Skip to content

v4.2.0
Compare
Choose a tag to compare
@github-actions github-actions released this 13 Jun 14:56
· 217 commits to main since this release
v4.2.0
b330f73
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

Added

  • Added a new alerting rule to falco.rules.yml to fire an alert for XZ-backdoor.
  • Added CiliumAPITooSlow.
  • Added CODEOWNERS files.

Changed

  • Restrict grafana-agent-rules CiliumNetworkPolicy.
  • Use ready replicas for Kyverno webhooks alert.
  • Sort out shared alert ownership by distributing them all to teams.
  • Review and fix phoenix alerts towards Mimir and multi-provider MCs.
    • Move core components alerts from phoenix to turtles (cluster-autoscaler, vertical-pod-autoscaler, kubelet, etcd-kubernetes-resources-count-exporter, certificates)
    • Split the phoenix job alert into 2:
      • Add the aws specific job alerts in the vintage.aws.management-cluster.rules file.
      • Move the rest of job.rules to turtles because it is provider independent
    • Prefix all vintage alerts with vintage to facilitate maintenance.
    • Merge kiam and inhibit.kiam into one file.
    • Support any AWS WC in the aws-load-balancer-controller alerts.
    • Create a shared IRSA alerts rule file to avoid duplication between capa and vintage aws.
  • Review and fix cabbage alerts for multi-provider MCs and Mimir.
  • Review and fix shield alerts for multi-provider MCs and Mimir.
  • Review and fix honeybadger alerts for multi-provider MCs and Mimir.
  • Review and fix bigmac alerts for multi-provider MCs and Mimir.
    • Fix ManagementClusterDexAppMissing use of absent for mimir.
    • Update team bigmac rules based on the label changes
  • Review and fix atlas alerts for multi-provider MCs and Mimir.
    • Fix alerts using absent metrics for Mimir.
  • Review and fix turtles alerts for multi-provider MCs and Mimir.
    • Fix alerts using absent metrics for Mimir.
    • Reviewed turtles alerts labels.

Fixed

  • Fixed usage of yq, and jq in check-opsrecipes.sh
  • Fetch jq with make install-tools
  • Fixed and improve the check-opsrecipes.sh script to support /_index.md based ops-recipes.
  • Fixed all area alert labels.
  • Fixed cert-exporter alerts to page on all providers.
  • Fixed cilium SLO recording rule, setting a proper threshold for the alert.

Removed

  • cleanup: get rid of microendpoint alerts as it never fired and probably never will
  • cleanup: remove scrape timeout inhibition leftovers (documentation and labels)
Assets 2
Loading