Skip to content

Commit

Permalink
Merge branch 'master' into ac-dry-run-mode-in-cm
Browse files Browse the repository at this point in the history
  • Loading branch information
@airadier
airadier authored Aug 22, 2023
2 parents 6c96d23 + d95e283 commit 2281cd5
Show file tree
Hide file tree
Showing 12 changed files with 112 additions and 27 deletions.
3 changes: 3 additions & 0 deletions charts/cluster-scanner/CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used
exclusively to fix incorrect entries and not to add new ones.

## Change Log
# v0.5.0
### New Features
* **cluster-scanner** [f9db25eb](https://github.com/sysdiglabs/charts/commit/f9db25eb77d6f648adefbf01ad3df983c41ddf70): allow to configure http proxy ([#1302](https://github.com/sysdiglabs/charts/issues/1302))
# v0.4.1
### Documentation
* **admission-controller, cluster-scanner, registry-scanner, cloud-connector, node-analyzer, rapid-response, sysdig-deploy, agent** [df733e62](https://github.com/sysdiglabs/charts/commit/df733e6294eae1967197e3521473a5fab0282b67): update maintainers list ([#1283](https://github.com/sysdiglabs/charts/issues/1283))
Expand Down
2 changes: 1 addition & 1 deletion charts/cluster-scanner/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ description: Sysdig Cluster Scanner

type: application

version: 0.4.1
version: 0.5.0

appVersion: "0.1.0"
home: https://www.sysdig.com/
Expand Down
9 changes: 5 additions & 4 deletions charts/cluster-scanner/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ $ pre-commit run -a
$ helm repo add sysdig https://charts.sysdig.com
$ helm repo update
$ helm upgrade --install sysdig-cluster-scanner sysdig/cluster-scanner \
--create-namespace -n sysdig --version=0.4.1 \
--create-namespace -n sysdig --version=0.5.0 \
--set global.clusterConfig.name=CLUSTER_NAME \
--set global.sysdig.region=SYSDIG_REGION \
--set global.sysdig.accessKey=YOUR-KEY-HERE
Expand Down Expand Up @@ -55,7 +55,7 @@ To install the chart with the release name `cluster-scanner`, run:

```console
$ helm upgrade --install sysdig-cluster-scanner sysdig/cluster-scanner \
--create-namespace -n sysdig --version=0.4.1 \
--create-namespace -n sysdig --version=0.5.0 \
--set global.clusterConfig.name=CLUSTER_NAME \
--set global.sysdig.region=SYSDIG_REGION \
--set global.sysdig.accessKey=YOUR-KEY-HERE
Expand Down Expand Up @@ -93,6 +93,7 @@ The following table lists the configurable parameters of the `cluster-scanner` c
| global.sysdig.region | Region name for Sysdig. Valid options: `us1`, `us2`, `us3`, `us4`, `eu1`, `au1`. When no region is suitable (e.g. on-premise installations) set the `global.sysdig.apiHost: ""` parameter. | <code>"us1"</code> |
| global.image.pullSecrets | The pull secrets for Cluster Scanner | <code>[]</code> |
| global.image.pullPolicy | The pull policy for Cluster Scanner | <code>IfNotPresent</code> |
| global.proxy | Global HTTP Proxy settings. | <code>{}</code> |
| global.loggingLevel | Set the logging level to use, useful for troubleshooting. Valid values, sorted by increasing level of verbosity are: `PANIC`, `FATAL`, `ERROR`, `WARN`, `INFO`, `DEBUG`, `TRACE`. | <code>"INFO"</code> |
| global.ssl.ca.certs | For outbound connections (secure backend, proxy,...) A PEM-encoded x509 certificate. This can also be a bundle with multiple certificates. | <code>[]</code> |
| global.ssl.ca.keyName | Filename that is used when creating the secret. Required if cert is provided. | <code></code> |
Expand Down Expand Up @@ -158,7 +159,7 @@ Specify each parameter using the **`--set key=value[,key=value]`** argument to `

```console
$ helm upgrade --install sysdig-cluster-scanner sysdig/cluster-scanner \
--create-namespace -n sysdig --version=0.4.1 \
--create-namespace -n sysdig --version=0.5.0 \
--set global.sysdig.region="us1"
```

Expand All @@ -167,7 +168,7 @@ installing the chart. For example:

```console
$ helm upgrade --install sysdig-cluster-scanner sysdig/cluster-scanner \
--create-namespace -n sysdig --version=0.4.1 \
--create-namespace -n sysdig --version=0.5.0 \
--values values.yaml
```

Expand Down
6 changes: 3 additions & 3 deletions charts/cluster-scanner/RELEASE-NOTES.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# What's Changed

### Documentation
- **admission-controller, cluster-scanner, registry-scanner, cloud-connector, node-analyzer, rapid-response, sysdig-deploy, agent** [df733e62](https://github.com/sysdiglabs/charts/commit/df733e6294eae1967197e3521473a5fab0282b67): update maintainers list ([#1283](https://github.com/sysdiglabs/charts/issues/1283))
#### Full diff: https://github.com/sysdiglabs/charts/compare/cluster-scanner-0.4.0...cluster-scanner-0.4.1
### New Features
- **cluster-scanner** [f9db25eb](https://github.com/sysdiglabs/charts/commit/f9db25eb77d6f648adefbf01ad3df983c41ddf70): allow to configure http proxy ([#1302](https://github.com/sysdiglabs/charts/issues/1302))
#### Full diff: https://github.com/sysdiglabs/charts/compare/cluster-scanner-0.4.1...cluster-scanner-0.5.0
9 changes: 9 additions & 0 deletions charts/cluster-scanner/templates/configmap.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,15 @@ data:
rsi_leaderelection_lock_name: {{ .Values.runtimeStatusIntegrator.leaderElectionLeaseNameOverride | default (include "cluster-scanner.fullname" .) }}
rsi_leaderelection_lock_namespace: {{ .Values.runtimeStatusIntegrator.leaderElectionLeaseNamespaceOverride | default .Release.Namespace }}
rsi_service_name: {{ include "cluster-scanner.fullname" . }}
{{- if .Values.global.proxy.httpProxy }}
http_proxy: {{ .Values.global.proxy.httpProxy }}
{{- end -}}
{{- if .Values.global.proxy.httpsProxy }}
https_proxy: {{ .Values.global.proxy.httpsProxy }}
{{- end -}}
{{- if .Values.global.proxy.noProxy }}
no_proxy: {{ .Values.global.proxy.noProxy }}
{{- end -}}
{{- include "cluster-scanner.rsiJsConfig" . | nindent 2 }}
{{- include "cluster-scanner.iseJsConfig" . | nindent 2 }}
ise_cache_type: {{ .Values.imageSbomExtractor.cache.type }}
Expand Down
36 changes: 36 additions & 0 deletions charts/cluster-scanner/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,24 @@ spec:
- name: PPROF_PORT
value: {{ .ports.pprof | default "6060" | quote }}
{{- end }}
- name: HTTP_PROXY
valueFrom:
configMapKeyRef:
name: {{ include "cluster-scanner.fullname" . }}
key: http_proxy
optional: true
- name: HTTPS_PROXY
valueFrom:
configMapKeyRef:
name: {{ include "cluster-scanner.fullname" . }}
key: https_proxy
optional: true
- name: NO_PROXY
valueFrom:
configMapKeyRef:
name: {{ include "cluster-scanner.fullname" . }}
key: no_proxy
optional: true
{{- if eq (include "sysdig.custom_ca.enabled" (dict "global" .Values.global.ssl "component" .Values.ssl)) "true" }}
- name: SSL_CERT_FILE
value: /ca-certs/{{- include "sysdig.custom_ca.keyName" (dict "global" .Values.global.ssl "component" .Values.ssl) -}}
Expand Down Expand Up @@ -295,6 +313,24 @@ spec:
- name: PPROF_PORT
value: {{ .ports.pprof | default "6061" | quote }}
{{- end }}
- name: HTTP_PROXY
valueFrom:
configMapKeyRef:
name: {{ include "cluster-scanner.fullname" . }}
key: http_proxy
optional: true
- name: HTTPS_PROXY
valueFrom:
configMapKeyRef:
name: {{ include "cluster-scanner.fullname" . }}
key: https_proxy
optional: true
- name: NO_PROXY
valueFrom:
configMapKeyRef:
name: {{ include "cluster-scanner.fullname" . }}
key: no_proxy
optional: true
{{- if eq (include "sysdig.custom_ca.enabled" (dict "global" .Values.global.ssl "component" .Values.ssl)) "true" }}
- name: SSL_CERT_FILE
value: /ca-certs/{{- include "sysdig.custom_ca.keyName" (dict "global" .Values.global.ssl "component" .Values.ssl) -}}
Expand Down
31 changes: 31 additions & 0 deletions charts/cluster-scanner/tests/configmap_test.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -310,3 +310,34 @@ tests:
- equal:
path: data.ise_pprof_enabled
value: "marzullo"

- it: "proxy parameters are optional"
set:
global.sysdig.apiHost: "http://test.com"
asserts:
- isNull:
path: data.http_proxy
- isNull:
path: data.https_proxy
- isNull:
path: data.no_proxy

- it: "has correct value for proxy parameters when provided"
set:
global:
sysdig:
apiHost: "http://test.com"
proxy:
httpProxy: "fake-http-proxy"
httpsProxy: "fake-https-proxy"
noProxy: "fake-no-proxy"
asserts:
- equal:
path: data.http_proxy
value: "fake-http-proxy"
- equal:
path: data.https_proxy
value: "fake-https-proxy"
- equal:
path: data.no_proxy
value: "fake-no-proxy"
28 changes: 14 additions & 14 deletions charts/cluster-scanner/tests/deployment_test.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,9 +92,9 @@ tests:
asserts:
- not: true
isEmpty:
path: spec.template.spec.containers[0].env[9]
path: spec.template.spec.containers[0].env[?(@.name == "SYSDIG_KUBECONFIG_CONTENT")]
- isSubset:
path: spec.template.spec.containers[0].env[9]
path: spec.template.spec.containers[0].env[?(@.name == "SYSDIG_KUBECONFIG_CONTENT")]
content:
name: SYSDIG_KUBECONFIG_CONTENT
valueFrom:
Expand All @@ -111,9 +111,9 @@ tests:
asserts:
- not: true
isEmpty:
path: spec.template.spec.containers[1].env[37]
path: spec.template.spec.containers[1].env[?(@.name == "ANALYZER_CACHE_REDIS_TTL")]
- isSubset:
path: spec.template.spec.containers[1].env[37]
path: spec.template.spec.containers[1].env[?(@.name == "ANALYZER_CACHE_REDIS_TTL")]
content:
name: ANALYZER_CACHE_REDIS_TTL
valueFrom:
Expand Down Expand Up @@ -146,7 +146,7 @@ tests:
- myOtherDockerSecretTwo
asserts:
- equal:
path: spec.template.spec.containers[0].env[15]
path: spec.template.spec.containers[0].env[?(@.name == "LOCAL_REGISTRY_SECRETS")]
value:
name: LOCAL_REGISTRY_SECRETS
valueFrom:
Expand All @@ -172,7 +172,7 @@ tests:
- myOtherDockerSecretTwo
asserts:
- equal:
path: spec.template.spec.containers[0].env[16]
path: spec.template.spec.containers[0].env[?(@.name == "EVE_ENABLED")]
value:
name: EVE_ENABLED
valueFrom:
Expand Down Expand Up @@ -328,17 +328,17 @@ tests:
asserts:
- not: true
isEmpty:
path: spec.template.spec.containers[0].env[2]
path: spec.template.spec.containers[0].env[?(@.name == "PPROF_PORT")]
- isSubset:
path: spec.template.spec.containers[0].env[2]
path: spec.template.spec.containers[0].env[?(@.name == "PPROF_PORT")]
content:
name: PPROF_PORT
value: "6060"
- not: true
isEmpty:
path: spec.template.spec.containers[1].env[2]
path: spec.template.spec.containers[1].env[?(@.name == "PPROF_PORT")]
- isSubset:
path: spec.template.spec.containers[1].env[2]
path: spec.template.spec.containers[1].env[?(@.name == "PPROF_PORT")]
content:
name: PPROF_PORT
value: "6061"
Expand All @@ -352,17 +352,17 @@ tests:
asserts:
- not: true
isEmpty:
path: spec.template.spec.containers[0].env[2]
path: spec.template.spec.containers[0].env[?(@.name == "PPROF_PORT")]
- isSubset:
path: spec.template.spec.containers[0].env[2]
path: spec.template.spec.containers[0].env[?(@.name == "PPROF_PORT")]
content:
name: PPROF_PORT
value: "1010"
- not: true
isEmpty:
path: spec.template.spec.containers[1].env[2]
path: spec.template.spec.containers[1].env[?(@.name == "PPROF_PORT")]
- isSubset:
path: spec.template.spec.containers[1].env[2]
path: spec.template.spec.containers[1].env[?(@.name == "PPROF_PORT")]
content:
name: PPROF_PORT
value: "666"
2 changes: 2 additions & 0 deletions charts/cluster-scanner/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,8 @@ global:
pullSecrets: []
# The pull policy for Cluster Scanner
pullPolicy: IfNotPresent
# Global HTTP Proxy settings.
proxy: {}

# Set the logging level to use, useful for troubleshooting. Valid values,
# sorted by increasing level of verbosity are: `PANIC`, `FATAL`, `ERROR`,
Expand Down
3 changes: 3 additions & 0 deletions charts/sysdig-deploy/CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used
exclusively to fix incorrect entries and not to add new ones.

## Change Log
# v1.19.0
### New Features
* **cluster-scanner** [f9db25eb](https://github.com/sysdiglabs/charts/commit/f9db25eb77d6f648adefbf01ad3df983c41ddf70): allow to configure http proxy ([#1302](https://github.com/sysdiglabs/charts/issues/1302))
# v1.18.1
### Chores
* **sysdig-deploy** [23e2c873](https://github.com/sysdiglabs/charts/commit/23e2c8737856d6c59842e042b27cf09c68ec6402): Automatic version bump due to updated dependencies ([#1306](https://github.com/sysdiglabs/charts/issues/1306))
Expand Down
4 changes: 2 additions & 2 deletions charts/sysdig-deploy/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v2
name: sysdig-deploy
description: A chart with various Sysdig components for Kubernetes
type: application
version: 1.18.1
version: 1.19.0
maintainers:
- name: AlbertoBarba
email: [email protected]
Expand Down Expand Up @@ -42,7 +42,7 @@ dependencies:
- name: cluster-scanner
# repository: https://charts.sysdig.com
repository: file://../cluster-scanner
version: ~0.4.1
version: ~0.5.0
alias: clusterScanner
condition: clusterScanner.enabled
- name: kspm-collector
Expand Down
6 changes: 3 additions & 3 deletions charts/sysdig-deploy/RELEASE-NOTES.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# What's Changed

### Chores
- **sysdig-deploy** [23e2c873](https://github.com/sysdiglabs/charts/commit/23e2c8737856d6c59842e042b27cf09c68ec6402): Automatic version bump due to updated dependencies ([#1306](https://github.com/sysdiglabs/charts/issues/1306))
#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.18.0...sysdig-deploy-1.18.1
### New Features
- **cluster-scanner** [f9db25eb](https://github.com/sysdiglabs/charts/commit/f9db25eb77d6f648adefbf01ad3df983c41ddf70): allow to configure http proxy ([#1302](https://github.com/sysdiglabs/charts/issues/1302))
#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.18.1...sysdig-deploy-1.19.0

0 comments on commit 2281cd5

Please sign in to comment.