openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity

CMP-2090: CO 1.2.0 release notes

Browse Source
This commit is contained in:
Andrew Taylor
2023-07-24 09:37:23 -04:00
committed by openshift-cherrypick-robot
parent 8aefc0f4e7
commit b35fd728dd
2 changed files with 26 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
modules/compliance-supported-profiles.adoc
View File

@@ -20,18 +20,18 @@ The Compliance Operator provides the following compliance profiles:
|Supported architectures
|ocp4-cis
|CIS Red Hat OpenShift Container Platform 4 Benchmark v1.1.0
|CIS Red Hat OpenShift Container Platform 4 Benchmark v1.4.0
|Platform
|0.1.39+
|1.2.0+
|link:https://www.cisecurity.org/cis-benchmarks/[CIS Benchmarks ™] ^[1]^
|`x86_64`
`ppc64le`
`s390x`
|ocp4-cis-node
|CIS Red Hat OpenShift Container Platform 4 Benchmark v1.1.0
|CIS Red Hat OpenShift Container Platform 4 Benchmark v1.4.0
|Node ^[2]^
|0.1.39+
|1.2.0+
|link:https://www.cisecurity.org/cis-benchmarks/[CIS Benchmarks ™] ^[1]^
|`x86_64`
`ppc64le`
@@ -131,5 +131,5 @@ The Compliance Operator provides the following compliance profiles:
|`x86_64`
|===
[.small]
1. To locate the CIS {product-title} v4 Benchmark, go to link:https://www.cisecurity.org/cis-benchmarks/[CIS Benchmarks] and type `Kubernetes` in the search box. Click on *Kubernetes* and then *Download Latest CIS Benchmark*, where you can then register to download the benchmark.
1. To locate the CIS {product-title} v4 Benchmark, go to link:https://www.cisecurity.org/benchmark/kubernetes[CIS Benchmarks] and click *Download Latest CIS Benchmark*, where you can then register to download the benchmark.
2. Node profiles must be used with the relevant Platform profile. For more information, see xref:../../security/compliance_operator/compliance-operator-understanding.adoc#compliance_profile_typesunderstanding-compliance[Compliance Operator profile types].

21
security/compliance_operator/compliance-operator-release-notes.adoc
View File

@@ -15,6 +15,27 @@ For an overview of the Compliance Operator, see xref:../../security/compliance_o
To access the latest release, see xref:../../security/compliance_operator/compliance-operator-updating.adoc#olm-preparing-upgrade_compliance-operator-updating[Updating the Compliance Operator].
[id="compliance-operator-release-notes-1-2-0"]
== OpenShift Compliance Operator 1.2.0
The following advisory is available for the OpenShift Compliance Operator 1.2.0:
* link:https://access.redhat.com/errata/RHBA-2023:4245[RHBA-2023:4245 - OpenShift Compliance Operator enhancement update]
[id="compliance-operator-1-2-0-new-features-and-enhancements"]
=== New features and enhancements
* The CIS {product-title} 4 Benchmark v1.4.0 profile is now available for platform and node applications. To locate the CIS {product-title} v4 Benchmark, go to link:https://www.cisecurity.org/benchmark/kubernetes[CIS Benchmarks] and click *Download Latest CIS Benchmark*, where you can then register to download the benchmark.
+
[IMPORTANT]
====
Upgrading to Compliance Operator 1.2.0 will overwrite the CIS {product-title} 4 Benchmark 1.1.0 profiles.
If your {product-title} environment contains existing `cis` and `cis-node` remediations, there might be some differences in scan results after upgrading to Compliance Operator 1.2.0.
====
* Additional clarity for auditing security context constraints (SCCs) is now available for the `scc-limit-container-allowed-capabilities` rule.
[id="compliance-operator-release-notes-1-1-0"]
== OpenShift Compliance Operator 1.1.0