v2.0.29

What's Changed

• Support grouping internet network policies by /24 CIDR to reduce number of IP addresses per policy by @evyatarmeged in #513

Full Changelog: v2.0.28...v2.0.29

v2.0.28

What's Changed

• Fix wrong handling of k8s errors causing wrong handling of applying netpols on non-existing namespaces by @amitlicht in #514

Full Changelog: v2.0.27...v2.0.28

v2.0.27

What's Changed

• Fix bug where network policies were patched even though the change was a no-op by @omris94 in #506
• Fail health check if intents reconcile starts and doesn't finish within 90s by @orishoshan in #507, #509
• Add failsafe timeouts to various steps when reconciling ServiceEffectivePolicy into network policies, to prevent and recover from pathological failure modes caused by bad network performance, optimize reconcile performance by @orishoshan in #508, #510, in #512
• Support configuring externally managed network policy workloads, for which Otterize Cloud will not suggest new ClientIntents by @amitlicht in #505
• Improve intent reconciliation speed by moving cloud and telemetry reporters out of the main intent group reconciler by @omris94 in #511

Full Changelog: v2.0.26...v2.0.27

v2.0.26

What's Changed

• Improve pod owner resolution performance by @omris94 in #503

Full Changelog: v2.0.25...v2.0.26

v2.0.25

What's Changed

• Fixed improper handling of Kubernetes API errors that resulted in repetitive error logs by @omris94 in #502

Full Changelog: v2.0.24...v2.0.25

v2.0.24

What's Changed

• Handling some edge cases for network policy creation errors that are legitimate and should not break reconciliation by @evyatarmeged in #498
• Support creating separate network policies for ingress and egress by setting the value of intentsOperator.operator.separateNetpolsForIngressAndEgress to true by @omris94 in #500

Full Changelog: v2.0.23...v2.0.24

v2.0.23

What's Changed

• Bugfix in AWS IAM roles anywhere integration: nextToken is not used when listing AWS IAM roles anywhere profiles by @amitlicht in #495
• Workaround AWS VPC CNI egress network policy agent bug: only allows traffic to ClusterIP if exact service selector is specified, auto-allow egress DNS whenever an egress policy is created by @orishoshan in #488
• Fix a rare bug where external network policies were not deleted due to a race condition when the enforcement was turned off by @omris94 in #496

Full Changelog: v2.0.22...v2.0.23

v2.0.22

What's Changed

• Fix bug where "external allow" policies were created if "AllowExternalTraffic" was set to "Always" even though the enforcement was disabled by @omris94 in #487
• Bugfix in AWS IAM Roles Anywhere: last page of IAM roles anywhere profiles was not loaded into cache by @amitlicht in #489
• Bugfix: fix wrong handling of non-existing PostgreSQL users when attempting to alter their passwords by @amitlicht in #490
• Fix Kubernetes API 'Forbidden' errors during update, being wrongly reported as errors on the resource by @amitlicht in #491
• Bugfix on external policy reconciler: catch NotFound errors when attempting to delete a network policy by @amitlicht in #492
• Bugfix in validating webhook configuration controller: catch and retry update on Conflict errors by @amitlicht in #493
• Bugfix: increase ClientIntent events cache first sync time limit to 60 seconds to prevent errors on large environments by @amitlicht in #494

Full Changelog: v2.0.21...v2.0.22

v2.0.21

What's Changed

• Bugfix in ClientIntent events reporting: mute NotFound errors on querying IntentEvents for ClientIntents that were already deleted by @amitlicht in #486

Full Changelog: v2.0.20...v2.0.21

v2.0.20

What's Changed

• Fix MalformedPolicyDocument error when applying AWS IAM policies with 0 statements by @amitlicht in #481
• Report AllowExternalTrafficPolicy to the cloud to improve access status calculation for non-default config by @omris94 in #482
• Bugfixes to AWS IAM policy creation and deletion edge cases by @amitlicht in #483
• Improve ClientIntent status & event reporting robustness by using LRU cache & caching only after successful report by @amitlicht in #484

Full Changelog: v2.0.19...v2.0.20