​

Approver Policy Enterprise releases¶

​ Learn about current and past releases of Approver Policy Enterprise. ​

Latest release¶

​ The latest stable version of Approver Policy Enterprise is v0.15.0.

Downloads¶

Release 0.15.0¶

Approver Policy Enterprise 0.15.0 was released on March 26, 2024.

Key features¶

• You can now configure an HTTP proxy from the Helm chart by using the following values: http_proxy, https_proxy, and no_proxy. If you are using the upstream version of Approver Policy, this may not be useful to you. These variables are useful for projects building plugins on top of Approver Policy and make HTTP calls to the internet. For more information, see Approver Policy Helm values reference page.
• You can now also configure the priorityClassName field in the Helm chart. For more information, see Approver Policy Helm values reference page.
• The following vulnerability was fixed by upgrading to google.golang.org/protobuf@v1.33.0: GO-2024-2611 (CVE-2024-24786).

Release 0.14.0¶

Approver Policy Enterprise 0.14.0 was released on March 7th, 2024.

Key features¶

This releases incorporates the following Helm value updates to reflect changes made in Approver Policy 0.13.0:

• By default, the Helm chart now adds the helm.sh/resource-policy: keep annotation to all CRDs. This prevents accidental deletion of CRDs when uninstalling the component using Helm.

  Note

  This feature introduces an additional uninstall step:

  $ kubectl delete crd certificaterequestpolicies.policy.cert-manager.io
  

  To avoid using the annotation, add --set crds.keep=false to your installation. To exclude the CRD from the Helm installation use --set crds.enabled=false.

• This release also adds an optional PodDisruptionBudget helm value that can be used in your values.yaml file:

      podDisruptionBudget:
          enabled: true
  

• Platform engineers can now set Topology Spread Constraints using a Helm chart values. For more information see Topology Spread Constraints.

• All Approver Policy deployment-related Helm values have been made global in this release.

• The replicaCount Helm value can now be set to either an integer or a string.

For more information, see Approver Policy Enterprise Helm values.

Release 0.13.0¶

Approver Policy Enterprise 0.13.0 was released on November 29th, 2023.

Key features¶

• A new metric venaficonnection_status is now available. This metric lets you monitor connection or authentication problems to the Venafi Control Plane API and TPP.
• The existing HTTP metrics now include the HTTP path and host. The host label holds the hostname of the TPP or TLS Protect Cloud instance, for example tpp.example.com and api.venafi.cloud. The path label holds the HTTP path of the request. The UUID and names are stripped from the HTTP paths are stripped so that the cardinality of the metrics doesn't explode.
• The field clientId in thehashicorpVaultOAuth block in the Venafi Connection custom resource is deprecated. This field had been mistakenly introduced. This change should not affect existing users of Venafi Enhanced Issuer since this field was not effective and wasn't shown in any of the documentation pages.

• Approver Policy has been updated and now supports CEL-based validation rules.

  You can learn more by reading the document 20230726-cel-policy.md.

Release 0.12.0¶

​ Approver Policy Enterprise 0.12.0 was released on October 27th, 2023.

Key features¶

• Golang has been updated to mitigate CVE-2023-44487 and CVE-2023-39325.

• The Approver Policy Enterprise component exposes operational and usage telemetry metrics suitable for popular monitoring solutions, enabling alerts on important operational states. For more information, see Metrics for Approver Policy Enterprise.

Related links¶

• Installing Approver Policy Enterprise
• Configuring Approver Policy Enterprise
• Common scenarios
• Approver Policy Enterprise Venafi plugin
• Approver Policy Enterprise Rego plugin
• Approver Policy Enterprise administration
• Metrics for Policy Approver Enterprise
• Approver Policy Enterprise API reference
• Approver Policy Enterprise image flags