Kube Linter Versions Save

KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhere to best practices.

v0.6.8

2 months ago

What's Changed

🚀 Features

🧰 Maintenance

Other Changes

New Contributors

Full Changelog: https://github.com/stackrox/kube-linter/compare/v0.6.7...v0.6.8

v0.6.7

3 months ago

Changes

  • bug: broken reading from stdin (-) @janisz (#704)
  • feat: support go1.21 @chenrui333 (#696)

⬆️ Dependencies

  • build(deps): bump the k8s-io group with 2 updates @dependabot (#698)
  • build(deps): bump github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring from 0.71.0 to 0.71.1 @dependabot (#700)
  • build(deps): bump helm.sh/helm/v3 from 3.13.3 to 3.14.0 @dependabot (#699)
  • build(deps): bump actions/cache from 3 to 4 @dependabot (#697)

Full Changelog: https://github.com/stackrox/kube-linter/compare/v0.6.6...0.6.7

v0.6.6

3 months ago

Changes

  • group dependabot k8s updates @janisz (#686)

✔️ New checks

  • Create new check for liveness port @charlesoconor (#661)

🚀 Features

  • Extend liveness-port logic for two new checks around startup and readiness @charlesoconor (#689)

🐛 Bug Fixes

  • Fix: pdb-min-available when Replica number is controlled via HPA @jpedrobf (#688)
  • feat: ignore templates in Chart dependencies based on ignore paths @Trojan295 (#667)
  • Docs: Fixed broken template links, fixed script versions @gaurav-nelson (#662)

⬆️ Dependencies

28 changes
  • Bump github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring from 0.70.0 to 0.71.0 @dependabot (#693)
  • Bump docker/metadata-action from 5.4.0 to 5.5.0 @dependabot (#690)
  • Bump k8s.io/client-go from 0.28.4 to 0.29.0 @dependabot (#685)
  • Bump actions/download-artifact from 3 to 4 @dependabot (#682)
  • Bump github.com/spf13/viper from 1.18.1 to 1.18.2 @dependabot (#683)
  • Bump helm.sh/helm/v3 from 3.13.2 to 3.13.3 @dependabot (#684)
  • Bump docker/metadata-action from 5.3.0 to 5.4.0 @dependabot (#680)
  • Bump github.com/containerd/containerd from 1.7.6 to 1.7.11 @dependabot (#679)
  • Bump golang.org/x/crypto from 0.16.0 to 0.17.0 @dependabot (#678)
  • Bump github/codeql-action from 2 to 3 @dependabot (#676)
  • Bump sigstore/cosign-installer from 3.2.0 to 3.3.0 @dependabot (#677)
  • Bump github.com/cert-manager/cert-manager from 1.13.2 to 1.13.3 @dependabot (#675)
  • Bump github.com/spf13/viper from 1.18.0 to 1.18.1 @dependabot (#674)
  • Bump actions/setup-go from 4 to 5 @dependabot (#672)
  • Bump docker/metadata-action from 5.0.0 to 5.3.0 @dependabot (#673)
  • Bump github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring from 0.69.1 to 0.70.0 @dependabot (#671)
  • Bump github.com/spf13/viper from 1.17.0 to 1.18.0 @dependabot (#670)
  • Bump k8s.io/cli-runtime from 0.28.3 to 0.28.4 @dependabot (#666)
  • Bump k8s.io/client-go from 0.28.3 to 0.28.4 @dependabot (#665)
  • Bump k8s.io/api from 0.28.3 to 0.28.4 @dependabot (#664)
  • Bump docker/build-push-action from 5.0.0 to 5.1.0 @dependabot (#663)
  • Bump helm.sh/helm/v3 from 3.13.1 to 3.13.2 @dependabot (#660)
  • Bump github.com/golangci/golangci-lint from 1.55.1 to 1.55.2 @dependabot (#659)
  • Bump github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring from 0.69.0 to 0.69.1 @dependabot (#658)
  • Bump sigstore/cosign-installer from 3.1.2 to 3.2.0 @dependabot (#657)
  • Bump github.com/spf13/cobra from 1.7.0 to 1.8.0 @dependabot (#655)
  • Bump github.com/fatih/color from 1.15.0 to 1.16.0 @dependabot (#656)
  • Bump github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring from 0.68.0 to 0.69.0 @dependabot (#654)

Full Changelog: https://github.com/stackrox/kube-linter/compare/v0.6.5...0.6.6

v0.6.5

6 months ago

Changes

  • updated pre commit hook docker image version @PedroSilva9 (#595)

✔️ New checks

  • Add OpenShift SecurityContextConstraints object linting @mancubus77 (#650)
  • Dangling servicemonitor check @abrad3 (#547)

🐛 Bug Fixes

  • [Docs] make text match example for custom required-annotation @afirth (#614)
  • Fix get tag @janisz (#568)

⬆️ Dependencies

60 changes
  • Bump github.com/cert-manager/cert-manager from 1.13.1 to 1.13.2 @dependabot (#653)
  • Bump github.com/docker/docker from 24.0.6+incompatible to 24.0.7+incompatible @dependabot (#652)
  • Bump google.golang.org/grpc from 1.58.2 to 1.58.3 @dependabot (#648)
  • Bump github.com/golangci/golangci-lint from 1.54.0 to 1.55.1 @dependabot (#646)
  • Bump github.com/bmatcuk/doublestar/v4 from 4.6.0 to 4.6.1 @dependabot (#647)
  • Bump k8s.io/cli-runtime from 0.28.2 to 0.28.3 @dependabot (#645)
  • Bump helm.sh/helm/v3 from 3.13.0 to 3.13.1 @dependabot (#643)
  • Bump docker/login-action from 2.2.0 to 3.0.0 @dependabot (#640)
  • Bump golang.org/x/net from 0.15.0 to 0.17.0 @dependabot (#641)
  • Bump github.com/spf13/viper from 1.16.0 to 1.17.0 @dependabot (#639)
  • Bump github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring from 0.65.1 to 0.68.0 @dependabot (#638)
  • Bump github.com/owenrumney/go-sarif/v2 from 2.2.2 to 2.3.0 @dependabot (#636)
  • Bump docker/build-push-action from 4.1.1 to 5.0.0 @dependabot (#626)
  • Bump docker/setup-buildx-action from 2.10.0 to 3.0.0 @dependabot (#627)
  • Bump docker/metadata-action from 4.6.0 to 5.0.0 @dependabot (#628)
  • Bump helm.sh/helm/v3 from 3.12.3 to 3.13.0 @dependabot (#635)
  • Bump k8s.io/cli-runtime from 0.28.1 to 0.28.2 @dependabot (#632)
  • Bump github.com/cert-manager/cert-manager from 1.13.0 to 1.13.1 @dependabot (#634)
  • Bump k8s.io/client-go from 0.28.1 to 0.28.2 @dependabot (#633)
  • Bump k8s.io/api from 0.28.1 to 0.28.2 @dependabot (#631)
  • Bump k8s.io/apimachinery from 0.28.1 to 0.28.2 @dependabot (#630)
  • Bump github.com/owenrumney/go-sarif/v2 from 2.2.0 to 2.2.2 @dependabot (#629)
  • Bump github.com/cert-manager/cert-manager from 1.12.4 to 1.13.0 @dependabot (#625)
  • Bump github.com/cyphar/filepath-securejoin from 0.2.3 to 0.2.4 @dependabot (#624)
  • Bump actions/checkout from 3 to 4 @dependabot (#622)
  • Bump sigstore/cosign-installer from 3.1.1 to 3.1.2 @dependabot (#623)
  • Bump github.com/cert-manager/cert-manager from 1.12.3 to 1.12.4 @dependabot (#620)
  • Bump k8s.io/cli-runtime from 0.28.0 to 0.28.1 @dependabot (#621)
  • Bump docker/setup-buildx-action from 2.9.1 to 2.10.0 @dependabot (#619)
  • Bump k8s.io/client-go from 0.28.0 to 0.28.1 @dependabot (#617)
  • Bump k8s.io/cli-runtime from 0.27.4 to 0.28.0 @dependabot (#615)
  • Bump helm.sh/helm/v3 from 3.12.2 to 3.12.3 @dependabot (#612)
  • Bump github.com/golangci/golangci-lint from 1.53.3 to 1.54.0 @dependabot (#610)
  • Bump github.com/cert-manager/cert-manager from 1.12.2 to 1.12.3 @dependabot (#607)
  • Bump k8s.io/cli-runtime from 0.27.3 to 0.27.4 @dependabot (#602)
  • Bump k8s.io/client-go from 0.27.3 to 0.27.4 @dependabot (#604)
  • Bump github.com/docker/docker from 23.0.1+incompatible to 23.0.3+incompatible @dependabot (#601)
  • Bump helm.sh/helm/v3 from 3.12.1 to 3.12.2 @dependabot (#600)
  • Bump docker/setup-buildx-action from 2.8.0 to 2.9.1 @dependabot (#597)
  • Bump github.com/golangci/golangci-lint from 1.53.2 to 1.53.3 @dependabot (#594)
  • Bump docker/setup-buildx-action from 2.7.0 to 2.8.0 @dependabot (#593)
  • Bump sigstore/cosign-installer from 3.0.5 to 3.1.1 @dependabot (#592)
  • Bump k8s.io/cli-runtime from 0.27.2 to 0.27.3 @dependabot (#589)
  • Bump github.com/cert-manager/cert-manager from 1.12.1 to 1.12.2 @dependabot (#590)
  • Bump helm.sh/helm/v3 from 3.12.0 to 3.12.1 @dependabot (#588)
  • Bump docker/build-push-action from 4.0.0 to 4.1.1 @dependabot (#585)
  • Bump docker/metadata-action from 4.5.0 to 4.6.0 @dependabot (#587)
  • Bump docker/setup-buildx-action from 2.6.0 to 2.7.0 @dependabot (#586)
  • Bump docker/metadata-action from 4.4.0 to 4.5.0 @dependabot (#582)
  • Bump github.com/spf13/viper from 1.15.0 to 1.16.0 @dependabot (#583)
  • Bump github.com/golangci/golangci-lint from 1.52.2 to 1.53.2 @dependabot (#584)
  • Bump docker/setup-buildx-action from 2.5.0 to 2.6.0 @dependabot (#580)
  • Bump docker/login-action from 2.1.0 to 2.2.0 @dependabot (#581)
  • Bump k8s.io/cli-runtime from 0.27.1 to 0.27.2 @dependabot (#577)
  • Bump github.com/cert-manager/cert-manager from 1.11.2 to 1.12.1 @dependabot (#578)
  • Bump github.com/stretchr/testify from 1.8.3 to 1.8.4 @dependabot (#579)
  • Bump github.com/stretchr/testify from 1.8.2 to 1.8.3 @dependabot (#571)
  • Bump k8s.io/client-go from 0.27.1 to 0.27.2 @dependabot (#572)
  • Bump sigstore/cosign-installer from 3.0.4 to 3.0.5 @dependabot (#570)
  • Bump github.com/owenrumney/go-sarif/v2 from 2.1.3 to 2.2.0 @dependabot (#567)

Full Changelog: https://github.com/stackrox/kube-linter/compare/v0.6.4...0.6.5

v0.6.4

11 months ago

Changes

🚀 Features

  • pdbminavailable check - update label matching @tremes (#554)

🐛 Bug Fixes

  • fix/linting for percentage based values @bmiguel-teixeira (#546)

🧰 Maintenance

  • Add new checks section in release @janisz (#561)
  • Update Docker pre-commit-hook to 0.6.3 image @m3adow (#553)

⬆️ Dependencies

12 changes
  • Bump helm.sh/helm/v3 from 3.11.3 to 3.12.0 @dependabot (#563)
  • Bump github.com/cert-manager/cert-manager from 1.11.1 to 1.11.2 @dependabot (#564)
  • Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible @dependabot (#565)
  • Bump k8s.io/cli-runtime from 0.27.0 to 0.27.1 @dependabot (#557)
  • Bump k8s.io/api from 0.27.0 to 0.27.1 @dependabot (#558)
  • Bump sigstore/cosign-installer from 3.0.2 to 3.0.3 @dependabot (#556)
  • Bump helm.sh/helm/v3 from 3.11.2 to 3.11.3 @dependabot (#550)
  • Bump k8s.io/apimachinery from 0.27.0 to 0.27.1 @dependabot (#551)
  • Bump github.com/cert-manager/cert-manager from 1.11.0 to 1.11.1 @dependabot (#552)
  • Bump docker/metadata-action from 4.3.0 to 4.4.0 @dependabot (#549)
  • Bump sigstore/cosign-installer from 3.0.1 to 3.0.2 @dependabot (#541)
  • Bump k8s.io/cli-runtime from 0.26.3 to 0.27.0 @dependabot (#542)

Full Changelog: https://github.com/stackrox/kube-linter/compare/v0.6.3...0.6.4

v0.6.3

1 year ago

Changes

  • No changes

This release is only for GOPROXY to refresh as it's not handling retagging.

# curl -s https://goproxy.io/golang.stackrox.io/kube-linter/@v/v0.6.2.info | jq
{
  "Version": "v0.6.2",
  "Time": "2023-04-11T12:19:47Z"
}
# curl -s https://proxy.golang.org/golang.stackrox.io/kube-linter/@v/v0.6.2.info | jq
{
  "Version": "v0.6.2",
  "Time": "2023-03-16T11:05:44Z",
  "Origin": {
    "VCS": "git",
    "URL": "https://github.com/stackrox/kube-linter",
    "Ref": "refs/tags/v0.6.2",
    "Hash": "00778f9f8704281e307019629b9b14295cb81a62"
  }
}
# curl -s https://goproxy.cn/golang.stackrox.io/kube-linter/@v/v0.6.2.info | jq
{
  "Version": "v0.6.2",
  "Time": "2023-03-16T11:05:44Z"
}

v0.6.2

1 year ago

Changes

  • Create check to ensure PDB have MaxUnavailable and MinAvailable set effectively @fahlmant (#507)

🐛 Bug Fixes

  • Use commit version instead of tag for openshift/api @janisz (#536)
  • Improve privilage escalation remediation message @janisz (#534)
  • Fix go install for newer golangs @SuperSandro2000 (#535)
  • Fix ignore-paths @janisz (#515)

🧰 Maintenance

  • Use commit version instead of tag for openshift/api @janisz (#536)

⬆️ Dependencies

7 changes
  • Bump github.com/spf13/cobra from 1.6.1 to 1.7.0 @dependabot (#531)
  • Bump github.com/docker/docker from 20.10.21+incompatible to 20.10.24+incompatible @dependabot (#530)
  • Bump github.com/golangci/golangci-lint from 1.51.2 to 1.52.2 @dependabot (#528)
  • Bump k8s.io/cli-runtime from 0.26.2 to 0.26.3 @dependabot (#526)
  • Bump k8s.io/api from 0.26.2 to 0.26.3 @dependabot (#523)
  • Bump github.com/owenrumney/go-sarif/v2 from 2.1.2 to 2.1.3 @dependabot (#524)
  • Bump k8s.io/apimachinery from 0.26.2 to 0.26.3 @dependabot (#522)

Full Changelog: https://github.com/stackrox/kube-linter/compare/v0.6.1...0.6.2

v0.6.1

1 year ago

Changes

  • cosign skip prompt for sing blob @janisz (#521)
  • Auto merge dependabot PRs @janisz (#508)
  • fix: add v prefix to release-drafter's tag template @czeslavo (#497)
  • Specify usage of annotations @mil7 (#491)
  • Update link in README @janisz (#486)
  • fix: pre-commit-hooks and docs @Kl0ven (#475)

🐛 Bug Fixes

  • cosign skip confirmation prompts for non-destructive operations @janisz (#514)

⬆️ Dependencies

22 changes
  • Bump actions/setup-go from 3 to 4 @dependabot (#517)
  • Bump github.com/fatih/color from 1.14.1 to 1.15.0 @dependabot (#519)
  • Bump helm.sh/helm/v3 from 3.11.1 to 3.11.2 @dependabot (#518)
  • Bump docker/setup-buildx-action from 2.4.1 to 2.5.0 @dependabot (#516)
  • Bump sigstore/cosign-installer from 3.0.0 to 3.0.1 @dependabot (#509)
  • Bump k8s.io/cli-runtime from 0.26.1 to 0.26.2 @dependabot (#510)
  • Bump github.com/stretchr/testify from 1.8.1 to 1.8.2 @dependabot (#501)
  • Bump sigstore/cosign-installer from 2.8.1 to 3.0.0 @dependabot (#502)
  • Bump k8s.io/client-go from 0.26.1 to 0.26.2 @dependabot (#503)
  • Bump k8s.io/api from 0.26.1 to 0.26.2 @dependabot (#504)
  • Bump github.com/golangci/golangci-lint from 1.51.1 to 1.51.2 @dependabot (#499)
  • bump golang.org/x/net from 0.5.0 to 0.7.0 @dependabot (#496)
  • Bump github.com/containerd/containerd from 1.6.15 to 1.6.18 @dependabot (#492)
  • Bump helm.sh/helm/v3 from 3.11.0 to 3.11.1 @dependabot (#490)
  • Bump github.com/golangci/golangci-lint from 1.50.1 to 1.51.1 @dependabot (#489)
  • Bump docker/build-push-action from 3.3.0 to 4.0.0 @dependabot (#482)
  • Bump k8s.io/cli-runtime from 0.26.0 to 0.26.1 @dependabot (#480)
  • Bump github.com/fatih/color from 1.13.0 to 1.14.1 @dependabot (#481)
  • Bump docker/setup-buildx-action from 2.2.1 to 2.4.0 @dependabot (#483)
  • Bump github.com/spf13/viper from 1.14.0 to 1.15.0 @dependabot (#484)
  • Bump k8s.io/client-go from 0.26.0 to 0.26.1 @dependabot (#477)
  • Bump k8s.io/api from 0.26.0 to 0.26.1 @dependabot (#479)

Full Changelog: https://github.com/stackrox/kube-linter/compare/0.6.0...0.6.1

0.6.0

1 year ago

Changes

  • Add ignore paths @titanlien (#460)
  • Add check for duplicate name env var @charlesoconor (#461)
  • Allow ignoring specific labels in dangling service selector check @heckler1 (#465)

⬆️ Dependencies

8 changes
  • Bump docker/metadata-action from 4.2.0 to 4.3.0 @dependabot (#472)
  • Bump docker/build-push-action from 3.2.0 to 3.3.0 @dependabot (#473)
  • Bump github.com/bmatcuk/doublestar/v4 from 4.0.3 to 4.6.0 @dependabot (#469)
  • Bump docker/metadata-action from 4.1.1 to 4.2.0 @dependabot (#468)
  • Bump github.com/cert-manager/cert-manager from 1.10.1 to 1.11.0 @dependabot (#470)
  • Bump k8s.io/cli-runtime from 0.25.4 to 0.26.0 @dependabot (#463)
  • Bump k8s.io/client-go from 0.25.4 to 0.26.0 @dependabot (#464)
  • Bump helm.sh/helm/v3 from 3.10.2 to 3.10.3 @dependabot (#462)

Full Changelog: https://github.com/stackrox/kube-linter/compare/0.5.1...0.5.2

0.5.1

1 year ago

Changes

  • Fix issue #431 @juandspy (#439)

⬆️ Dependencies

27 changes
  • Bump github.com/Masterminds/sprig/v3 from 3.2.2 to 3.2.3 @dependabot (#458)
  • Bump github.com/cert-manager/cert-manager from 1.10.0 to 1.10.1 @dependabot (#453)
  • Bump k8s.io/cli-runtime from 0.25.3 to 0.25.4 @dependabot (#454)
  • Bump helm.sh/helm/v3 from 3.10.1 to 3.10.2 @dependabot (#450)
  • Bump k8s.io/client-go from 0.25.3 to 0.25.4 @dependabot (#448)
  • Bump github.com/spf13/viper from 1.13.0 to 1.14.0 @dependabot (#447)
  • Bump github.com/golangci/golangci-lint from 1.50.0 to 1.50.1 @dependabot (#446)
  • Bump github.com/cert-manager/cert-manager from 1.9.1 to 1.10.0 @dependabot (#442)
  • Bump github.com/spf13/cobra from 1.6.0 to 1.6.1 @dependabot (#443)
  • Bump github.com/stretchr/testify from 1.8.0 to 1.8.1 @dependabot (#444)
  • Bump k8s.io/cli-runtime from 0.25.2 to 0.25.3 @dependabot (#434)
  • Bump docker/metadata-action from 4.1.0 to 4.1.1 @dependabot (#435)
  • Bump docker/setup-buildx-action from 2.1.0 to 2.2.1 @dependabot (#436)
  • Bump sigstore/cosign-installer from 2.8.0 to 2.8.1 @dependabot (#437)
  • Bump helm.sh/helm/v3 from 3.10.0 to 3.10.1 @dependabot (#432)
  • Bump docker/login-action from 2.0.0 to 2.1.0 @dependabot (#429)
  • Bump sigstore/cosign-installer from 2.7.0 to 2.8.0 @dependabot (#430)
  • Bump github.com/spf13/cobra from 1.5.0 to 1.6.0 @dependabot (#424)
  • Bump docker/setup-buildx-action from 2.0.0 to 2.1.0 @dependabot (#425)
  • Bump docker/metadata-action from 4.0.1 to 4.1.0 @dependabot (#426)
  • Bump docker/build-push-action from 3.1.1 to 3.2.0 @dependabot (#427)
  • Bump github.com/golangci/golangci-lint from 1.49.0 to 1.50.0 @dependabot (#422)
  • Bump golang.org/x/net @tspearconquest (#419)
  • Bump sigstore/cosign-installer from 2.6.0 to 2.7.0 @dependabot (#417)
  • Bump k8s.io/cli-runtime from 0.25.0 to 0.25.2 @dependabot (#416)
  • Bump helm.sh/helm/v3 from 3.9.4 to 3.10.0 @dependabot (#412)
  • Bump k8s.io/api from 0.25.0 to 0.25.1 @dependabot (#411)

Full Changelog: https://github.com/stackrox/kube-linter/compare/0.5.0...0.5.1