v0.6.0

This release focuses on enhancing performance when multiple sources are specified under ClusterAdmissionPolicy.spec.sources. Previously, these sources were retrieved from Kubernetes with each admission request, which impacted performance on large and complex clusters.

To address this, we've introduced the SourcesController. This controller watches and accumulates user-requested sources in the background, maintaining them as a pool of resources. Other controllers can now use this as a single source of truth, improving performance by reducing the number of requests made to Kubernetes.

Changes:

• Created SourcesController: Maintains watchers for each requested source type, defined as {group}/{version}/{resource}/{namespace}/{name}.
• Modified ClusterAdmissionPolicy Controller: Now calls sources.SyncWatchers at the end of each reconcile cycle.
• Updated AdmissionController: Adjusted to retrieve sources from the SourcesController.
• Changed Operator Entry Point: Updated to launch the SourcesController on startup.
• Added Configurable Options: Introduced flags for configuring the SourcesController's options.
• Updated Documentation: Added information about the new flags in the README.

Out-of-scope:

• Added Proper License Headers: Ensured all code files have the correct license headers.
• Decoupled ValidatingWebhookConfiguration Creation: Separated the creation of the ValidatingWebhookConfiguration object from the SyncAdmissionPool() logic.
• Renamed XYZ Controller: Changed the name of the XYZ controller to AdmissionController for clarity.

This release is dedicated to @jaimeph who is always taking care of potential performance issues ❤️

Contributors:
@achetronic

admitik-helm-chart-0.6.0

A Helm chart for Admitik, an admission controller for Kubernetes that allow resources entrance if conditions are met (realtime)

v0.5.0

Highligths:

• Flag --webhook-client-timeout added: This allows to set webhooks timeout in seconds. Default value is the same as Kubernetes. Increase it as needed but be careful with the amount

Contributors:
@achetronic

admitik-helm-chart-0.5.0

A Helm chart for Admitik, an admission controller for Kubernetes that allow resources entrance if conditions are met (realtime)

v0.4.0

Highligths:

• Emit different Kubernetes events for Rejected and AllowedWithViolations conditions

• failureAction in configuration has changed: Audit mode is renamed to Permissive mode to transmit the idea better: Conditions are evaluated in the same way, but the controller is permissive and allow the objects entrance. The object is reported as if it were rejected.

Contributors:
@achetronic

v0.3.2

Fixes:

• Throw a log for each object under review: This will help on debugging sessions

Contributors:
@achetronic

v0.3.1

Fixes:

• Upgrade CRDs on Helm chart to match v0.3.0 CRDs

Contributors:
@achetronic

admitik-helm-chart-0.4.0

A Helm chart for Admitik, an admission controller for Kubernetes that allow resources entrance if conditions are met (realtime)

admitik-helm-chart-0.3.2

A Helm chart for Admitik, an admission controller for Kubernetes that allow resources entrance if conditions are met (realtime)

admitik-helm-chart-0.3.1

A Helm chart for Admitik, an admission controller for Kubernetes that allow resources entrance if conditions are met (realtime)