Cluster Shield Release Notes
Here are the most recent release notes for Cluster Shield. Review the entries to learn about the latest features, defect fixes, and known issues.
1.9.0 Mar 11, 2025
Feature Enhancements
Added a gauge metric
sysdig_cluster_shield_component_health_status
to represent the health status of each enabled component. This is now available through the/metrics
endpoint on port8080
A metric value of
1
indicates a healthy component, while0
signifies an unhealthy one.Cluster Shield now attempts to restart unhealthy components after 100 seconds.
1.8.2 Feb 28, 2025
Fixed Vulnerabilities
1.8.1 Feb 25, 2025
Defect Fixes
- Fixed an issue that prevented the Container Vulnerability Management feature to authenticate to the registry and process the images as expected.
- Fixed an issue where Cluster Shield reported invalid prometheus metrics.
1.8.0 Feb 4, 2025
Feature Enhancements
- Optimized memory usage of the
container-vulnerability-management-controller
component. - Added support for multiple candidate pull-strings per workload to resolve scanning failures caused by alias references from non-pullable locations.
- Added the ability to filter the images for scanning as part of the container vulnerability management feature. See Container Filtering for more details.
Defect Fixes
- Resolved an issue in which Kubernetes metadata inaccurately reported parent service links when a pod was exposed by multiple services. The pod is now correctly associated with all relevant services.
- Fixed an issue where the Admission Controller did not honor the
features.container_vulnerability_management.registry_ssl.verify
configuration parameter. - Fixed a bug that caused unexpected lags when pulling images. The issue occurred because
features.container_vulnerability_management.registry_ssl.verify
was set to true, enforcing SSL certificate verification.
1.7.1 Jan 10, 2025
Fixed Vulnerabilities
1.7.0 Jan 07, 2025
Feature Enhancements
- The Container Vulnerability Management feature now supports mirrors and insecure registries configurations for image scanning.
Defect Fixes
- Fixed an issue that prevented the Container Vulnerability Management feature to correctly authenticate and process the image when candidate pull secrets have been found.
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.