v0.12.0 Release Notes¶
Release Date: 2026-03-29
Overview¶
v0.12.0 is the final feature release before v1.0.0 GA. It introduces three major capabilities: OpenTelemetry observability, drift auto-remediation, and Policy-as-Code with OPA/Rego.
Changes¶
OpenTelemetry Integration (#137)¶
- OTLP gRPC exporters for traces and metrics
- Span instrumentation across the full pipeline:
falco.receive_and_parse— event ingestiondetector.handle_event/detector.detect_drifts— drift detectionnotifier.send— alert dispatch
- W3C trace context propagation in HTTP middleware (
pkg/api/middleware/otel.go) - Configurable sampling ratio and endpoints via
TelemetryConfig - Compatible with Jaeger, Grafana Tempo, and any OTLP backend
Drift Auto-Remediation (#135)¶
pkg/terraform/remediation.go—RemediationGeneratorfor Terraform HCL code generationpkg/terraform/proposal_formatter.go— Markdown and JSON output for proposalspkg/vcs/github.go— Lightweight GitHub API client for automated PR creationpkg/detector/remediation_handler.go— Orchestration: drift → proposal → PR → broadcastRemediationProposaltype with lifecycle states (pending/approved/rejected/applied)- Configurable via
RemediationConfigandGitHubConfig
Policy-as-Code with OPA/Rego (#136)¶
pkg/policy/engine.go— OPA engine wrapper withEvaluate()for drift classification- Four policy decisions: allow, alert, remediate, deny
- Policy can override severity, suppress alerts, or trigger auto-remediation
- Sample policies included:
policies/drift.rego— AWS rules (AutoScaling allow, Security Group remediate, IAM deny)policies/gcp.rego— GCP rules (MIG allow, Firewall remediate, IAM deny)
- Policy evaluation integrated into
Detector.handleEvent()flow - Real-time policy decision broadcast via WebSocket/SSE
Test Coverage¶
pkg/policy: 92.3%pkg/telemetry: 88.8%pkg/terraform: 92.8%pkg/vcs: 77.0%
Milestone¶
Closes v0.12.0 milestone (3/3 issues).
What's Next¶
v1.0.0 GA — Performance optimization, deployment guides, security audit, and documentation completion.