v0.21.0
⚡️ Release notes and discussion: https://github.com/aquasecurity/tracee/discussions/4147 ⚡️
Docker Image
docker pull docker.io/aquasec/tracee:0.21.0
Docker Images (per architecture)
docker pull docker.io/aquasec/tracee:x86_64-0.21.0
docker pull docker.io/aquasec/tracee:aarch64-0.21.0
What's Changed
- fix: e2e-net-tests should use unified binary by @josedonizetti in #3842
- Docs: fixed the typo by @Tej-Singh-Rana in #3859
- GitHub actions chore by @geyslan in #3864
- chore: remove gob printer by @josedonizetti in #3841
- feat: allow webhook configuration via helm values by @ndegory in #3832
- grpc: add direction to packet metadata by @josedonizetti in #3861
- grpc: update packet metadata by @josedonizetti in #3862
- chore: bump opa to 0.61.0 by @josedonizetti in #3868
- Use EXECUTION_TYPE label for github self host runner by @sharon-amir in #3875
- fix(tests): unattended upgrades still running sometimes by @geyslan in #3877
- fix(docs): kubectl configmap command by @geyslan in #3880
- fix: bump opa to v0.61.0 by @josedonizetti in #3887
- chore: add labels for grpc and api by @josedonizetti in #3890
- fix(ebpf): fix hidden_kernel_module not found symbol by @OriGlassman in #3834
- fix: improve performance of magic_write event by @yanivagman in #3899
- fix(derive): keep symbols_collision state between events by @AlonZivony in #3894
- helm: config go template only if passed by @josedonizetti in #3884
- ebpf: don't send magic_write with zero bytes by @yanivagman in #3901
- fix(events): fix ftrace_hook by @OriGlassman in #3896
- chore: change github run id format by @geyslan in #3902
- fix(tests): e2e-install-deps.sh wait for unlock by @geyslan in #3910
- Fix proc info lru by @yanivagman in #3918
- chore: use map instead of stack to store task_info by @yanivagman in #3920
- Improve bpf policies config access by @geyslan in #3906
- Change inotify_watch event to security_path_notify by @oshaked1 in #3913
- chore(deps): bump github.com/docker/docker from 24.0.7+incompatible to 24.0.9+incompatible by @dependabot in #3925
- Concurrency issue at analyze by @rscampos in #3907
- Optimize init program by @yanivagman in #3923
- refactor: move to the new pyroscope package by @06kellyjac in #3927
- fix: make check-pr compliant with different shells by @geyslan in #3929
- chore: ensure unattended-upgrades killing by @geyslan in #3934
- chore!: remove gob support from tracee-rules by @geyslan in #3939
- fix(filters): handle syscall arg by @geyslan in #3893
- fix: preallocate ids for signatures upon load by @AlonZivony in #3941
- chore(deps): bump google.golang.org/protobuf to v1.33.0 by @hangrymuppet in #3946
- fix: security_socket_connect wrong fd by @yanivagman in #3951
- Invert Policies inner maps key pair by @geyslan in #3955
- Opa bump by @geyslan in #3957
- chore: set xtrace on e2e-install-deps.sh script by @geyslan in #3958
- Add
ArgVal
signature helper by @oshaked1 in #3954 - chore(policy): add policiesMapByName to Policies by @geyslan in #3956
- Dependencies tree manager by @AlonZivony in #3931
- chore: various co-re fixes by @yanivagman in #3952
- fix(dependencies): allow multiple removes of same event by @AlonZivony in #3961
- fix: add missing nodeSelector and tolerations to tracee-operator by @ndegory in #3944
- Add Iterator generic interface, debut it in Policies by @geyslan in #3963
- Run x86_64 & aarch64 builds in parallel by @hangrymuppet in #3962
- chore(ci): run x86_64 & aarch64 builds in parallel by @geyslan in #3968
- chore: make Cloner generic by @geyslan in #3966
- fix: capture io by @yanivagman in #3972
- chore: remove OPT_PROCESS_INFO by @yanivagman in #3975
- fix: update vagrant file to download kubectl by @rscampos in #3977
- chore(ci): bump actions versions by @geyslan in #3969
- Fix Policies Cloning by @geyslan in #3971
- Add timestamp docker tag for dev image by @hangrymuppet in #3959
- chore(ci): labeler v5.0.0 is inconsistent by @geyslan in #3978
- Libbpfgo bump by @geyslan in #3970
- fix: show argv on failed execve events by @yanivagman in #3922
- fix(analyze): bind flags with viper by @AlonZivony in #3981
- fix: wrong print_mem_dump errors about args filter by @AlonZivony in #3895
- Fix helm install option webhook by @rscampos in #3984
- fix(ebpf): use debug error level instead of error by @geyslan in #3985
- refactor: Improve API used by ebpf programs by @yanivagman in #3982
- fix: vagrantfile url for opa download by @rscampos in #3990
- chore(deps): bump golang.org/x/net from 0.17.0 to 0.23.0 in /api by @dependabot in #3991
- chore(deps): bump golang.org/x/net from 0.22.0 to 0.23.0 by @dependabot in #3992
- fix(ebpf): check if engineOutput is closed by @geyslan in #3994
- chore: refactor equality computation by @geyslan in #3997
- Chore at large by @geyslan in #3979
- Wait for apt locks by @geyslan in #4000
- Rename context filters to scope filters by @yanivagman in #3995
- Helm webhook custom templates by @ndegory in #3942
- fix: proper fragment delimiters in webhook URL by @ndegory in #3943
- fix event definitions api by @josedonizetti in #4004
- grpc: update definitions api by @josedonizetti in #4006
- chore(k8s): prepare v0.21.0 release by @geyslan in #4007
- [v0.21.0] fix(events): fix process_execute_failed missing symbol for new kernels by @geyslan in #4011
- fix(events): hidden_kernel_module - change history scan behaviour by @OriGlassman in #4020
- feat(proctree): control procfs query by config by @AlonZivony in #4022
- [v0.21.0] capture: fixes and tests by @NDStrahilevitz in #4023
- [v0.21.0] fix: network event context by @NDStrahilevitz in #4029
- fix(ebpf): use kprobes for execute_finished by @AlonZivony in #4030
- fix: avoid logging warnings for non-ELF so loading by @AlonZivony in #4037
- v0.21.0:chore(events): decrease SO loader error log level to debug by @AlonZivony in #4041
- fix: remove invalid "format" event from docs by @yanivagman in #4042
- 0.21.0/fix(tests): fix goroutines leakage in integration tests by @AlonZivony in #4052
- [v0.21.0] Revert "chore(k8s): prepare v0.21.0 release (#4007)" by @geyslan in #4055
- chore(helm): rename helm field config file (#4018) by @geyslan in #4057
- 0.21.0/fix(proctree): limit tree memory usage and reduce it by @AlonZivony in #4065
- [v0.21.0] fix(build): static build might require zstd lib by @geyslan in #4070
- [v0.21.0] fix: select cgroup mountpoint with the smallest inode number by @yanivagman in #4077
- [v0.21.0]Refactor: Optimize GetCgroupPath() memory utilization by @yanivagman in #4083
- [backport v0.21.0] Integrate libbpfgo helpers by @yanivagman in #4094
- 0.21.0/fix(changelog): size enforcement corrupted cache by @AlonZivony in #4079
- [v0.21.0] feature: add enum EventId to event definition (#4085) by @rscampos in #4101
- [v0.21.0] feat(events): create global event id enum by @rscampos in #4102
- [backport 0.21.0] Fix ksymbols mem consumption backport by @yanivagman in #4100
- [backport v0.21.0] feat(events): remove throttle timer in hidden_kernel_module by @OriGlassman in #4109
- [v0.21.0] chore(api): event definitions api renaming by @rscampos in #4123
- [v0.21.0] grpc: refactor event structure by @rscampos in #4124
- [v0.21.0] chore: possible fix for size/RSS issue by @rscampos in #4132
- [v0.21.0] chore(k8s): prepare v0.21.0 release (#4134) by @rscampos in #4135
- [v0.21.0] fix(build): bump go to fix cve-2024-24790 by @rscampos in #4144
- [v0.21.0] release build fix by @geyslan in #4146
- [v0.21.0] fix(build): fix release build (#4150) by @geyslan in #4151
New Contributors
- @Tej-Singh-Rana made their first contribution in #3859
- @ndegory made their first contribution in #3832
- @sharon-amir made their first contribution in #3875
- @hangrymuppet made their first contribution in #3946
Full Changelog: v0.20.0...v0.21.0