Episodes
Episode 5Thu, Jun 04, 2026

Ep 5 - GKE mTLS, EKS 1.36, Rancher Security Fixes, and Agent Workflow Guardrails

Seven-day DevSecOps briefing across GKE, EKS, AKS, Harness, Rancher, Fleet, RKE2, and agentic workflow tooling

GKEEKSRancherRKE2HarnessKubernetesSupply ChainAI
On this episode
  1. Highlights & Key Takeaways
  2. 🧰 Tool-by-Tool Briefing
  3. 📰 Industry News
  4. ⚙️ Fun Tools and Reads

Highlights & Key Takeaways

🧰 Tool-by-Tool Briefing

Quick Update: This refresh focuses on May 28 through June 4, 2026. The strongest signals are GKE's June 4 release and security updates, EKS 1.36 landing across all EKS regions including GovCloud, AKS 1.36 GA planning, Harness release-note movement across delivery and artifact workflows, Rancher 2.14.2 security fixes, RKE2's Ingress NGINX to Traefik migration guidance, and new agent workflow controls from Anthropic, OpenAI, and JetBrains.

GKE

  • Release / Platform: GKE published 2026-R22 on June 4, 2026. Rapid channel now uses 1.36.0-gke.2459000 as the default cluster creation version, and Rapid also added 1.36.0-gke.2684000 for upgrades and new clusters. (GKE release notes)
  • Security / Compliance: R22 includes updated Container-Optimized OS images with cumulative security fixes. GKE specifically lists updated COS images for 1.34.8-gke.1218000 and 1.36.0-gke.2684000, so capture both Kubernetes and node-image evidence after upgrades. (GKE release notes)
  • AI / Automation: GKE Gateway added frontend mTLS on June 4 and backend authenticated TLS on May 29. That gives platform teams stronger certificate-based controls for ingress and service-to-backend paths without custom sidecars. (GKE release notes)
  • Developer Experience: GKE expanded maintenance exclusions on June 2 with per-node-pool exclusions and a longer "No upgrades" exclusion of up to 90 days. That helps teams stage node upgrades without pausing the whole cluster. (GKE release notes)
  • Action Items: Review clusters in Rapid and Regular, record COS image versions, test Gateway mTLS in non-production, and decide where per-node-pool maintenance exclusions are acceptable.

EKS / AWS GovCloud

  • Release / Platform: AWS announced on June 2, 2026 that Amazon EKS and EKS Distro now support Kubernetes 1.36. AWS says the version is available in all EKS regions, including AWS GovCloud (US) regions. (EKS 1.36 announcement)
  • Security / Compliance: No new Critical or High EKS advisory was confirmed this week. The compliance win is upgrade evidence: EKS 1.36 brings upstream features such as user namespaces GA, CEL-based Mutating Admission Policies, in-place pod-level resource resizing, and pod resource health status. (EKS 1.36 announcement)
  • AI / Automation: EKS Cluster Insights should be part of the upgrade workflow before moving clusters to 1.36. Use it to catch version, add-on, and configuration blockers before Terraform or GitOps changes reach production. (EKS 1.36 announcement)
  • Developer Experience: Developers can now test 1.36 features in EKS directly instead of waiting for local-only or upstream-only validation. Expect admission policy and workload-resizing tests to show the most visible differences.
  • Action Items: Start a 1.36 test cluster, run EKS Cluster Insights, validate admission policies and add-ons, and add GovCloud environments to the same upgrade-readiness checklist as commercial regions.

AKS

  • Release / Platform: Microsoft documents Kubernetes 1.36 as AKS preview in May 2026, GA in June 2026, supported through June 2027, and LTS through June 2028. That makes June the planning window for production upgrade paths, not just lab validation. (AKS supported versions)
  • Security / Compliance: No new Critical or High AKS advisory was confirmed from primary Microsoft sources this week. Microsoft still recommends using the latest patch for a supported minor version and tracking rollout through the AKS release status workflow. (AKS supported versions)
  • AI / Automation: Upgrade automation should check Kubernetes version, node OS SKU, Windows node pool compatibility, add-ons, and policy add-on versions before proposing AKS 1.36.
  • Developer Experience: AKS uses gradual regional deployment, and Microsoft says new releases can take up to 10 business days to become available everywhere. Multi-region teams should avoid assuming every region can upgrade on the same date. (AKS supported versions)
  • Action Items: Inventory AKS clusters by minor version, identify Windows Server 2022 node pools before 1.36 upgrades, and add regional availability checks to change requests.

Harness

  • Release / Platform: Harness release summaries were updated through June 4, 2026. CD/GitOps added dry-run pipeline YAML validation, GitOps repository templates at account, org, and project scopes, real-time GitOps resource health updates, and an upgraded bundled Argo CD engine in the GitOps agent. (Harness release notes)
  • Security / Compliance: Harness Platform now deletes associated API keys and PATs when a user account is removed, and CD/GitOps can pass delegate selector information as AWS session tags in OIDC tokens. That helps with account cleanup and environment-specific secret isolation. (Harness release notes)
  • AI / Automation: Harness AI SRE added automated post-incident review generation, AI-detected action items from Slack, meetings, and incident notes, and ServiceNow change correlation for active incidents. That is useful, but responders still need review gates before runbooks mutate production. (Harness release notes)
  • Developer Experience: CI release notes from May 28 include custom private Docker images for Harness Cloud builds, UI-managed egress restrictions for Windows and Linux cloud build VMs, and improved log upload reliability. (Harness release notes)
  • Action Items: Pilot dry-run YAML validation, check OIDC session-tag behavior for AWS environments, review cloud build egress rules, and keep AI SRE-generated action items human-approved.

Harness Artifact Registry

  • Release / Platform: Harness Artifact Registry release notes were updated on June 4, 2026 with native Swift Package Manager workflows, direct file storage addressed by path, HTTP push and pull support, and UI restore for soft-deleted packages, versions, and registries. (Harness release notes)
  • Security / Compliance: Harness added controls to block open-source artifacts that exceed configured risk thresholds and block versions flagged as malicious in threat intelligence databases. This moves artifact policy closer to the point where packages are consumed. (Harness release notes)
  • AI / Automation: Artifact blocking is automation with teeth. Treat the policy thresholds like production controls: version them, test them, and make exception handling auditable.
  • Developer Experience: Swift package support and HTTP file workflows should reduce side-channel artifact hosting. Developers get one governed place for packages, reports, and shared build artifacts.
  • Action Items: Define risk thresholds, test malicious-version blocking against non-production registries, and document restore behavior for soft-deleted artifacts before broad rollout.

Rancher

  • Release / Platform: Rancher v2.14.2 was released on May 28, 2026 as a community maintenance patch with bug fixes, image artifacts, and release attestations. The release also notes install and upgrade requirements such as Kubernetes API Aggregation Layer support and Helm 3.18+ for Rancher 2.12 and later. (Rancher v2.14.2)
  • Security / Compliance: CVE-2026-44939 is Critical, CVSS 9.6, affecting Rancher >=2.14.0 <2.14.2, >=2.13.0 <2.13.6, >=2.12.0 <2.12.10, >=2.11.0 <2.11.14, and >=2.10.0 <2.10.12. Mitigation is to upgrade to 2.14.2, 2.13.6, 2.12.10, 2.11.14, or 2.10.12 and inspect downstream clusters for suspicious kube-api-auth DaemonSet changes if exposure is suspected. (Rancher advisory)
  • AI / Automation: Rancher also fixed a Rancher AI Assistant issue where sensitive configuration secrets and MCP responses could be exposed when logging was set to DEBUG. That is a clean reminder that agent logs are security data. (Rancher v2.14.2)
  • Developer Experience: The release fixes chart reinstallation in the Apps UI and chart-value display issues in cluster configuration views. That should reduce confusion during app and cluster maintenance. (Rancher v2.14.2)
  • Action Items: Upgrade Rancher, verify GitHub App team membership refreshes, review project-owner roles after the updatepsa change, disable DEBUG logging for AI Assistant workflows, and save image digests and attestations for audit evidence.

Rancher Fleet

  • Release / Platform: Rancher v2.14.2 includes Fleet security changes that affect multi-tenant GitOps behavior. The release introduces a Policy resource as the migration target for GitRepoRestriction. (Rancher v2.14.2)
  • Security / Compliance: Rancher lists Fleet fixes for Helm credential forwarding, forged webhooks when shared secrets are missing, and namespace label handling that could overwrite Pod Security Standards enforcement labels. Mitigation is to upgrade Rancher and migrate Fleet restrictions to the new policy model. (Rancher v2.14.2)
  • AI / Automation: Fleet is GitOps automation at cluster scale, so these fixes matter for agent-driven changes too. If an agent can change fleet.yaml, the same webhook, Helm credential, and namespace-label boundaries apply.
  • Developer Experience: Teams using Helm secrets in Fleet should expect migration behavior around helmRepoURLRegex. That is worth testing before production GitRepos are reconciled.
  • Action Items: Upgrade Fleet through the Rancher patch, require webhook shared secrets, review fleet.yaml namespace labels, and test helmRepoURLRegex behavior in staging.

RKE2

  • Release / Platform: RKE2 v1.36.1+rke2r2 was released on May 28, 2026 with Kubernetes v1.36.1, etcd v3.6.7-k3s1, containerd v2.2.3-k3s1, runc v1.4.2, Traefik v3.6.16, Calico v3.32.0, and Cilium v1.19.3. (RKE2 v1.36 notes)
  • Security / Compliance: No new Critical or High RKE2 advisory was confirmed this week. The compliance angle is version evidence across the full bundled stack, not just the Kubernetes minor version.
  • AI / Automation: RKE2's June 3 Ingress NGINX to Traefik migration guide gives automation teams a safer runbook shape: dual-controller setup, duplicated ingress validation, staged cutover, and cleanup. (RKE2 migration guide)
  • Developer Experience: Existing clusters keep their current ingress on upgrade, but new RKE2 v1.36 clusters default to Traefik because upstream Ingress NGINX retired in March 2026. That means app teams need to test NGINX annotations, health checks, and external load-balancer behavior. (RKE2 migration guide)
  • Action Items: Inventory Ingress NGINX usage, patch missing ingressClassName values, run Traefik compatibility checks, and rehearse the migration on a non-production cluster before v1.37 removes more runway.

Kubernetes Release Planning

  • Release / Platform: Upstream Kubernetes lists 1.36.1 as the latest 1.36 patch and shows 1.36.2 targeting June 9, 2026, with cherry-pick cutoff on June 5. (Kubernetes 1.36)
  • Security / Compliance: No new upstream Critical or High Kubernetes advisory was confirmed this week. The important control is tracking managed-service adoption of 1.36 and recording which clusters are still pinned to older minor versions.
  • AI / Automation: Mutating Admission Policies and user namespaces are useful targets for policy automation. Use them to reduce custom webhook maintenance and improve runtime isolation where provider support is ready.
  • Developer Experience: Provider timelines are now diverging: EKS has 1.36 available, GKE has 1.36 in Rapid, and AKS has 1.36 entering GA in June. Developers should test against the provider they actually run.
  • Action Items: Update cluster lifecycle dashboards, map 1.36 readiness by provider, and add admission-policy and user-namespace validation to platform test suites.

Claude Code / Anthropic

  • Release / Platform: Anthropic announced Claude Opus 4.8 on May 28, 2026. The release includes Claude Code dynamic workflows in research preview, where Claude can plan a large task, run parallel subagents, verify outputs, and report back. (Claude Opus 4.8)
  • Security / Compliance: No Critical or High security advisory was confirmed for Claude Code this week. The operational concern is governance: dynamic workflows can touch more files and run longer, so audit logs and approval policy matter more.
  • AI / Automation: Dynamic workflows are a practical signal that agent work is moving from "single coding task" to codebase-scale orchestration. That needs change-control boundaries, test gates, and clear merge ownership.
  • Developer Experience: Engineers may get faster migrations and larger refactors, but review load can spike if the agent opens huge diffs. Smaller scoped tasks and enforced test output make the workflow easier to trust.
  • Action Items: Pilot dynamic workflows only on non-production repos, limit tool permissions, require test evidence, and keep human merge approval mandatory.

OpenAI Codex Governance

  • Release / Platform: OpenAI's Codex safety guidance describes managed configurations, sandboxing, approvals, constrained network access, credential handling, and agent-native telemetry. This is a useful control model for any coding agent, even when the agent is not Codex. (Running Codex safely)
  • Security / Compliance: No new Critical or High Codex advisory was confirmed this week. The compliance takeaway is that agent activity should produce logs for prompts, approvals, tool execution, MCP usage, and network allow or deny decisions. (Running Codex safely)
  • AI / Automation: Treat coding agents like controlled automation identities. They need scoped filesystem access, explicit network rules, and approval checkpoints before privileged commands.
  • Developer Experience: Sandboxes reduce blast radius, but overly strict rules can slow normal development. Start with read-only inspection and workspace-write flows, then expand only where telemetry proves it is safe.
  • Action Items: Define approved agent modes, require MFA or enterprise SSO, centralize agent telemetry, and block production credentials from agent sandboxes.

JetBrains Mellum2

  • Release / Platform: JetBrains announced Mellum2 as an open-source model in June 2026. It is a 12B Mixture-of-Experts model with 2.5B active parameters per token, designed for routing, summarization, sub-agents, Q&A, and private software-engineering AI workflows. (JetBrains Mellum2)
  • Security / Compliance: No Critical or High advisory was confirmed. The compliance angle is private deployment: a smaller specialized model can keep code and context in controlled infrastructure when the use case does not require a frontier model.
  • AI / Automation: Mellum2 is interesting because it targets the orchestration layer: routing, intermediate reasoning, and fast sub-agent steps. That is where agent platforms often need low latency and predictable cost.
  • Developer Experience: If it performs well enough for routing or summarization, engineers can reserve larger models for harder tasks and make agent workflows faster.
  • Action Items: Evaluate Mellum2 for internal routing or summarization, compare output quality against current models, and enforce the same logging and data-boundary rules used for larger AI systems.

📰 Industry News

Quick Update: This section pulls from the Episode 5 newsletter folder and supporting community signals. Treat these as podcast prompts and workflow lessons, not vendor release facts unless linked to a primary source above.

  • Local Kubernetes is back in the conversation: The episode folder included "One of a KinD: Local Kubernetes Made Simple." Pair that with kind's local-cluster workflow and RKE2's ingress migration guidance: local clusters are useful when they rehearse real ingress, policy, and GitOps behavior instead of only running hello-world demos. (kind, RKE2 migration guide)
  • Agent architecture needs tool choice, not tool worship: The "Production-Ready AI Agents: MCP, CLI, and Skills" newsletter item lines up with the current agent-control theme. MCP is not automatically the right answer; use MCP for shared tools, CLI for local deterministic execution, and skills or subagents for repeatable workflows. (Production-ready AI agents)
  • Terminal habits still matter in an agentic world: The terminal-habits read is a good reminder that senior engineers still need fast inspection, reproducible commands, and shell literacy. Agents are better when the human can quickly verify what they did. (Terminal habits)
  • Microsoft zero-day disclosure debate is an operational prompt: The DoublePulsar newsletter item is useful discussion fuel for patch operations, and Microsoft's MSRC post is the primary vendor statement behind the debate. The lesson is not vendor drama; it is that teams need their own exploitability triage, compensating controls, and maintenance-window discipline. (MSRC disclosure post, DoublePulsar discussion, Disclose.io policy pulse)
  • Source-code exposure keeps showing up in developer feeds: The daily.dev queue called out poisoned extensions, public repo leaks, and AI reading codebases quickly. Treat IDE extensions, token scope, and private repository access as supply-chain controls. (BleepingComputer GitHub report)
  • Kubernetes dashboards are shifting: The daily.dev queue included "From Kubernetes Dashboard to Headlamp." For regulated teams, UI replacement should include auth model, auditability, plugin governance, and read-only modes, not just a nicer screen. (Kubernetes Headlamp transition)
  • Kustomize, Kpt, Porch, and ConfigHub are still worth comparing: Config workflows keep splintering between overlays, package APIs, and platform control planes. Pick based on reviewability, policy integration, and rollback behavior. (Kustomize, kpt, Porch, ConfigHub)
  • AI observability is becoming its own discipline: The daily.dev queue included "The Four Signals of AI Observability." For DevSecOps, the minimum useful signals are prompts, tool calls, approvals, data access, and resulting code or infrastructure changes. (AI observability)
  • Homelab and MinIO content is useful when it teaches failure modes: Self-hosted object storage and homelab stacks are not production architectures by default, but they are good learning environments for backups, S3 compatibility, identity, TLS, and lifecycle policy. (freeCodeCamp MinIO guide, MinIO docs)

⚙️ Fun Tools and Reads

Chainguard - The Hardest Fork: A Chainguard engineering read on difficult fork decisions. Useful for supply-chain conversations about when to patch, fork, replace, or upstream. https://www.linkedin.com/pulse/hardest-fork-chainguard-dev-fquec/

Top 5 Emerging Dev Tools to Watch in 2026: Discovery reading for tools that may show up in developer workflows before platform teams formally approve them. https://medium.com/lets-code-future/top-5-emerging-dev-tools-to-watch-in-2026-2f2607e8f6b9

DevOps Daily: A quick source for DevOps links and operational reads. Good for trend scanning, not a replacement for vendor release notes. https://devops-daily.com/

GKE Standby Buffers: Google Cloud's write-up on standby buffers for faster GKE autoscaling with lower spend. Useful for capacity planning conversations. (GKE standby buffers) https://cloud.google.com/blog/products/containers-kubernetes/gke-standby-buffers-speed-up-autoscaling-for-less-spend

CData Connect AI: Gives AI tools governed read and write access to business data through a unified layer. Evaluate permissions, audit logs, and write controls first. https://www.cdata.com/connect/ai/

Ideogram 4.0: Open-weight image model from Ideogram. Useful for visual assets, but generated diagrams and marketing images still need human review. https://ideogram.ai/

Perplexity Personal Computer: Local orchestrator concept from Perplexity. Watch the permissions model, local file access, browser control, and auditability. https://www.perplexity.ai/

Microsoft AI MAI Models: Microsoft's in-house AI model family is worth watching as model choice broadens beyond the usual few providers. https://www.microsoft.ai/

Claude Opus 4.8: Anthropic's May 28 Opus update, including dynamic workflows for Claude Code. Useful for codebase-scale agent workflow discussion. (Claude Opus 4.8) https://www.anthropic.com/news/claude-opus-4-8

Koji by Brilliant: AI tutor for math and coding. Interesting for onboarding and training paths when paired with real internal runbooks. https://brilliant.org/

Dynamic Workflows: Claude Code feature for deploying subagents across larger tasks. Pilot carefully because parallel agent work increases review and audit requirements. (Claude Opus 4.8) https://www.anthropic.com/news/claude-opus-4-8