v4.1.0
NCTL 4.1.0 Release Notes
v4.1.5
New features
Top-level Label
- Introduced a top-level label in scan reports to identify whether the report ID was autogenerated or user-provided.
Updates and Bug Fixes
- Added a label for remediation docs in non-K8s reports.
- Fixed policy UID to match for non-K8s resources in reports and policies sent to NCH.
- Fixed violation messages for non-K8s scan results.
- Upgraded Kyverno version to 1.12.5.
Note: v4.1.3 and v4.1.4 are faulty versions. It is advisable to use v4.1.5 for work.
v4.1.2
Bug Fixes
- Fixed CVE with the update of Golang version 1.22.4.
v4.1.1
Updates and Bug Fixes
- Removed the
--cluster-nameflag from thescan kubernetescommand. - Fixed inconsistency within the
scan helmcommand. - Fixed incorrect usage of the explicit
values.yamlfile for a Helm chart.
v4.1.0
This release comes with new features, updates, and bug fixes.
New Features
nctl scan helm
Added support for scanning both public and private Helm charts.
nctl scan aws ecs
Introduced a new command to scan AWS ECS resources. Refer to the scan command for more details.
nctl transform
This command helps to convert resource files into their JSON equivalent. This is useful when writing Kyverno JSON policies that need JSON input payloads.
Updates and Bug Fixes
- Supported the
--publishflag for all types of scan commands to publish reports to NCH. - Fixed status
403 error codein thescan kubernetes --clustercommand. - Fixed the
add clustercommand when the user provides custom configuration. - Added the
--audit-as-warnflag for all types of scan commands so that the command does not exit with a non-zero status. This is useful in CI pipelines to only flag the violation and not fail the pipeline itself.