We’re pleased to announce the availability of Kubewarden 1.5.0!
This release brings the usual amount of small bug fixes, dependency updates, and a major security enhancement. Let’s take a closer look!
Policy evaluation timeout
The Kubewarden team is constantly working to improve the security posture of the project. As part of these efforts, we’re excited to introduce the new “policy evaluation timeout” feature.
Starting from this release, Policy Server will interrupt the evaluation of admission requests after a certain amount of time has elapsed. This security feature, which is enabled by default, prevents a Policy Server from running out of computing resources because one or more of its policy evaluations are stuck in infinite loops. This mitigates a type of Denial Of Service (DOS) attacks against the Policy Server.
Take a look at the Kubewarden documentation to get more information about this new feature.
Changes to kwctl
kwctl now imports the trusted certificate authorities from from the host system. Thus,
kwctl interactions with registries secured by certificates issued by 3rd party certificate authorities becomes simpler.
Note, it’s still possible to fine tune the certificates to be used via the
Changes to Kubewarden controller
The validation of
AdmissionPolicy custom resources has been extended. The new validation checks are able to prevent the creation of resources that do not have any
We would like to thank our wonderful community for this contribution.
Furthermore, the changelog of the main Kubewarden components (policy-server, kubewarden-controller and kwctl) are now being generated using the release-drafter project.
Starting from this release, the
Changelog file is no longer available inside of the root of these git projects, rather it has been made available under the release section of the individual repositories.
Go, grab it!
We are eager to know what you think about Kubewarden and this release.
Reach out to us over our slack channel or join one of our monthly community meetings to know more.