v4.1.0

NCTL 4.1.0 Release Notes

v4.1.5

New features

Top-level Label

  • Introduced a top-level label in scan reports to identify if the report id was autogenerated or user provided.

Updates and Bug Fixes

  • Added label for remediation docs in non k8s reports.
  • Fix policy uid to match for non k8s resources in report and policy sent to NPM.
  • Fix violation message for non k8s scan results.
  • Upgrade Kyverno version to 1.12.5.

Note: v4.1.3 and v4.1.4 are faulty versions. It is advisable to use v4.1.5 for work.

v4.1.2

Bug Fixes

  • Fixes CVE with the update of Golang version 1.22.4.

v4.1.1

Updates and Bug Fixes

  • Remove --cluster-name flag from scan kubernetes command.
  • Fix inconsistency within the scan helm command.
  • Fix incorrect usage of explicit values.yaml file for a helm chart.

v4.1.0

This release comes with new features, updates and bug fixes.

New Features

nctl scan helm

Added support for scanning both public and private Helm charts.

nctl scan aws ecs

Introduced a new command to scan AWS ECS resources. Refer to the scan command for more details.

nctl transform

This command helps to convert resource files into its JSON equivalent. This is useful when writing kyverno-json policies that need JSON input payload.

Updates and Bug Fixes

  • Support --publish flag to all types of scan commands to publish reports to NPM.
  • Fix status 403 error code in scan kubernetes --cluster command.
  • Fix add cluster command when user provides custom configuration.
  • Add --audit-as-warn flag for all types of scan commands so that the command does not exit with a non-zero status. This is useful in CI pipelines to only flag the violation and not fail the pipeline itself.