Releases: cilium/tetragon
Releases · cilium/tetragon
Release v0.8.3
What's Changed
- release-template: fix command formatting + add test.sh by @willfindlay in #428
- Add Override type in ActionSelector by @tpapagian in #424
- Vagrant on MacOS fix information by @dmitris in #339
- License: remove Isovalent add Apache by @xmulligan in #430
- Add Verbose Value To Cgroup Program Loader by @kevsecurity in #431
- Improved bpf unit testing by @kkourt in #415
- tetragon-tester: fix issues caused by image update by @kkourt in #432
- trace map create by @sarahfujimori in #413
- Fix parent reference counting in RetryInternal by @tpapagian in #411
- Docs: Remove Isovalent from installation tags by @xmulligan in #436
- tetragon: Warn on sensor bug can flood the logs make it debug by @jrfastab in #443
- Remove METADATA_IMAGE by @xmulligan in #442
- tetragon: Fix merged kprobe events by @olsajiri in #422
- tetragon: Update execve_map_stat value from procs reader by @olsajiri in #429
- Make unit-tests in pkg/grpc/exec/exec_test.go generic by @tpapagian in #304
- Add GetUrl and DnsRequest actions to probes by @kevsecurity in #433
- hubble-fgs: Fix verifier error on non-upstreeam, non-LTS kernels by @jrfastab in #445
- add InMap operator for filtering arguments, and improve eBPF unit testing for kprobes by @kkourt in #421
- build(deps): bump github/codeql-action from 2.1.24 to 2.1.25 by @dependabot in #434
- bpf: get caps and namespaces in tracepoints by @kkourt in #449
- generickprobes: add uint argument by @kkourt in #450
- observer: log opcode number instead of name by @willfindlay in #441
- tracing: trace capability checks performed by the kernel on X access by @tixxdz in #447
- chore: support ccls language server with compile_commands.json by @willfindlay in #454
- build(deps): bump github/codeql-action from 2.1.25 to 2.1.26 by @dependabot in #457
- codegen: implement UnwrapGetEventsResponse helper by @willfindlay in #435
- tetragon: Add support to build tetragon on arm by @olsajiri in #451
- tracing: fix multiple selectors support by @kkourt in #458
- add a perfring test example by @kkourt in #466
- Add README explaining source of these examples by @lizrice in #465
- tetragon: Separate execve sensor into taill called programs by @olsajiri in #456
- tetragon: Use separate execIDs for clone and subsequent exec events by @tpapagian in #459
- tetragon: Add support for kprobe multi interface by @olsajiri in #79
- version: Add --client flag by @michi-covalent in #470
- make: Add cli-release target by @michi-covalent in #469
- api: implement EventType.EventIsType and EventType.ResponseIsType by @willfindlay in #448
- metrics: add handler error metrics by @willfindlay in #453
- tests:perfring: allow to cancel context and close perfring buffer by @tixxdz in #473
- Define syscallNames for darwin by @michi-covalent in #483
- Build tetra CLI for linux arm64 and windows amd64/arm64 by @michi-covalent in #472
- release: Add a job to create a release draft by @michi-covalent in #485
- tetra: Implement getevents stdin mode by @michi-covalent in #481
- build(deps): bump actions/checkout from 3.0.2 to 3.1.0 by @dependabot in #460
- build(deps): bump library/golang from 1.18.3-alpine3.15 to 1.19.2-alpine3.15 by @dependabot in #461
- draft-github-release: Use "release" environment by @michi-covalent in #493
- docker: Set TETRAGON_VERSION build arg by @michi-covalent in #494
- build(deps): bump dorny/paths-filter from 2.10.2 to 2.11.1 by @dependabot in #495
- build(deps): bump fedora from 35 to 36 by @dependabot in #496
- Prepare for v0.8.3 release by @michi-covalent in #498
Full Changelog: v0.8.2...v0.8.3
Contributors
dmitris, kkourt, and 11 other contributors
Assets 14
v0.8.2
v0.8.2
This tag was signed with the committer’s verified signature.
willfindlay
William Findlay
What's Changed
- tetragon: Add bench application by @olsajiri in #261
- build(deps): bump github/codeql-action from 2.1.18 to 2.1.24 by @dependabot in #418
- Add an issue template for the release process by @michi-covalent in #425
- Prepare for v0.8.2 release by @willfindlay in #427
Full Changelog: v0.8.1...v0.8.2
Contributors
willfindlay, michi-covalent, and 2 other contributors
Assets 2
v0.8.1
What's Changed
- readme: fix minor issues in quickstart by @willfindlay in #20
- Use quay.io/cilium/hubble-export-stdout by @michi-covalent in #22
- workflow: add scripts to make local development with kind easier by @willfindlay in #21
- selectors: fix missing bounds check on int conversion by @willfindlay in #25
- encoder: Update TCP event format by @michi-covalent in #23
- Vagrantfile: install libcap-dev for Makefile by @dmitris in #28
- metrics: add a per-exec-id counter for missing parents by @willfindlay in #24
- DEVELOP.md: list requirements by @kkourt in #27
- codegen: clean up codegen package by @willfindlay in #30
- static-check: Run checkpatch.pl by @michi-covalent in #31
- Fixed README command example by @ekoops in #32
- doc: add first development guide by @tixxdz in #29
- README: Add GKE support by @michi-covalent in #34
- Added note for logging multiple tetragon pods by @MarwanNour in #38
- use CONTAINER_ENGINE variable instead of literal 'docker' by @dmitris in #42
- fix default DOCKER_DEV_ACCOUNT by @dmitris in #43
- kprobe/process: silence verbose warnings + add metrics by @willfindlay in #37
- Remove -static flag by @dmitris in #44
- improved fork handling by @kkourt in #35
- helm: make gRPC and metrics address/port configurable by @willfindlay in #41
- Add LICENSE by @dgkncelik in #48
- README: fix tetragon-cli installation instructions by @tklauser in #49
- Setup CI to build multi-arch images with arm64 support by @chancez in #50
- Revert "Setup CI to build multi-arch images with arm64 support" by @kkourt in #55
- metrics: split metrics into separate packages by @willfindlay in #51
- docs(README): add dark logo option by @raphink in #58
- remove last \ in gcloud container clusters create by @leewalter in #54
- Changed the download URL for tetragon-cli in README.md by @tnorlin in #52
- ci: move checkpatch to its own job and add some exceptions by @willfindlay in #61
- README updates by @tgraf in #62
- Abstract bpf_exit by @kevsecurity in #60
- metrics: export raw metric maps by @willfindlay in #65
- go.mod, vendor: switch back to upstream cilium/ebpf by @tklauser in #63
- .github: add dependabot configuration by @tklauser in #64
- README.md: Install using Helm chart from helm.cilium.io by @michi-covalent in #66
- chore: add CODEOWNERS by @willfindlay in #72
- build(deps): bump github.com/prometheus/client_golang from 1.11.0 to 1.12.2 by @dependabot in #70
- build(deps): bump docker/login-action from 1.10.0 to 2 by @dependabot in #69
- Fix for NotIn operator in matchCapabilities selector by @tpapagian in #77
- Fix for NotIn operator in matchCapabilityChanges selector by @tpapagian in #78
- vendor: Pick up cilium v1.9.16 by @michi-covalent in #83
- makefile: make LOCAL_CLANG=0 the default by @willfindlay in #81
- Add Additional Resources to README by @sharlns in #84
- build(deps): bump actions/download-artifact from 2.0.10 to 3 by @dependabot in #75
- build(deps): bump actions/checkout from 2 to 3.0.2 by @dependabot in #85
- vendor: upgrade yaml.v3 to v3.0.0 by @willfindlay in #86
- Format README: add missing
process_kprobeJSON event by @sharlns in #87 - build(deps): bump github.com/fatih/color from 1.7.0 to 1.13.0 by @dependabot in #76
- tests/eventchecker: code generate eventchecker library by @willfindlay in #80
- build(deps): bump github/codeql-action from 2.1.9 to 2.1.11 by @dependabot in #89
- checker fixes by @kkourt in #93
- testing fixes. by @kkourt in #94
- tetragon declutter sensors and decouple spec from core by @jrfastab in #88
- build(deps): bump golangci/golangci-lint-action from 2.5.2 to 3.2.0 by @dependabot in #98
- Fix runtime panic when config file is empty by @Furisto in #99
- tetragon: Remove extra Program and Map structs after split by @olsajiri in #100
- build(deps): bump google.golang.org/grpc from 1.44.0 to 1.46.2 by @dependabot in #97
- build(deps): bump actions/upload-artifact from 2 to 3.1.0 by @dependabot in #107
- bpf: use 'tetragon' as prefix for maps and progs on the bpffs by @tixxdz in #95
- build(deps): bump github.com/stretchr/testify from 1.7.0 to 1.7.1 by @dependabot in #106
- fix: (helm) service template now respects defined port and is only templated if prometheus is enabled by @rafaribe in #101
- codegen: remove invalid generics by @willfindlay in #112
- Update description of CRD parameters by @Furisto in #109
- test improvements, and avoiding retries in event tests by @kkourt in #103
- build(deps): bump docker/build-push-action from 2.5.0 to 3 by @dependabot in #115
- codegen: use new cilium-builder image by @rolinh in #111
- tests: split json checker out of observer by @willfindlay in #105
- tetragon: Pull Default loader out of observer by @jrfastab in #119
- tetragon: extract protobuf from the dns cache by @jrfastab in #120
- tetragon: Add event config map by @olsajiri in #53
- eventchecker: simplify yaml spec for eventchecker by @willfindlay in #123
- Fix typo by @Taction in #125
- Path resolution improvements by @tpapagian in #90
- add test for namespaces and fix bug on 5.4 and below by @willfindlay in #110
- fix(helm): Support command override in exporter container #118 by @mrtc0 in #121
- ci: various improvements by @willfindlay in #122
- build(deps): bump github/codeql-action from 2.1.11 to 2.1.12 by @dependabot in #117
- operator: fix tool name in log output by @tklauser in #128
- dockerignore: fixes + add doc comments by @willfindlay in #131
- build(deps): bump github.com/google/go-cmp from 0.5.6 to 0.5.8 by @dependabot in #114
- chore: remove accidentally checked in file by @willfindlay in #135
- checkpatch: ignore OPEN_ENDED_LINE and PREFER_KERNEL_TYPES by @willfindlay in #134
- build(deps): bump github.com/stretchr/testify from 1.7.1 to 1.7.2 by @dependabot in #132
- Don't truncate Ktime to milliseconds by @sharlns in #136
- codegen/helpers: fix name inference for oneof codegen by @willfindlay in #140
- pkg:option: include ReadDirConfig() and remove cilium pkg option import by @tixxdz in #96
- tetragon: Adding support to store full binary path and arguments by @olsajiri in #116
- contrib/localdev: improvements and bug fixes by @willfindlay in #130
- build(deps): bump github.com/spf13/cobra from 1.1.3 to 1.4.0 by @dependabot in #139
- tests/exec: bump longpath version check to 5.16 by @willfindlay in #149
- build(deps): bump google.golang.org/grpc from 1.46.2 to 1.47.0 by @dependabot in https://github....
Contributors
dmitris, kkourt, and 32 other contributors
Assets 2
Tetragon v0.8.0
Cilium developers are happy to contribute Tetragon, Cilium's new component
enabling powerful, eBPF-based Security Observability and Runtime
Enforcement.
Tetragon detects and is able to respond in real time to security-significant
events, such as
* Process execution events
* Changes to privileges and capabilities
* I/O activity including network & file access
When used in a Kubernetes environment, Tetragon is Kubernetes-aware - that
is, it understands Kubernetes identities such as namespaces, pods and
so-on - so that security event detection can be configured in relation
to individual workloads.
For more details and examples please see README.
Tetragon CLI
Merge pull request #2 from cilium/readme Initial readme