v1.12

The latest version of the 1.12 release of Enterprise Kyverno is v1.12.6-n4k.nirmata.1.

v1.12.6-n4k.nirmata.1

N4K-only improvements

• [Feature] Remove cleanup cronjobs for updaterequests and ephemeralreports #10694.
• [Feature] Remove wildcard permissions in Kyverno #10785.

The below updates can be found on the Kyverno GitHub release page as well.

Fixed

• Change: Disable updaterequest cleanup cronjob (#10678)
• Fix(helm): Remove namespace from RoleBinding/roleRef field (#10685)
• Fix: Properly use useCache field in image verification policies (#10709)
• Fix: Check for the client being nil before applying a mutation (#10726)
• Fix: Resource namespace checks for Kyverno CLI (#10738)
• Fix: Range through all resources to build webhook (#10748)
• Fix: Get namespace labels before creating a policy context (#10773)
• Fix: Wrong evaluation of pod security standard version (#10924)
• Fix: Frequent API GET/UPDATE requests regarding webhooks reconciliation when no policies (#11203, #11225, #11230, #11233)

Others

• Fix: Bump docker in release 1.12 (#11088)
• Fix: Updated Go version to v1.22.7 to address CVE-2024-34156 (#11142)
• Chore: Bump chainsaw (#10687)
• Chore: Bump github.com/docker/docker from 26.1.3+incompatible to 26.1.4+incompatible (#10750)

v1.12.3-n4k.nirmata.2

The major improvements of the above version are mentioned below. For a complete list of all the changes made in Kyverno v1.12.0, refer to its GitHub release page.

• Starting from v1.12, the N4K repository is now private.
• Availability of Reports Server from N4K v1.12. Learn more about Reports Server from the official Nirmata documentation.
• Fixed issue 10556 in v1.12.