v0.3.0

Changelog

a046ac8 Create config.yml directing to Discussions
b923b54 Delete in favour of link to Discussions
ee035da Delete in favour of link to Discussions
050bc75 chore(Makefile): Generate a fatal error when KUBECONFIG env is not set (#137)
b2ed495 chore: Add target in Makefile to run unit and integration tests (#135)
72fa8a8 chore: Setup CodeQL (#110)
24ac098 chore: Tune CodeQL (#114)
d673b0d chore: Tune CodeQL config (#113)
99fee29 chore: Update CodeQL config (#112)
9b3c9e4 chore: Upgrade kube-bench to v0.3.1 (#133)
44210b1 chore: Upgrade polaris to 1.1.0 (#86)
32f8b1b feat: Add app.kubernetes.io/managed-by=starboard label to objects created by Starboard (#121)
ecbef61 feat: Add subcommand to generate audit reports in HTML format (#92)
5a7c523 feat: Create or update CISKubeBenchReports (#116)
f807c83 feat: Create or update vulnerability reports (#96)
e1ea05a feat: Define additional printer columns for vulnerability report (#122)
193c18b feat: Define additional printer colums for vulnerabilities resource (#97)
2e28ff8 feat: Enable starboard to check for http and https prefixes for server from dockerconfig secret (#90)
c10aa5a feat: Run Polaris scanner for the specified workload (#118)
a0ad1ad feat: Schedule kube-bench jobs on all nodes (#91)
d2882c5 feat: Set ownerReference for vulnerabilities resource (#129)
6169a02 fix: Find vulnerabilities in workloads running images from private DockerHub repositories (#139)
822d467 fix: Redirect errors to stderr (#93)
e5963e5 fix: Set TRIVY_USERNAME and TRIVY_PASSWORD environment variables to consume secret keys (#141)
3b5cc5a fix: Wait for the starboard namespace termination in the cleanup command (#138)
4aa0d52 refactor: Common methods (#143)

v0.2.6

Changelog

025678d feat(api): Add method for getting vulnerability reports by the specified workload (#80)
8042eac feat: Define resource request and limits on scan jobs (#79)
d43faef feat: Delete the starboard namespace on issuing cleanup command (#82)
92c23ca fix(trivy): Set Registry and Artifact properties in the VulnerabilityReport (#85)
f87b354 fix: Add check for empty server lines in docker config (#77)
980af79 refactor: Define interface for async Trivy scanner (#74)

v0.2.5

Changelog

6761c67 chore: Automate krew plugin updates with krew-release-bot (#72)
97d9b98 fix: Indentation in krew manifest so we can merge it automatically
898d422 refactor: Introduce kube.Object as more generic representation of kube.Workload (#71)

v0.2.2

Changelog

8474833 chore: Update GoReleaser Action config (#68)
7a157d6 feat: Use templates for usage examples (#57)
a0f1654 fix(ScannerCLI): kube-bench and kube-hunter do not respect --delete-scan-job flag (#67)
45a88c3 fix(trivy): Parse output of scanning scratch images (#66)
e145659 fix: Get error message from failing scan job (#60)
e0c30b3 fix: Remove rbac subcommand until it is fully implemented (#62)

v0.2.1

Changelog

02c0c55 feat: Allow specifying timeout for scan jobs (#53)

v0.2.0

Changelog

f5e2ad3 chore: Bump up client-go to v0.19.0-alpha.3 (#46)

v0.1.2

Changelog

55fad33 fix: Pin Trivy to v0.8.0 (#44)

v0.1.1

Changelog

ea2794c fix: Load all known client-go auth plugins (#41)

v0.1.0

Changelog

fec324e Remove contents that are in blog (#34)
04bea13 chore: Skip GitHub Actions builds on docs updates (#38)

v0.0.1-alpha.5

Changelog

8dd2c97 feat(init): Init Polaris (#27)
8d2b8f0 feat: Add subcommand to fetch vulnerability reports (#28)
b8c9dca fix(vulns): Cannot get Pod spec for Jobs (#25)
e7093a7 refactor: Remove GeneratedAt filed from scan reports (#13)
74fe9b4 refactor: Rename starboard.workload.* labels to starboard.resource.* (#15)
b8eb057 refactor: Run scanners in the starboard namespace (#14)