --- a/charts/falco/CHANGELOG.md +++ b/charts/falco/CHANGELOG.md @@ -2,6 +2,11 @@ This file documents all notable changes to Falco Helm Chart. The release numbering uses [semantic versioning](http://semver.org). +ยง + +## v4.11.2 + +* only prints env key if there are env values to be passed on `falcoctl.initContainer` and `falcoctl.sidecar` ## v4.11.1 @@ -12,6 +17,7 @@ numbering uses [semantic versioning](http://semver.org). * new(falco): add grafana dashboard for falco ## v4.10.0 + * Bump Falco to v0.39.1 ## v4.9.1 @@ -19,6 +25,7 @@ numbering uses [semantic versioning](http://semver.org). * feat(falco): add labels and annotations to the metrics service ## v4.9.0 + * Bump Falco to v0.39.0 * update(falco): add new configuration entries for Falco This commit adds new config keys introduces in Falco 0.39.0. @@ -28,11 +35,11 @@ numbering uses [semantic versioning](http://semver.org). This commit removes the "output" config key that has been deprecated in falco. * update(falco): mount proc filesystem for plugins - The following PR in libs https://github.com/falcosecurity/libs/pull/1969 + The following PR in libs introduces a new platform for plugins that requires access to the proc filesystem. * fix(falco): update broken link pointing to Falco docs - After the changes made by the following PR to the Falco docs https://github.com/falcosecurity/falco-website/pull/1362 + After the changes made by the following PR to the Falco docs this commit updates a broken link. ## v4.8.3 @@ -41,10 +48,10 @@ numbering uses [semantic versioning](http://semver.org). a new Falco configuration file and selects the appropriate engine kind based on the environment where Falco is deployed. - With this commit, along with falcoctl PR #630, the Helm charts now - support different driver kinds for Falco instances based on the + With this commit, along with falcoctl PR #630, the Helm charts now + support different driver kinds for Falco instances based on the specific node they are running on. When driver.kind=auto is set, - each Falco instance dynamically selects the most suitable + each Falco instance dynamically selects the most suitable driver (e.g., ebpf, kmod, modern_ebpf) for the node. +-------------------------------------------------------+ | Kubernetes Cluster | @@ -71,9 +78,9 @@ numbering uses [semantic versioning](http://semver.org). This commit ensures that we mount them in the falco container. Note that, the /sys/module/falco is now mounted as /sys/module since - we do not know which kind of driver will be used. The falco folder - exists under /sys/module only when the kernel module is loaded, - hence it's not possible to use the /sys/module/falco hostpath when driver.kind + we do not know which kind of driver will be used. The falco folder + exists under /sys/module only when the kernel module is loaded, + hence it's not possible to use the /sys/module/falco hostpath when driver.kind is set to auto. ## v4.8.1 @@ -96,8 +103,8 @@ numbering uses [semantic versioning](http://semver.org). * bump k8smeta plugin to version 0.2.0. The new version, resolves a bug that prevented the plugin from populating the k8smeta fields. For more info see: - * https://github.com/falcosecurity/plugins/issues/514 - * https://github.com/falcosecurity/plugins/pull/517 + * + * ## v4.6.3 @@ -141,7 +148,7 @@ numbering uses [semantic versioning](http://semver.org). ## v4.4.1 -* bump k8s-metacollector dependency version to v0.1.1. See: https://github.com/falcosecurity/k8s-metacollector/releases +* bump k8s-metacollector dependency version to v0.1.1. See: ## v4.3.1 @@ -172,6 +179,7 @@ numbering uses [semantic versioning](http://semver.org). * fix(falco/README): dead link ## v4.2.1 + * fix(falco/README): typos, formatting and broken links ## v4.2.0 @@ -179,6 +187,7 @@ numbering uses [semantic versioning](http://semver.org). * Bump falco to v0.37.1 and falcoctl to v0.7.2 ## v4.1.2 + * Fix links in output after falco install without sidekick ## v4.1.1 @@ -190,9 +199,10 @@ numbering uses [semantic versioning](http://semver.org). * Reintroduce the service account. ## v4.0.0 + The new chart introduces some breaking changes. For folks upgrading Falco please see the BREAKING-CHANGES.md file. -* Uniform driver names and configuration to the Falco one: https://github.com/falcosecurity/falco/pull/2413; +* Uniform driver names and configuration to the Falco one: ; * Fix usernames and groupnames resolution by mounting the `/etc` filesystem; * Drop old kubernetes collector related resources; * Introduce the new k8s-metacollector and k8smeta plugin (experimental); @@ -202,7 +212,7 @@ The new chart introduces some breaking changes. For folks upgrading Falco please ## v3.8.7 -* Upgrade falcosidekick chart to `v0.7.11`. +* Upgrade falcosidekick chart to `v0.7.11`. ## v3.8.6 @@ -214,7 +224,7 @@ The new chart introduces some breaking changes. For folks upgrading Falco please ## v3.8.4 -* Upgrade Falco to 0.36.2: https://github.com/falcosecurity/falco/releases/tag/0.36.2 +* Upgrade Falco to 0.36.2: ## v3.8.3 @@ -230,7 +240,7 @@ The new chart introduces some breaking changes. For folks upgrading Falco please ## v3.8.0 -* Upgrade Falco to 0.36.1: https://github.com/falcosecurity/falco/releases/tag/0.36.1 +* Upgrade Falco to 0.36.1: * Sync values.yaml with 0.36.1 falco.yaml config file. ## v3.7.1 @@ -239,9 +249,9 @@ The new chart introduces some breaking changes. For folks upgrading Falco please ## v3.7.0 -* Upgrade Falco to 0.36. https://github.com/falcosecurity/falco/releases/tag/0.36.0 +* Upgrade Falco to 0.36. * Sync values.yaml with upstream falco.yaml config file. -* Upgrade falcoctl to 0.6.2. For more info see the release notes: https://github.com/falcosecurity/falcoctl/releases/tag/v0.6.2 +* Upgrade falcoctl to 0.6.2. For more info see the release notes: ## v3.6.2 @@ -274,17 +284,20 @@ The new chart introduces some breaking changes. For folks upgrading Falco please * No changes made to the falco chart, only some fixes in the makefile ## v3.3.0 -* Upgrade Falco to 0.35.1. For more info see the release notes: https://github.com/falcosecurity/falco/releases/tag/0.35.1 -* Upgrade falcoctl to 0.5.1. For more info see the release notes: https://github.com/falcosecurity/falcoctl/releases/tag/v0.5.1 -* Introduce least privileged mode in modern ebpf. For more info see: https://falco.org/docs/event-sources/kernel/#least-privileged-mode-2 + +* Upgrade Falco to 0.35.1. For more info see the release notes: +* Upgrade falcoctl to 0.5.1. For more info see the release notes: +* Introduce least privileged mode in modern ebpf. For more info see: ## v3.2.1 + * Set falco.http_output.url to empty string in values.yaml file ## v3.2.0 -* Upgrade Falco to 0.35.0. For more info see the release notes: https://github.com/falcosecurity/falco/releases/tag/0.35.0 + +* Upgrade Falco to 0.35.0. For more info see the release notes: * Sync values.yaml with upstream falco.yaml config file. -* Upgrade falcoctl to 0.5.0. For more info see the release notes: https://github.com/falcosecurity/falcoctl/releases/tag/v0.5.0 +* Upgrade falcoctl to 0.5.0. For more info see the release notes: * The tag used to install and follow the falco rules is `1` * The tag used to install and follow the k8saudit rules is `0.6` @@ -305,12 +318,15 @@ The new chart introduces some breaking changes. For folks upgrading Falco please * Bump `falcosidekick` dependency to 0.6.1 ## v3.1.1 + * Update `k8saudit` section in README.md file. ## v3.1.0 + * Upgrade Falco to 0.34.1 ## v3.0.0 + * Drop support for falcosecuriy/falco image, only the init container approach is supported out of the box; * Simplify the driver-loader init container logic; * Support **falcoctl** tool in the chart: @@ -343,7 +359,7 @@ The new chart introduces some breaking changes. For folks upgrading Falco please * Support custom dictionaries when setting environment variables -Note: this is a breaking change. If you were passing _objects_ to `extra.env` or `driver.loader.initContainer.env` , you will need to update your values file to pass _lists_. +Note: this is a breaking change. If you were passing *objects* to `extra.env` or `driver.loader.initContainer.env` , you will need to update your values file to pass *lists*. ## v2.4.7 @@ -376,7 +392,7 @@ Note: this is a breaking change. If you were passing _objects_ to `extra.env` or ## v2.4.0 * Add support for Falco+gVisor -* Add new preset `values.yaml `file for gVisor-enabled GKE clusters +* Add new preset `values.yaml`file for gVisor-enabled GKE clusters ## v2.3.1 @@ -705,6 +721,7 @@ Remove whitespace around `falco.httpOutput.url` to fix the error `libcurl error: ## v1.7.6 * Correct icon URL + ## v1.7.5 * Update downstream sidekick chart @@ -766,7 +783,7 @@ Remove whitespace around `falco.httpOutput.url` to fix the error `libcurl error: ### Minor Changes -* Upgrade to Falco 0.26.2, `DRIVERS_REPO` now defaults to https://download.falco.org/?prefix=driver/ (see the [Falco changelog](https://github.com/falcosecurity/falco/blob/0.26.2/CHANGELOG.md)) +* Upgrade to Falco 0.26.2, `DRIVERS_REPO` now defaults to (see the [Falco changelog](https://github.com/falcosecurity/falco/blob/0.26.2/CHANGELOG.md)) ## v1.5.3 diff --git a/charts/falco/Chart.yaml b/charts/falco/Chart.yaml index e6670e399..49e6e17cd 100644 --- a/charts/falco/Chart.yaml +++ b/charts/falco/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: falco -version: 4.11.1 +version: 4.11.2 appVersion: "0.39.1" description: Falco keywords: diff --git a/charts/falco/README.md b/charts/falco/README.md index e1914d8e4..3dbf00d62 100644 --- a/charts/falco/README.md +++ b/charts/falco/README.md @@ -581,7 +581,7 @@ If you use a Proxy in your cluster, the requests between `Falco` and `Falcosidek ## Configuration -The following table lists the main configurable parameters of the falco chart v4.11.1 and their default values. See [values.yaml](./values.yaml) for full list. +The following table lists the main configurable parameters of the falco chart v4.11.2 and their default values. See [values.yaml](./values.yaml) for full list. ## Values