From d86d3be1eb2ee7da6b135f5262457c6f70f98264 Mon Sep 17 00:00:00 2001 From: Adam Roberts Date: Wed, 13 Dec 2023 15:16:47 -0500 Subject: [PATCH 01/31] feat(agent): update the readiness probes to use localhost (#1530) --- charts/agent/Chart.yaml | 2 +- charts/agent/templates/daemonset.yaml | 1 + charts/agent/templates/deployment.yaml | 1 + charts/agent/tests/readiness_probe_test.yaml | 4 ++++ 4 files changed, 7 insertions(+), 1 deletion(-) diff --git a/charts/agent/Chart.yaml b/charts/agent/Chart.yaml index 37e2e1e20..482509259 100644 --- a/charts/agent/Chart.yaml +++ b/charts/agent/Chart.yaml @@ -30,4 +30,4 @@ sources: - https://app.sysdigcloud.com/#/settings/user - https://github.com/draios/sysdig type: application -version: 1.18.1 +version: 1.18.2 diff --git a/charts/agent/templates/daemonset.yaml b/charts/agent/templates/daemonset.yaml index 5025feea7..7e6c3eacf 100644 --- a/charts/agent/templates/daemonset.yaml +++ b/charts/agent/templates/daemonset.yaml @@ -221,6 +221,7 @@ spec: readinessProbe: {{- if eq (include "agent.enableHttpProbes" .) "true" }} httpGet: + host: 127.0.0.1 path: /healthz port: 24483 {{- else }} diff --git a/charts/agent/templates/deployment.yaml b/charts/agent/templates/deployment.yaml index 9f485bf2a..92e1d55df 100644 --- a/charts/agent/templates/deployment.yaml +++ b/charts/agent/templates/deployment.yaml @@ -105,6 +105,7 @@ spec: readinessProbe: {{- if eq (include "agent.enableHttpProbes" .) "true" }} httpGet: + host: 127.0.0.1 path: /healthz port: 24483 {{- else }} diff --git a/charts/agent/tests/readiness_probe_test.yaml b/charts/agent/tests/readiness_probe_test.yaml index a937eb8b3..ae850a0e4 100644 --- a/charts/agent/tests/readiness_probe_test.yaml +++ b/charts/agent/tests/readiness_probe_test.yaml @@ -12,6 +12,7 @@ tests: path: spec.template.spec.containers[0].readinessProbe value: httpGet: + host: 127.0.0.1 path: /healthz port: 24483 initialDelaySeconds: 90 @@ -26,6 +27,7 @@ tests: path: spec.template.spec.containers[0].readinessProbe value: httpGet: + host: 127.0.0.1 path: /healthz port: 24483 initialDelaySeconds: 90 @@ -90,6 +92,7 @@ tests: path: spec.template.spec.containers[0].readinessProbe value: httpGet: + host: 127.0.0.1 path: /healthz port: 24483 initialDelaySeconds: 90 @@ -105,6 +108,7 @@ tests: path: spec.template.spec.containers[0].readinessProbe value: httpGet: + host: 127.0.0.1 path: /healthz port: 24483 initialDelaySeconds: 90 From dd87968f5db1f51e0ae17438226de2162c61a329 Mon Sep 17 00:00:00 2001 From: draios-jenkins Date: Wed, 13 Dec 2023 20:18:03 +0000 Subject: [PATCH 02/31] github_actions_ci: Update CHANGELOG and RELEASE-NOTES for agent-1.18.2 --- charts/agent/CHANGELOG.md | 3 +++ charts/agent/RELEASE-NOTES.md | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/agent/CHANGELOG.md b/charts/agent/CHANGELOG.md index 51174ca5e..aa9e4e39c 100644 --- a/charts/agent/CHANGELOG.md +++ b/charts/agent/CHANGELOG.md @@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used exclusively to fix incorrect entries and not to add new ones. ## Change Log +# v1.18.2 +### New Features +* **agent** [d86d3be1](https://github.com/sysdiglabs/charts/commit/d86d3be1eb2ee7da6b135f5262457c6f70f98264): update the readiness probes to use localhost ([#1530](https://github.com/sysdiglabs/charts/issues/1530)) # v1.18.1 ### Bug Fixes * **agent** [74d90fca](https://github.com/sysdiglabs/charts/commit/74d90fcae6332638233fb3a959dd724b30d82989): ephemeral-storage on gke autopilot and slim enabled ([#1519](https://github.com/sysdiglabs/charts/issues/1519)) diff --git a/charts/agent/RELEASE-NOTES.md b/charts/agent/RELEASE-NOTES.md index 0ad472c29..2d8c1238c 100644 --- a/charts/agent/RELEASE-NOTES.md +++ b/charts/agent/RELEASE-NOTES.md @@ -1,5 +1,5 @@ # What's Changed -### Bug Fixes -- **agent** [74d90fca](https://github.com/sysdiglabs/charts/commit/74d90fcae6332638233fb3a959dd724b30d82989): ephemeral-storage on gke autopilot and slim enabled ([#1519](https://github.com/sysdiglabs/charts/issues/1519)) -#### Full diff: https://github.com/sysdiglabs/charts/compare/agent-1.18.0...agent-1.18.1 +### New Features +- **agent** [d86d3be1](https://github.com/sysdiglabs/charts/commit/d86d3be1eb2ee7da6b135f5262457c6f70f98264): update the readiness probes to use localhost ([#1530](https://github.com/sysdiglabs/charts/issues/1530)) +#### Full diff: https://github.com/sysdiglabs/charts/compare/agent-1.18.1...agent-1.18.2 From e6edc4449f2313c3835ed63d76b4fc734f66eb72 Mon Sep 17 00:00:00 2001 From: draios-jenkins Date: Wed, 13 Dec 2023 12:37:00 -0800 Subject: [PATCH 03/31] chore(sysdig-deploy): Automatic version bump due to updated dependencies (#1531) --- charts/sysdig-deploy/Chart.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/sysdig-deploy/Chart.yaml b/charts/sysdig-deploy/Chart.yaml index 70b7ac505..bfbea3431 100644 --- a/charts/sysdig-deploy/Chart.yaml +++ b/charts/sysdig-deploy/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: sysdig-deploy description: A chart with various Sysdig components for Kubernetes type: application -version: 1.34.0 +version: 1.34.1 maintainers: - name: AlbertoBarba email: alberto.barba@sysdig.com @@ -26,7 +26,7 @@ dependencies: - name: agent # repository: https://charts.sysdig.com repository: file://../agent - version: ~1.18.1 + version: ~1.18.2 alias: agent condition: agent.enabled - name: common From 969ee27aecea0ba2ad65b32fb5eb831982d44060 Mon Sep 17 00:00:00 2001 From: draios-jenkins Date: Wed, 13 Dec 2023 20:38:15 +0000 Subject: [PATCH 04/31] github_actions_ci: Update CHANGELOG and RELEASE-NOTES for sysdig-deploy-1.34.1 --- charts/sysdig-deploy/CHANGELOG.md | 3 +++ charts/sysdig-deploy/RELEASE-NOTES.md | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/sysdig-deploy/CHANGELOG.md b/charts/sysdig-deploy/CHANGELOG.md index d4efcee00..08398f213 100644 --- a/charts/sysdig-deploy/CHANGELOG.md +++ b/charts/sysdig-deploy/CHANGELOG.md @@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used exclusively to fix incorrect entries and not to add new ones. ## Change Log +# v1.34.1 +### Chores +* **sysdig-deploy** [e6edc444](https://github.com/sysdiglabs/charts/commit/e6edc4449f2313c3835ed63d76b4fc734f66eb72): Automatic version bump due to updated dependencies ([#1531](https://github.com/sysdiglabs/charts/issues/1531)) # v1.34.0 ### New Features * **node-analyzer** [c43ad629](https://github.com/sysdiglabs/charts/commit/c43ad6292b8538d65de2267cf0aba9d55067e7d4): In-USE (EVE) enabled by default ([#1501](https://github.com/sysdiglabs/charts/issues/1501)) diff --git a/charts/sysdig-deploy/RELEASE-NOTES.md b/charts/sysdig-deploy/RELEASE-NOTES.md index fc34a6f17..bcc63e7a8 100644 --- a/charts/sysdig-deploy/RELEASE-NOTES.md +++ b/charts/sysdig-deploy/RELEASE-NOTES.md @@ -1,5 +1,5 @@ # What's Changed -### New Features -- **node-analyzer** [c43ad629](https://github.com/sysdiglabs/charts/commit/c43ad6292b8538d65de2267cf0aba9d55067e7d4): In-USE (EVE) enabled by default ([#1501](https://github.com/sysdiglabs/charts/issues/1501)) -#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.33.3...sysdig-deploy-1.34.0 +### Chores +- **sysdig-deploy** [e6edc444](https://github.com/sysdiglabs/charts/commit/e6edc4449f2313c3835ed63d76b4fc734f66eb72): Automatic version bump due to updated dependencies ([#1531](https://github.com/sysdiglabs/charts/issues/1531)) +#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.34.0...sysdig-deploy-1.34.1 From d8e38523b3e94f0a6311bb5be8f5135e56d47f1c Mon Sep 17 00:00:00 2001 From: Francesco Furlan Date: Fri, 15 Dec 2023 10:19:27 +0100 Subject: [PATCH 05/31] fix(agent,sysdig-deploy): /var/data volume mount (#1532) --- charts/agent/Chart.yaml | 2 +- charts/agent/templates/daemonset.yaml | 10 ++++++++++ charts/agent/templates/deployment.yaml | 10 ++++++++++ charts/agent/tests/volumes_test.yaml | 17 +++++++++++++++++ charts/sysdig-deploy/Chart.yaml | 4 ++-- 5 files changed, 40 insertions(+), 3 deletions(-) diff --git a/charts/agent/Chart.yaml b/charts/agent/Chart.yaml index 482509259..0fb8d3645 100644 --- a/charts/agent/Chart.yaml +++ b/charts/agent/Chart.yaml @@ -30,4 +30,4 @@ sources: - https://app.sysdigcloud.com/#/settings/user - https://github.com/draios/sysdig type: application -version: 1.18.2 +version: 1.18.3 diff --git a/charts/agent/templates/daemonset.yaml b/charts/agent/templates/daemonset.yaml index 7e6c3eacf..b93e66bbc 100644 --- a/charts/agent/templates/daemonset.yaml +++ b/charts/agent/templates/daemonset.yaml @@ -282,6 +282,8 @@ spec: readOnly: true - mountPath: /host/var/lib name: varlib-vol + - mountPath: /host/var/data + name: vardata-vol - mountPath: /host/var/run name: varrun-vol {{- if (include "agent.ebpfEnabled" .) }} @@ -300,6 +302,8 @@ spec: readOnly: true - mountPath: /host/var/lib name: varlib-vol + - mountPath: /host/var/data + name: vardata-vol - mountPath: /host/var/run name: varrun-vol {{- if (include "agent.ebpfEnabled" .) }} @@ -425,6 +429,9 @@ spec: - name: varlib-vol hostPath: path: /var/lib + - name: vardata-vol + hostPath: + path: /var/data - name: varrun-vol hostPath: path: /var/run @@ -460,6 +467,9 @@ spec: - name: varlib-vol hostPath: path: /var/lib + - name: vardata-vol + hostPath: + path: /var/data {{- if (include "agent.ebpfEnabled" .) }} - name: bpf-probes emptyDir: {} diff --git a/charts/agent/templates/deployment.yaml b/charts/agent/templates/deployment.yaml index 92e1d55df..e924c534f 100644 --- a/charts/agent/templates/deployment.yaml +++ b/charts/agent/templates/deployment.yaml @@ -160,6 +160,8 @@ spec: readOnly: true - mountPath: /host/var/lib name: varlib-vol + - mountPath: /host/var/data + name: vardata-vol - mountPath: /host/run name: run-vol - mountPath: /host/var/run @@ -180,6 +182,8 @@ spec: readOnly: true - mountPath: /host/var/lib name: varlib-vol + - mountPath: /host/var/data + name: vardata-vol - mountPath: /host/run name: run-vol - mountPath: /host/var/run @@ -308,6 +312,9 @@ spec: - name: varlib-vol hostPath: path: /var/lib + - name: vardata-vol + hostPath: + path: /var/data - name: run-vol hostPath: path: /run @@ -331,6 +338,9 @@ spec: - name: varlib-vol hostPath: path: /var/lib + - name: vardata-vol + hostPath: + path: /var/data - name: run-vol hostPath: path: /run diff --git a/charts/agent/tests/volumes_test.yaml b/charts/agent/tests/volumes_test.yaml index 032297f42..6f7276bac 100644 --- a/charts/agent/tests/volumes_test.yaml +++ b/charts/agent/tests/volumes_test.yaml @@ -14,6 +14,23 @@ tests: templates: - daemonset.yaml + - it: Ensure /var/data host volume is mounted as /host/var/data in container + set: + sysdig: + accessKey: AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE + delegatedAgentDeployment: + enabled: true + asserts: + - equal: + path: spec.template.spec.containers[*].volumeMounts[?(@.name == "vardata-vol")].mountPath + value: /host/var/data + - equal: + path: spec.template.spec.volumes[?(@.name == "vardata-vol")].hostPath.path + value: /var/data + templates: + - daemonset.yaml + - deployment.yaml + - it: Ensure /var/lib host volume is mounted as /host/var/lib in container asserts: - equal: diff --git a/charts/sysdig-deploy/Chart.yaml b/charts/sysdig-deploy/Chart.yaml index bfbea3431..572139dc6 100644 --- a/charts/sysdig-deploy/Chart.yaml +++ b/charts/sysdig-deploy/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: sysdig-deploy description: A chart with various Sysdig components for Kubernetes type: application -version: 1.34.1 +version: 1.34.2 maintainers: - name: AlbertoBarba email: alberto.barba@sysdig.com @@ -26,7 +26,7 @@ dependencies: - name: agent # repository: https://charts.sysdig.com repository: file://../agent - version: ~1.18.2 + version: ~1.18.3 alias: agent condition: agent.enabled - name: common From 6f3de0713a8a69e583e5e2c5ae4188aacf1884ea Mon Sep 17 00:00:00 2001 From: draios-jenkins Date: Fri, 15 Dec 2023 09:20:51 +0000 Subject: [PATCH 06/31] github_actions_ci: Update CHANGELOG and RELEASE-NOTES for agent-1.18.3 --- charts/agent/CHANGELOG.md | 3 +++ charts/agent/RELEASE-NOTES.md | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/agent/CHANGELOG.md b/charts/agent/CHANGELOG.md index aa9e4e39c..bd74164c6 100644 --- a/charts/agent/CHANGELOG.md +++ b/charts/agent/CHANGELOG.md @@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used exclusively to fix incorrect entries and not to add new ones. ## Change Log +# v1.18.3 +### Bug Fixes +* **agent,sysdig-deploy** [d8e38523](https://github.com/sysdiglabs/charts/commit/d8e38523b3e94f0a6311bb5be8f5135e56d47f1c): /var/data volume mount ([#1532](https://github.com/sysdiglabs/charts/issues/1532)) # v1.18.2 ### New Features * **agent** [d86d3be1](https://github.com/sysdiglabs/charts/commit/d86d3be1eb2ee7da6b135f5262457c6f70f98264): update the readiness probes to use localhost ([#1530](https://github.com/sysdiglabs/charts/issues/1530)) diff --git a/charts/agent/RELEASE-NOTES.md b/charts/agent/RELEASE-NOTES.md index 2d8c1238c..982487028 100644 --- a/charts/agent/RELEASE-NOTES.md +++ b/charts/agent/RELEASE-NOTES.md @@ -1,5 +1,5 @@ # What's Changed -### New Features -- **agent** [d86d3be1](https://github.com/sysdiglabs/charts/commit/d86d3be1eb2ee7da6b135f5262457c6f70f98264): update the readiness probes to use localhost ([#1530](https://github.com/sysdiglabs/charts/issues/1530)) -#### Full diff: https://github.com/sysdiglabs/charts/compare/agent-1.18.1...agent-1.18.2 +### Bug Fixes +- **agent,sysdig-deploy** [d8e38523](https://github.com/sysdiglabs/charts/commit/d8e38523b3e94f0a6311bb5be8f5135e56d47f1c): /var/data volume mount ([#1532](https://github.com/sysdiglabs/charts/issues/1532)) +#### Full diff: https://github.com/sysdiglabs/charts/compare/agent-1.18.2...agent-1.18.3 From 93093af3f0db59fef43bcfe21e2f309f22e73e09 Mon Sep 17 00:00:00 2001 From: draios-jenkins Date: Fri, 15 Dec 2023 09:20:51 +0000 Subject: [PATCH 07/31] github_actions_ci: Update CHANGELOG and RELEASE-NOTES for sysdig-deploy-1.34.2 --- charts/sysdig-deploy/CHANGELOG.md | 3 +++ charts/sysdig-deploy/RELEASE-NOTES.md | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/sysdig-deploy/CHANGELOG.md b/charts/sysdig-deploy/CHANGELOG.md index 08398f213..d3b14bf43 100644 --- a/charts/sysdig-deploy/CHANGELOG.md +++ b/charts/sysdig-deploy/CHANGELOG.md @@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used exclusively to fix incorrect entries and not to add new ones. ## Change Log +# v1.34.2 +### Bug Fixes +* **agent,sysdig-deploy** [d8e38523](https://github.com/sysdiglabs/charts/commit/d8e38523b3e94f0a6311bb5be8f5135e56d47f1c): /var/data volume mount ([#1532](https://github.com/sysdiglabs/charts/issues/1532)) # v1.34.1 ### Chores * **sysdig-deploy** [e6edc444](https://github.com/sysdiglabs/charts/commit/e6edc4449f2313c3835ed63d76b4fc734f66eb72): Automatic version bump due to updated dependencies ([#1531](https://github.com/sysdiglabs/charts/issues/1531)) diff --git a/charts/sysdig-deploy/RELEASE-NOTES.md b/charts/sysdig-deploy/RELEASE-NOTES.md index bcc63e7a8..ba587f674 100644 --- a/charts/sysdig-deploy/RELEASE-NOTES.md +++ b/charts/sysdig-deploy/RELEASE-NOTES.md @@ -1,5 +1,5 @@ # What's Changed -### Chores -- **sysdig-deploy** [e6edc444](https://github.com/sysdiglabs/charts/commit/e6edc4449f2313c3835ed63d76b4fc734f66eb72): Automatic version bump due to updated dependencies ([#1531](https://github.com/sysdiglabs/charts/issues/1531)) -#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.34.0...sysdig-deploy-1.34.1 +### Bug Fixes +- **agent,sysdig-deploy** [d8e38523](https://github.com/sysdiglabs/charts/commit/d8e38523b3e94f0a6311bb5be8f5135e56d47f1c): /var/data volume mount ([#1532](https://github.com/sysdiglabs/charts/issues/1532)) +#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.34.1...sysdig-deploy-1.34.2 From dd5d9e9ada59c317039bfd4d64eeb1f3f211b05b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 15 Dec 2023 11:08:34 +0000 Subject: [PATCH 08/31] chore(deps): bump actions/upload-artifact and actions/download-artifact from 3 to 4 (#1534) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Francesco Furlan --- .github/workflows/release.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 04f987d43..63732d8d1 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -78,7 +78,7 @@ jobs: done - name: Stash changelog files - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: generated-changelogs path: | @@ -96,7 +96,7 @@ jobs: fetch-depth: 0 - name: Unstash generated changelogs - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4 with: name: generated-changelogs path: charts @@ -169,7 +169,7 @@ jobs: token: ${{ secrets.TOOLS_JENKINS_ADMIN_ACCESS_GITHUB_TOKEN }} - name: Unstash generated changelogs - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4 with: name: generated-changelogs path: charts From 9895cb002e359c36e857ea3e9dd867f34129aeef Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=81lvaro=20Iradier?= Date: Fri, 15 Dec 2023 13:05:30 +0100 Subject: [PATCH 09/31] chore(node-analyzer): Improve template to reflect eveEnabled settings in CM (#1536) Co-authored-by: Marco Vito Moscaritolo --- charts/node-analyzer/Chart.yaml | 2 +- .../templates/daemonset-node-analyzer.yaml | 2 - .../runtime-scanner-configmap.yaml | 20 ++++----- .../tests/runtimescanner_test.yaml | 43 +++++++++++++++++++ 4 files changed, 53 insertions(+), 14 deletions(-) diff --git a/charts/node-analyzer/Chart.yaml b/charts/node-analyzer/Chart.yaml index deb5d676a..2b417c2c3 100644 --- a/charts/node-analyzer/Chart.yaml +++ b/charts/node-analyzer/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: node-analyzer description: Sysdig Node Analyzer # currently matching Sysdig's appVersion 1.14.34 -version: 1.20.0 +version: 1.20.1 appVersion: 12.9.0 keywords: - monitoring diff --git a/charts/node-analyzer/templates/daemonset-node-analyzer.yaml b/charts/node-analyzer/templates/daemonset-node-analyzer.yaml index e64f57a2a..e7aac9dc4 100644 --- a/charts/node-analyzer/templates/daemonset-node-analyzer.yaml +++ b/charts/node-analyzer/templates/daemonset-node-analyzer.yaml @@ -712,7 +712,6 @@ spec: - name: "{{ $key }}" value: "{{ $value }}" {{- end }} - {{- if .Values.nodeAnalyzer.runtimeScanner.settings.eveEnabled }} - name: EVE_ENABLED valueFrom: configMapKeyRef: @@ -725,7 +724,6 @@ spec: name: {{ .Release.Name }}-runtime-scanner key: eve_integration_enabled optional: true - {{- end }} volumeMounts: # Needed for some IBM OpenShift clusters which symlink /var/run/containers/storage to contents of /var/data by default - mountPath: /var/data diff --git a/charts/node-analyzer/templates/runtimeScanner/runtime-scanner-configmap.yaml b/charts/node-analyzer/templates/runtimeScanner/runtime-scanner-configmap.yaml index 8fc75419b..e973aaa27 100644 --- a/charts/node-analyzer/templates/runtimeScanner/runtime-scanner-configmap.yaml +++ b/charts/node-analyzer/templates/runtimeScanner/runtime-scanner-configmap.yaml @@ -14,28 +14,26 @@ data: {{- end }} {{- if (.Values.nodeAnalyzer.runtimeScanner.httpProxy | default .Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy) }} http_proxy: {{ .Values.nodeAnalyzer.runtimeScanner.httpProxy | default .Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy }} - {{- end -}} + {{- end }} {{- if (.Values.nodeAnalyzer.runtimeScanner.httpsProxy | default .Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy) }} https_proxy: {{ .Values.nodeAnalyzer.runtimeScanner.httpsProxy | default .Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy }} - {{- end -}} + {{- end }} {{- if (.Values.nodeAnalyzer.runtimeScanner.noProxy | default .Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy) }} no_proxy: {{ .Values.nodeAnalyzer.runtimeScanner.noProxy | default .Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy }} - {{- end -}} - {{- if .Values.nodeAnalyzer.runtimeScanner.settings.eveEnabled }} - eve_enabled: "true" - eve_integration_enabled: "true" - {{- end -}} + {{- end }} + eve_enabled: {{ .Values.nodeAnalyzer.runtimeScanner.settings.eveEnabled | quote }} + eve_integration_enabled: {{ .Values.nodeAnalyzer.runtimeScanner.settings.eveEnabled | quote }} {{- if hasKey .Values.nodeAnalyzer.runtimeScanner "settings" }} prom_port: {{ .Values.nodeAnalyzer.runtimeScanner.settings.prometheusPort | default 25001 | quote }} - {{- end -}} + {{- end }} {{- if .Values.nodeAnalyzer.runtimeScanner.settings.maxImageSizeAllowed }} max_image_size_allowed: {{ .Values.nodeAnalyzer.runtimeScanner.settings.maxImageSizeAllowed | int64 | quote }} - {{- end -}} + {{- end }} {{- if .Values.nodeAnalyzer.runtimeScanner.settings.maxFileSizeAllowed }} analyzer.maxFileSizeAllowed: {{ .Values.nodeAnalyzer.runtimeScanner.settings.maxFileSizeAllowed | int64 | quote }} - {{- end -}} + {{- end }} {{- if .Values.nodeAnalyzer.runtimeScanner.settings.vulnerabilityDBVersion }} vuln_db_version: {{ .Values.nodeAnalyzer.runtimeScanner.settings.vulnerabilityDBVersion | quote }} - {{- end -}} + {{- end }} {{- end }} diff --git a/charts/node-analyzer/tests/runtimescanner_test.yaml b/charts/node-analyzer/tests/runtimescanner_test.yaml index d2d6e0b45..20595a74d 100644 --- a/charts/node-analyzer/tests/runtimescanner_test.yaml +++ b/charts/node-analyzer/tests/runtimescanner_test.yaml @@ -106,3 +106,46 @@ tests: - lengthEqual: path: spec.template.spec.containers count: 3 + + - it: "always expose the EVE_ENABLED and EVE_INTEGRATION_ENABLED variables when eveEnabled is not specified" + set: + nodeAnalyzer: + runtimeScanner: + deploy: true + templates: + - ../templates/daemonset-node-analyzer.yaml + asserts: + - isNotNull: + path: spec.template.spec.containers[?(@.name == "sysdig-runtime-scanner")].env[?(@.name == "EVE_ENABLED")] + - isNotNull: + path: spec.template.spec.containers[?(@.name == "sysdig-runtime-scanner")].env[?(@.name == "EVE_INTEGRATION_ENABLED")] + + - it: "always expose the EVE_ENABLED and EVE_INTEGRATION_ENABLED variables when eveEnabled is true" + set: + nodeAnalyzer: + runtimeScanner: + deploy: true + settings: + eveEnabled: true + templates: + - ../templates/daemonset-node-analyzer.yaml + asserts: + - isNotNull: + path: spec.template.spec.containers[?(@.name == "sysdig-runtime-scanner")].env[?(@.name == "EVE_ENABLED")] + - isNotNull: + path: spec.template.spec.containers[?(@.name == "sysdig-runtime-scanner")].env[?(@.name == "EVE_INTEGRATION_ENABLED")] + + - it: "always expose the EVE_ENABLED and EVE_INTEGRATION_ENABLED variables when eveEnabled is false" + set: + nodeAnalyzer: + runtimeScanner: + deploy: true + settings: + eveEnabled: false + templates: + - ../templates/daemonset-node-analyzer.yaml + asserts: + - isNotNull: + path: spec.template.spec.containers[?(@.name == "sysdig-runtime-scanner")].env[?(@.name == "EVE_ENABLED")] + - isNotNull: + path: spec.template.spec.containers[?(@.name == "sysdig-runtime-scanner")].env[?(@.name == "EVE_INTEGRATION_ENABLED")] From b88484d01eca813a3ec415a4a49aadab2f7669fa Mon Sep 17 00:00:00 2001 From: draios-jenkins Date: Fri, 15 Dec 2023 12:06:40 +0000 Subject: [PATCH 10/31] github_actions_ci: Update CHANGELOG and RELEASE-NOTES for node-analyzer-1.20.1 --- charts/node-analyzer/CHANGELOG.md | 3 +++ charts/node-analyzer/RELEASE-NOTES.md | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/node-analyzer/CHANGELOG.md b/charts/node-analyzer/CHANGELOG.md index ec10149e1..1d17ec8c8 100644 --- a/charts/node-analyzer/CHANGELOG.md +++ b/charts/node-analyzer/CHANGELOG.md @@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used exclusively to fix incorrect entries and not to add new ones. ## Change Log +# v1.20.1 +### Chores +* **node-analyzer** [9895cb00](https://github.com/sysdiglabs/charts/commit/9895cb002e359c36e857ea3e9dd867f34129aeef): Improve template to reflect eveEnabled settings in CM ([#1536](https://github.com/sysdiglabs/charts/issues/1536)) # v1.20.0 ### New Features * **node-analyzer** [c43ad629](https://github.com/sysdiglabs/charts/commit/c43ad6292b8538d65de2267cf0aba9d55067e7d4): In-USE (EVE) enabled by default ([#1501](https://github.com/sysdiglabs/charts/issues/1501)) diff --git a/charts/node-analyzer/RELEASE-NOTES.md b/charts/node-analyzer/RELEASE-NOTES.md index dda537dd2..6def1cf95 100644 --- a/charts/node-analyzer/RELEASE-NOTES.md +++ b/charts/node-analyzer/RELEASE-NOTES.md @@ -1,5 +1,5 @@ # What's Changed -### New Features -- **node-analyzer** [c43ad629](https://github.com/sysdiglabs/charts/commit/c43ad6292b8538d65de2267cf0aba9d55067e7d4): In-USE (EVE) enabled by default ([#1501](https://github.com/sysdiglabs/charts/issues/1501)) -#### Full diff: https://github.com/sysdiglabs/charts/compare/node-analyzer-1.19.2...node-analyzer-1.20.0 +### Chores +- **node-analyzer** [9895cb00](https://github.com/sysdiglabs/charts/commit/9895cb002e359c36e857ea3e9dd867f34129aeef): Improve template to reflect eveEnabled settings in CM ([#1536](https://github.com/sysdiglabs/charts/issues/1536)) +#### Full diff: https://github.com/sysdiglabs/charts/compare/node-analyzer-1.20.0...node-analyzer-1.20.1 From 50159c56652290050e244fa856226327fb2cfa3d Mon Sep 17 00:00:00 2001 From: draios-jenkins Date: Fri, 15 Dec 2023 04:26:09 -0800 Subject: [PATCH 11/31] chore(sysdig-deploy): Automatic version bump due to updated dependencies (#1537) --- charts/sysdig-deploy/Chart.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/sysdig-deploy/Chart.yaml b/charts/sysdig-deploy/Chart.yaml index 572139dc6..120a8110a 100644 --- a/charts/sysdig-deploy/Chart.yaml +++ b/charts/sysdig-deploy/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: sysdig-deploy description: A chart with various Sysdig components for Kubernetes type: application -version: 1.34.2 +version: 1.34.3 maintainers: - name: AlbertoBarba email: alberto.barba@sysdig.com @@ -36,7 +36,7 @@ dependencies: - name: node-analyzer # repository: https://charts.sysdig.com repository: file://../node-analyzer - version: ~1.20.0 + version: ~1.20.1 alias: nodeAnalyzer condition: nodeAnalyzer.enabled - name: cluster-scanner From 5f35dc9f6fb6443a2412a8e25cd9f5d1b4723c8e Mon Sep 17 00:00:00 2001 From: draios-jenkins Date: Fri, 15 Dec 2023 12:27:25 +0000 Subject: [PATCH 12/31] github_actions_ci: Update CHANGELOG and RELEASE-NOTES for sysdig-deploy-1.34.3 --- charts/sysdig-deploy/CHANGELOG.md | 3 +++ charts/sysdig-deploy/RELEASE-NOTES.md | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/sysdig-deploy/CHANGELOG.md b/charts/sysdig-deploy/CHANGELOG.md index d3b14bf43..4815805f5 100644 --- a/charts/sysdig-deploy/CHANGELOG.md +++ b/charts/sysdig-deploy/CHANGELOG.md @@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used exclusively to fix incorrect entries and not to add new ones. ## Change Log +# v1.34.3 +### Chores +* **sysdig-deploy** [50159c56](https://github.com/sysdiglabs/charts/commit/50159c56652290050e244fa856226327fb2cfa3d): Automatic version bump due to updated dependencies ([#1537](https://github.com/sysdiglabs/charts/issues/1537)) # v1.34.2 ### Bug Fixes * **agent,sysdig-deploy** [d8e38523](https://github.com/sysdiglabs/charts/commit/d8e38523b3e94f0a6311bb5be8f5135e56d47f1c): /var/data volume mount ([#1532](https://github.com/sysdiglabs/charts/issues/1532)) diff --git a/charts/sysdig-deploy/RELEASE-NOTES.md b/charts/sysdig-deploy/RELEASE-NOTES.md index ba587f674..5a60f22c9 100644 --- a/charts/sysdig-deploy/RELEASE-NOTES.md +++ b/charts/sysdig-deploy/RELEASE-NOTES.md @@ -1,5 +1,5 @@ # What's Changed -### Bug Fixes -- **agent,sysdig-deploy** [d8e38523](https://github.com/sysdiglabs/charts/commit/d8e38523b3e94f0a6311bb5be8f5135e56d47f1c): /var/data volume mount ([#1532](https://github.com/sysdiglabs/charts/issues/1532)) -#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.34.1...sysdig-deploy-1.34.2 +### Chores +- **sysdig-deploy** [50159c56](https://github.com/sysdiglabs/charts/commit/50159c56652290050e244fa856226327fb2cfa3d): Automatic version bump due to updated dependencies ([#1537](https://github.com/sysdiglabs/charts/issues/1537)) +#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.34.2...sysdig-deploy-1.34.3 From 809552f71f8b17b9f57a72dd6b659e959eaa4fe4 Mon Sep 17 00:00:00 2001 From: Alex V <43237245+a1ex-var1amov@users.noreply.github.com> Date: Fri, 15 Dec 2023 09:51:59 -0500 Subject: [PATCH 13/31] feat(node-analyzer): namespace variable for runtime-scanner and eve-connector (#1518) Co-authored-by: Alberto Barba --- charts/node-analyzer/Chart.yaml | 2 +- .../templates/runtimeScanner/eveconnector-api-configmap.yaml | 1 + .../templates/runtimeScanner/eveconnector-api-deployment.yaml | 1 + .../templates/runtimeScanner/eveconnector-api-service.yaml | 1 + .../templates/runtimeScanner/runtime-scanner-configmap.yaml | 1 + .../templates/runtimeScanner/sysdig-eve-secret.yaml | 1 + charts/sysdig-deploy/Chart.yaml | 4 ++-- 7 files changed, 8 insertions(+), 3 deletions(-) diff --git a/charts/node-analyzer/Chart.yaml b/charts/node-analyzer/Chart.yaml index 2b417c2c3..aa555b086 100644 --- a/charts/node-analyzer/Chart.yaml +++ b/charts/node-analyzer/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: node-analyzer description: Sysdig Node Analyzer # currently matching Sysdig's appVersion 1.14.34 -version: 1.20.1 +version: 1.20.2 appVersion: 12.9.0 keywords: - monitoring diff --git a/charts/node-analyzer/templates/runtimeScanner/eveconnector-api-configmap.yaml b/charts/node-analyzer/templates/runtimeScanner/eveconnector-api-configmap.yaml index a66dbdb8c..238880d5b 100644 --- a/charts/node-analyzer/templates/runtimeScanner/eveconnector-api-configmap.yaml +++ b/charts/node-analyzer/templates/runtimeScanner/eveconnector-api-configmap.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: {{ template "nodeAnalyzer.fullname" . }}-eveconnector + namespace: {{ include "nodeAnalyzer.namespace" . }} labels: {{ include "nodeAnalyzer.labels" . | indent 4 }} data: diff --git a/charts/node-analyzer/templates/runtimeScanner/eveconnector-api-deployment.yaml b/charts/node-analyzer/templates/runtimeScanner/eveconnector-api-deployment.yaml index 8bf09bdc8..4d73b9e5c 100644 --- a/charts/node-analyzer/templates/runtimeScanner/eveconnector-api-deployment.yaml +++ b/charts/node-analyzer/templates/runtimeScanner/eveconnector-api-deployment.yaml @@ -4,6 +4,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: {{ template "nodeAnalyzer.fullname" . }}-eveconnector-api + namespace: {{ include "nodeAnalyzer.namespace" . }} labels: app.kubernetes.io/name: {{ include "nodeAnalyzer.name" . }}-eveconnector {{ include "nodeAnalyzer.labels" . | indent 4 }} diff --git a/charts/node-analyzer/templates/runtimeScanner/eveconnector-api-service.yaml b/charts/node-analyzer/templates/runtimeScanner/eveconnector-api-service.yaml index bd59da35a..a0297940b 100644 --- a/charts/node-analyzer/templates/runtimeScanner/eveconnector-api-service.yaml +++ b/charts/node-analyzer/templates/runtimeScanner/eveconnector-api-service.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: Service metadata: name: {{ template "nodeAnalyzer.fullname" . }}-eveconnector + namespace: {{ include "nodeAnalyzer.namespace" . }} labels: app.kubernetes.io/name: {{ include "nodeAnalyzer.name" . }}-eveconnector {{ include "nodeAnalyzer.labels" . | indent 4 }} diff --git a/charts/node-analyzer/templates/runtimeScanner/runtime-scanner-configmap.yaml b/charts/node-analyzer/templates/runtimeScanner/runtime-scanner-configmap.yaml index e973aaa27..978c097b2 100644 --- a/charts/node-analyzer/templates/runtimeScanner/runtime-scanner-configmap.yaml +++ b/charts/node-analyzer/templates/runtimeScanner/runtime-scanner-configmap.yaml @@ -3,6 +3,7 @@ apiVersion: v1 kind: ConfigMap metadata: name: {{ .Release.Name }}-runtime-scanner + namespace: {{ include "nodeAnalyzer.namespace" . }} labels: {{ include "nodeAnalyzer.labels" . | indent 4 }} data: diff --git a/charts/node-analyzer/templates/runtimeScanner/sysdig-eve-secret.yaml b/charts/node-analyzer/templates/runtimeScanner/sysdig-eve-secret.yaml index 745b9f034..240fb9976 100644 --- a/charts/node-analyzer/templates/runtimeScanner/sysdig-eve-secret.yaml +++ b/charts/node-analyzer/templates/runtimeScanner/sysdig-eve-secret.yaml @@ -4,6 +4,7 @@ apiVersion: v1 kind: Secret metadata: name: sysdig-eve-secret + namespace: {{ include "nodeAnalyzer.namespace" . }} labels: {{ include "nodeAnalyzer.labels" . | indent 4 }} type: Opaque diff --git a/charts/sysdig-deploy/Chart.yaml b/charts/sysdig-deploy/Chart.yaml index 120a8110a..24d2565bb 100644 --- a/charts/sysdig-deploy/Chart.yaml +++ b/charts/sysdig-deploy/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: sysdig-deploy description: A chart with various Sysdig components for Kubernetes type: application -version: 1.34.3 +version: 1.34.4 maintainers: - name: AlbertoBarba email: alberto.barba@sysdig.com @@ -36,7 +36,7 @@ dependencies: - name: node-analyzer # repository: https://charts.sysdig.com repository: file://../node-analyzer - version: ~1.20.1 + version: ~1.20.2 alias: nodeAnalyzer condition: nodeAnalyzer.enabled - name: cluster-scanner From 42b92e3ebecffea0d0218ad9edbd854fc31952c9 Mon Sep 17 00:00:00 2001 From: draios-jenkins Date: Fri, 15 Dec 2023 14:53:22 +0000 Subject: [PATCH 14/31] github_actions_ci: Update CHANGELOG and RELEASE-NOTES for node-analyzer-1.20.2 --- charts/node-analyzer/CHANGELOG.md | 3 +++ charts/node-analyzer/RELEASE-NOTES.md | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/node-analyzer/CHANGELOG.md b/charts/node-analyzer/CHANGELOG.md index 1d17ec8c8..80d5533a7 100644 --- a/charts/node-analyzer/CHANGELOG.md +++ b/charts/node-analyzer/CHANGELOG.md @@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used exclusively to fix incorrect entries and not to add new ones. ## Change Log +# v1.20.2 +### New Features +* **node-analyzer** [809552f7](https://github.com/sysdiglabs/charts/commit/809552f71f8b17b9f57a72dd6b659e959eaa4fe4): namespace variable for runtime-scanner and eve-connector ([#1518](https://github.com/sysdiglabs/charts/issues/1518)) # v1.20.1 ### Chores * **node-analyzer** [9895cb00](https://github.com/sysdiglabs/charts/commit/9895cb002e359c36e857ea3e9dd867f34129aeef): Improve template to reflect eveEnabled settings in CM ([#1536](https://github.com/sysdiglabs/charts/issues/1536)) diff --git a/charts/node-analyzer/RELEASE-NOTES.md b/charts/node-analyzer/RELEASE-NOTES.md index 6def1cf95..79afb7cf4 100644 --- a/charts/node-analyzer/RELEASE-NOTES.md +++ b/charts/node-analyzer/RELEASE-NOTES.md @@ -1,5 +1,5 @@ # What's Changed -### Chores -- **node-analyzer** [9895cb00](https://github.com/sysdiglabs/charts/commit/9895cb002e359c36e857ea3e9dd867f34129aeef): Improve template to reflect eveEnabled settings in CM ([#1536](https://github.com/sysdiglabs/charts/issues/1536)) -#### Full diff: https://github.com/sysdiglabs/charts/compare/node-analyzer-1.20.0...node-analyzer-1.20.1 +### New Features +- **node-analyzer** [809552f7](https://github.com/sysdiglabs/charts/commit/809552f71f8b17b9f57a72dd6b659e959eaa4fe4): namespace variable for runtime-scanner and eve-connector ([#1518](https://github.com/sysdiglabs/charts/issues/1518)) +#### Full diff: https://github.com/sysdiglabs/charts/compare/node-analyzer-1.20.1...node-analyzer-1.20.2 From 9e4a5cabcc7b359ac2a6b0b39beaf2d3e5109698 Mon Sep 17 00:00:00 2001 From: draios-jenkins Date: Fri, 15 Dec 2023 14:53:22 +0000 Subject: [PATCH 15/31] github_actions_ci: Update CHANGELOG and RELEASE-NOTES for sysdig-deploy-1.34.4 --- charts/sysdig-deploy/CHANGELOG.md | 3 +++ charts/sysdig-deploy/RELEASE-NOTES.md | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/sysdig-deploy/CHANGELOG.md b/charts/sysdig-deploy/CHANGELOG.md index 4815805f5..1ddd56498 100644 --- a/charts/sysdig-deploy/CHANGELOG.md +++ b/charts/sysdig-deploy/CHANGELOG.md @@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used exclusively to fix incorrect entries and not to add new ones. ## Change Log +# v1.34.4 +### New Features +* **node-analyzer** [809552f7](https://github.com/sysdiglabs/charts/commit/809552f71f8b17b9f57a72dd6b659e959eaa4fe4): namespace variable for runtime-scanner and eve-connector ([#1518](https://github.com/sysdiglabs/charts/issues/1518)) # v1.34.3 ### Chores * **sysdig-deploy** [50159c56](https://github.com/sysdiglabs/charts/commit/50159c56652290050e244fa856226327fb2cfa3d): Automatic version bump due to updated dependencies ([#1537](https://github.com/sysdiglabs/charts/issues/1537)) diff --git a/charts/sysdig-deploy/RELEASE-NOTES.md b/charts/sysdig-deploy/RELEASE-NOTES.md index 5a60f22c9..a4abc994a 100644 --- a/charts/sysdig-deploy/RELEASE-NOTES.md +++ b/charts/sysdig-deploy/RELEASE-NOTES.md @@ -1,5 +1,5 @@ # What's Changed -### Chores -- **sysdig-deploy** [50159c56](https://github.com/sysdiglabs/charts/commit/50159c56652290050e244fa856226327fb2cfa3d): Automatic version bump due to updated dependencies ([#1537](https://github.com/sysdiglabs/charts/issues/1537)) -#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.34.2...sysdig-deploy-1.34.3 +### New Features +- **node-analyzer** [809552f7](https://github.com/sysdiglabs/charts/commit/809552f71f8b17b9f57a72dd6b659e959eaa4fe4): namespace variable for runtime-scanner and eve-connector ([#1518](https://github.com/sysdiglabs/charts/issues/1518)) +#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.34.3...sysdig-deploy-1.34.4 From 7019a94176feca81f12b5458788bd62d5d8316a5 Mon Sep 17 00:00:00 2001 From: Vittorio Camisa <6241450+ProvoK@users.noreply.github.com> Date: Mon, 18 Dec 2023 08:42:25 +0100 Subject: [PATCH 16/31] fix(nodeAnalyzer): deamonset not being rollout after configuration changes (#1533) Extended Changelog: * Fix node-analyzer daemonset rollout not triggered by a change in configuration Co-authored-by: Marco Vito Moscaritolo --- charts/node-analyzer/Chart.yaml | 2 +- .../templates/daemonset-node-analyzer.yaml | 18 ++++- .../node-analyzer/tests/agent_tags_test.yaml | 15 ++++ .../node-analyzer/tests/annotations_test.yaml | 71 +++++++++++++++++-- charts/node-analyzer/tests/ca_cert_test.yaml | 21 ++++++ .../tests/conditional_flag_test.yaml | 55 +++++++++++++- .../tests/daemonset_affinity_test.yaml | 21 +++++- .../tests/daemonset_update_strategy_test.yaml | 14 ++++ .../tests/default_required_values.yaml | 3 + .../tests/global_overrides_test.yaml | 13 ++++ .../tests/golden_template_test.yaml | 13 ++++ .../node-analyzer/tests/hostscanner_test.yaml | 32 ++++++--- charts/node-analyzer/tests/label_test.yaml | 25 +++++++ .../tests/priorityclass_test.yaml | 12 ++++ charts/node-analyzer/tests/psp_test.yaml | 21 ++++++ .../tests/runtimescanner_test.yaml | 35 +++++++-- charts/sysdig-deploy/Chart.yaml | 4 +- .../tests/golden_template_test.yaml | 11 +++ 18 files changed, 357 insertions(+), 29 deletions(-) create mode 100644 charts/node-analyzer/tests/default_required_values.yaml diff --git a/charts/node-analyzer/Chart.yaml b/charts/node-analyzer/Chart.yaml index aa555b086..21da53110 100644 --- a/charts/node-analyzer/Chart.yaml +++ b/charts/node-analyzer/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: node-analyzer description: Sysdig Node Analyzer # currently matching Sysdig's appVersion 1.14.34 -version: 1.20.2 +version: 1.20.3 appVersion: 12.9.0 keywords: - monitoring diff --git a/charts/node-analyzer/templates/daemonset-node-analyzer.yaml b/charts/node-analyzer/templates/daemonset-node-analyzer.yaml index e7aac9dc4..9598a815b 100644 --- a/charts/node-analyzer/templates/daemonset-node-analyzer.yaml +++ b/charts/node-analyzer/templates/daemonset-node-analyzer.yaml @@ -28,8 +28,24 @@ spec: app.kubernetes.io/name: {{ include "nodeAnalyzer.name" . }} {{ include "daemonset.labels" . | indent 8 }} {{ include "nodeAnalyzer.labels" . | indent 8 }} -{{- if .Values.daemonset.annotations }} annotations: + checksum/config-benchmark: {{ include (print $.Template.BasePath "/configmap-benchmark-runner.yaml") . | sha256sum | quote }} + checksum/config-host-analyzer: {{ include (print $.Template.BasePath "/configmap-host-analyzer.yaml") . | sha256sum | quote }} + checksum/config-image-analyzer: {{ include (print $.Template.BasePath "/configmap-image-analyzer.yaml") . | sha256sum | quote }} + {{- if and .Values.nodeAnalyzer.deploy (not .Values.gke.autopilot) (include "nodeAnalyzer.deployHostScanner" .) }} + checksum/config-host-scanner: {{ include (print $.Template.BasePath "/configmap-host-scanner.yaml") . | sha256sum | quote }} + {{- end }} + {{- if .Values.global.kspm.deploy }} + checksum/config-kspm-analyzer: {{ include (print $.Template.BasePath "/configmap-kspm-analyzer.yaml") . | sha256sum | quote }} + {{- end }} + {{- if include "nodeAnalyzer.deployRuntimeScanner" . }} + checksum/config-runtime-scanner: {{ include (print $.Template.BasePath "/runtimeScanner/runtime-scanner-configmap.yaml") . | sha256sum | quote }} + {{- end }} + checksum/secret: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum | quote }} + checksum/clusterrole: {{ include (print $.Template.BasePath "/clusterrole-node-analyzer.yaml") . | sha256sum | quote }} + checksum/clusterrolebinding: {{ include (print $.Template.BasePath "/clusterrolebinding-node-analyzer.yaml") . | sha256sum | quote }} + checksum/serviceaccount: {{ include (print $.Template.BasePath "/serviceaccount-node-analyzer.yaml") . | sha256sum | quote }} +{{- if .Values.daemonset.annotations }} {{ toYaml .Values.daemonset.annotations | nindent 8 }} {{- end }} spec: diff --git a/charts/node-analyzer/tests/agent_tags_test.yaml b/charts/node-analyzer/tests/agent_tags_test.yaml index e33d8976f..bf6db0c6a 100644 --- a/charts/node-analyzer/tests/agent_tags_test.yaml +++ b/charts/node-analyzer/tests/agent_tags_test.yaml @@ -1,6 +1,19 @@ suite: Test node-analyzer Agent Tags templates: - daemonset-node-analyzer.yaml + # For checksums + - clusterrole-node-analyzer.yaml + - clusterrolebinding-node-analyzer.yaml + - configmap-benchmark-runner.yaml + - configmap-host-analyzer.yaml + - configmap-host-scanner.yaml + - configmap-image-analyzer.yaml + - configmap-kspm-analyzer.yaml + - secrets.yaml + - serviceaccount-node-analyzer.yaml +values: + - ./default_required_values.yaml + tests: - it: Check agent tags are set from global.settings.tags set: @@ -10,6 +23,7 @@ tests: tag: value kspm: deploy: true + clusterName: "test" asserts: - contains: path: spec.template.spec.containers[0].env @@ -23,6 +37,7 @@ tests: global: kspm: deploy: true + clusterName: "test" asserts: - notContains: path: spec.template.spec.containers[0].env diff --git a/charts/node-analyzer/tests/annotations_test.yaml b/charts/node-analyzer/tests/annotations_test.yaml index 4f195f850..d7580d1a1 100644 --- a/charts/node-analyzer/tests/annotations_test.yaml +++ b/charts/node-analyzer/tests/annotations_test.yaml @@ -1,13 +1,24 @@ suite: Test specifying annotations to the Node Analyzer DaemonSet templates: - - templates/daemonset-node-analyzer.yaml -tests: - - it: Test no annotations by default - asserts: - - isNull: - path: template.metadata.annotations + - daemonset-node-analyzer.yaml + # For checksums + - clusterrole-node-analyzer.yaml + - clusterrolebinding-node-analyzer.yaml + - configmap-benchmark-runner.yaml + - configmap-host-analyzer.yaml + - configmap-host-scanner.yaml + - configmap-image-analyzer.yaml + - configmap-kspm-analyzer.yaml + - secrets.yaml + - serviceaccount-node-analyzer.yaml + - runtimeScanner/runtime-scanner-configmap.yaml +values: + - ./default_required_values.yaml - - it: Test annotations are added as expected +tests: + - it: Test additional annotations are added as expected + templates: + - daemonset-node-analyzer.yaml set: daemonset: annotations: @@ -16,3 +27,49 @@ tests: - equal: path: spec.template.metadata.annotations['super'] value: annotation + - it: Test checksum annotations + templates: + - daemonset-node-analyzer.yaml + asserts: + - isNotEmpty: + path: spec.template.metadata.annotations['checksum/config-benchmark'] + - isNotEmpty: + path: spec.template.metadata.annotations['checksum/config-host-analyzer'] + - isNotEmpty: + path: spec.template.metadata.annotations['checksum/config-image-analyzer'] + - isNotEmpty: + path: spec.template.metadata.annotations['checksum/secret'] + - isNotEmpty: + path: spec.template.metadata.annotations['checksum/clusterrole'] + - isNotEmpty: + path: spec.template.metadata.annotations['checksum/clusterrolebinding'] + - isNotEmpty: + path: spec.template.metadata.annotations['checksum/serviceaccount'] + # NOTE: not enabled with default config + - notExists: + path: spec.template.metadata.annotations['checksum/config-host-scanner'] + - notExists: + path: spec.template.metadata.annotations['checksum/config-runtime-scanner'] + - notExists: + path: spec.template.metadata.annotations['checksum/config-kspm-analyzer'] + - it: Test checksum annotations for new scanning engine + templates: + - daemonset-node-analyzer.yaml + set: + secure: + vulnerabilityManagement: + newEngineOnly: true + global: + clusterConfig: + name: "test" + sysdig: + accessKey: "AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE" + asserts: + - hasDocuments: + count: 1 + - isNotEmpty: + path: spec.template.metadata.annotations['checksum/clusterrole'] + - isNotEmpty: + path: spec.template.metadata.annotations['checksum/config-host-scanner'] + - isNotEmpty: + path: spec.template.metadata.annotations['checksum/config-runtime-scanner'] diff --git a/charts/node-analyzer/tests/ca_cert_test.yaml b/charts/node-analyzer/tests/ca_cert_test.yaml index fa08892c1..69fa2ba21 100644 --- a/charts/node-analyzer/tests/ca_cert_test.yaml +++ b/charts/node-analyzer/tests/ca_cert_test.yaml @@ -5,6 +5,19 @@ templates: - runtimeScanner/eveconnector-api-deployment.yaml - runtimeScanner/sysdig-eve-secret.yaml - runtimeScanner/eveconnector-api-configmap.yaml + # For checksums + - clusterrole-node-analyzer.yaml + - clusterrolebinding-node-analyzer.yaml + - configmap-benchmark-runner.yaml + - configmap-host-analyzer.yaml + - configmap-host-scanner.yaml + - configmap-image-analyzer.yaml + - configmap-kspm-analyzer.yaml + - serviceaccount-node-analyzer.yaml + - runtimeScanner/runtime-scanner-configmap.yaml +values: + - ./default_required_values.yaml + tests: - it: Checking node-analyzer CA Cert Secret set: @@ -13,6 +26,9 @@ tests: secure: vulnerabilityManagement: newEngineOnly: true + global: + clusterConfig: + name: "test" sysdig: accessKey: AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE nodeAnalyzer: @@ -40,6 +56,9 @@ tests: secure: vulnerabilityManagement: newEngineOnly: true + global: + clusterConfig: + name: "test" sysdig: accessKey: AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE nodeAnalyzer: @@ -108,6 +127,8 @@ tests: vulnerabilityManagement: newEngineOnly: true global: + clusterConfig: + name: "test" kspm: deploy: false ssl: diff --git a/charts/node-analyzer/tests/conditional_flag_test.yaml b/charts/node-analyzer/tests/conditional_flag_test.yaml index ac868d7df..315bc8134 100644 --- a/charts/node-analyzer/tests/conditional_flag_test.yaml +++ b/charts/node-analyzer/tests/conditional_flag_test.yaml @@ -6,10 +6,23 @@ templates: - runtimeScanner/eveconnector-api-service.yaml - runtimeScanner/eveconnector-api-deployment.yaml - runtimeScanner/sysdig-eve-secret.yaml + # For checksums + - clusterrole-node-analyzer.yaml + - clusterrolebinding-node-analyzer.yaml + - configmap-benchmark-runner.yaml + - configmap-host-analyzer.yaml + - configmap-host-scanner.yaml + - configmap-image-analyzer.yaml + - secrets.yaml + - serviceaccount-node-analyzer.yaml + - runtimeScanner/runtime-scanner-configmap.yaml + tests: - it: Check global kspm deploy set: global: + sysdig: + accessKey: "AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE" kspm: deploy: true clusterName: test-cluster @@ -23,6 +36,8 @@ tests: - it: Check hostPID is true if global.kspm.deploy is true set: global: + sysdig: + accessKey: "AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE" kspm: deploy: true clusterName: test-cluster @@ -34,6 +49,9 @@ tests: - it: Check hostPID is true if nodeAnalyzer.benchmarkRunner.deploy is true set: + global: + sysdig: + accessKey: "AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE" nodeAnalyzer: benchmarkRunner: deploy: true @@ -45,17 +63,23 @@ tests: value: true - it: Check global kspm deploy without clusterName + templates: + - daemonset-node-analyzer.yaml set: global: kspm: deploy: true - template: configmap-kspm-analyzer.yaml + sysdig: + accessKey: "AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE" asserts: - failedTemplate: errorMessage: "A valid clusterName is required" - it: Check nodeAnalyzer imageAnalyzer deploy set: + global: + sysdig: + accessKey: "AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE" nodeAnalyzer: imageAnalyzer: deploy: true @@ -70,6 +94,9 @@ tests: - it: Check nodeAnalyzer hostAnalyzer deploy set: + global: + sysdig: + accessKey: "AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE" nodeAnalyzer: hostAnalyzer: deploy: true @@ -84,6 +111,9 @@ tests: - it: Check nodeAnalyzer benchmarkRunner deploy set: + global: + sysdig: + accessKey: "AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE" nodeAnalyzer: benchmarkRunner: deploy: true @@ -98,6 +128,11 @@ tests: - it: Check nodeAnalyzer runtimeScanner deploy set: + global: + clusterConfig: + name: "test" + sysdig: + accessKey: "AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE" nodeAnalyzer: runtimeScanner: deploy: true @@ -112,6 +147,9 @@ tests: - it: Check nodeAnalyzer runtimeScanner eveConnector deploy set: + global: + sysdig: + accessKey: "AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE" nodeAnalyzer: runtimeScanner: deploy: true @@ -141,6 +179,9 @@ tests: - it: Check nodeAnalyzer imageAnalyzer deploy set to false set: + global: + sysdig: + accessKey: "AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE" nodeAnalyzer: imageAnalyzer: deploy: false @@ -155,6 +196,9 @@ tests: - it: Check nodeAnalyzer hostAnalyzer deploy set to false set: + global: + sysdig: + accessKey: "AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE" nodeAnalyzer: hostAnalyzer: deploy: false @@ -169,6 +213,9 @@ tests: - it: Check nodeAnalyzer benchmarkRunner deploy set to false set: + global: + sysdig: + accessKey: "AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE" nodeAnalyzer: benchmarkRunner: deploy: false @@ -183,6 +230,9 @@ tests: - it: Check nodeAnalyzer runtimeScanner deploy set to false set: + global: + sysdig: + accessKey: "AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE" nodeAnalyzer: runtimeScanner: deploy: false @@ -197,6 +247,9 @@ tests: - it: Check nodeAnalyzer runtimeScanner EVE_INTEGRATION_ENABLED is true even if eveConnector deploy set to false set: + global: + sysdig: + accessKey: "AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE" nodeAnalyzer: runtimeScanner: deploy: true diff --git a/charts/node-analyzer/tests/daemonset_affinity_test.yaml b/charts/node-analyzer/tests/daemonset_affinity_test.yaml index 8336f5cc3..90f4f7ea4 100644 --- a/charts/node-analyzer/tests/daemonset_affinity_test.yaml +++ b/charts/node-analyzer/tests/daemonset_affinity_test.yaml @@ -1,11 +1,26 @@ suite: Test specifying affinity settings on the Node Analyzer DaemonSet templates: - - templates/daemonset-node-analyzer.yaml + - daemonset-node-analyzer.yaml + # For checksums + - clusterrole-node-analyzer.yaml + - clusterrolebinding-node-analyzer.yaml + - configmap-benchmark-runner.yaml + - configmap-host-analyzer.yaml + - configmap-host-scanner.yaml + - configmap-image-analyzer.yaml + - configmap-kspm-analyzer.yaml + - secrets.yaml + - serviceaccount-node-analyzer.yaml + - runtimeScanner/runtime-scanner-configmap.yaml +values: + - ./default_required_values.yaml tests: - it: Test the default affinity annotations (<1.14) capabilities: majorVersion: '1' minorVersion: '13' + templates: + - daemonset-node-analyzer.yaml asserts: - equal: path: spec.template.spec['affinity'] @@ -28,6 +43,8 @@ tests: capabilities: majorVersion: '1' minorVersion: '14' + templates: + - daemonset-node-analyzer.yaml asserts: - equal: path: spec.template.spec['affinity'] @@ -47,6 +64,8 @@ tests: - linux - it: Test adding custom affinity settings + templates: + - daemonset-node-analyzer.yaml set: nodeAnalyzer: affinity: diff --git a/charts/node-analyzer/tests/daemonset_update_strategy_test.yaml b/charts/node-analyzer/tests/daemonset_update_strategy_test.yaml index 24380cc78..eef787ae8 100644 --- a/charts/node-analyzer/tests/daemonset_update_strategy_test.yaml +++ b/charts/node-analyzer/tests/daemonset_update_strategy_test.yaml @@ -1,6 +1,18 @@ suite: Test Daemonset Update Strategy templates: - templates/daemonset-node-analyzer.yaml + # For checksums + - clusterrole-node-analyzer.yaml + - clusterrolebinding-node-analyzer.yaml + - configmap-benchmark-runner.yaml + - configmap-host-analyzer.yaml + - configmap-host-scanner.yaml + - configmap-image-analyzer.yaml + - configmap-kspm-analyzer.yaml + - secrets.yaml + - serviceaccount-node-analyzer.yaml +values: + - ./default_required_values.yaml tests: - it: set default updateStrategy asserts: @@ -48,3 +60,5 @@ tests: maxSurge: 1 maxUnavailable: 2 type: RollingUpdate + templates: + - templates/daemonset-node-analyzer.yaml diff --git a/charts/node-analyzer/tests/default_required_values.yaml b/charts/node-analyzer/tests/default_required_values.yaml new file mode 100644 index 000000000..efbe18e23 --- /dev/null +++ b/charts/node-analyzer/tests/default_required_values.yaml @@ -0,0 +1,3 @@ +global: + sysdig: + accessKey: "AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE" diff --git a/charts/node-analyzer/tests/global_overrides_test.yaml b/charts/node-analyzer/tests/global_overrides_test.yaml index 562dac9bc..e9cea2986 100644 --- a/charts/node-analyzer/tests/global_overrides_test.yaml +++ b/charts/node-analyzer/tests/global_overrides_test.yaml @@ -5,6 +5,19 @@ templates: - runtimeScanner/eveconnector-api-deployment.yaml - runtimeScanner/eveconnector-api-configmap.yaml - runtimeScanner/sysdig-eve-secret.yaml + # For checksums + - clusterrole-node-analyzer.yaml + - clusterrolebinding-node-analyzer.yaml + - configmap-benchmark-runner.yaml + - configmap-host-analyzer.yaml + - configmap-host-scanner.yaml + - configmap-image-analyzer.yaml + - configmap-kspm-analyzer.yaml + - serviceaccount-node-analyzer.yaml + - runtimeScanner/runtime-scanner-configmap.yaml +values: + - ./default_required_values.yaml + tests: - it: check value of accessKey without local chart override - local value provided set: diff --git a/charts/node-analyzer/tests/golden_template_test.yaml b/charts/node-analyzer/tests/golden_template_test.yaml index fcc901375..21b051c9b 100644 --- a/charts/node-analyzer/tests/golden_template_test.yaml +++ b/charts/node-analyzer/tests/golden_template_test.yaml @@ -2,6 +2,19 @@ suite: Testing pre-generated values and best-known edge cases templates: - daemonset-node-analyzer.yaml - configmap-benchmark-runner.yaml + # For checksums + - clusterrole-node-analyzer.yaml + - clusterrolebinding-node-analyzer.yaml + - configmap-benchmark-runner.yaml + - configmap-host-analyzer.yaml + - configmap-host-scanner.yaml + - configmap-image-analyzer.yaml + - configmap-kspm-analyzer.yaml + - secrets.yaml + - serviceaccount-node-analyzer.yaml +values: + - ./default_required_values.yaml + tests: - it: Testing node-analyzer deployed set: diff --git a/charts/node-analyzer/tests/hostscanner_test.yaml b/charts/node-analyzer/tests/hostscanner_test.yaml index 57d227a3f..410146b43 100644 --- a/charts/node-analyzer/tests/hostscanner_test.yaml +++ b/charts/node-analyzer/tests/hostscanner_test.yaml @@ -2,15 +2,26 @@ # Run "helm unittest -3 -f ./tests/hostscanner_test.yaml ." from within the `charts/node-analyzer` folder suite: Test HostScanner configuration templates: - - ../templates/daemonset-node-analyzer.yaml - - ../templates/configmap-host-scanner.yaml + - daemonset-node-analyzer.yaml + - configmap-host-scanner.yaml + - clusterrole-node-analyzer.yaml + - clusterrolebinding-node-analyzer.yaml + - configmap-benchmark-runner.yaml + - configmap-host-analyzer.yaml + - configmap-host-scanner.yaml + - configmap-image-analyzer.yaml + - configmap-kspm-analyzer.yaml + - secrets.yaml + - serviceaccount-node-analyzer.yaml + - runtimeScanner/runtime-scanner-configmap.yaml values: + - ./default_required_values.yaml - ../values.yaml tests: - it: "HS not deployed by default" templates: - - ../templates/daemonset-node-analyzer.yaml + - daemonset-node-analyzer.yaml asserts: - isKind: of: DaemonSet @@ -31,7 +42,7 @@ tests: clusterName: "test" secure.vulnerabilityManagement.newEngineOnly: true templates: - - ../templates/daemonset-node-analyzer.yaml + - daemonset-node-analyzer.yaml asserts: - isKind: of: DaemonSet @@ -53,7 +64,7 @@ tests: secure.vulnerabilityManagement.newEngineOnly: true nodeAnalyzer.hostScanner.deploy: true templates: - - ../templates/daemonset-node-analyzer.yaml + - daemonset-node-analyzer.yaml asserts: - isKind: of: DaemonSet @@ -73,8 +84,9 @@ tests: set: secure.vulnerabilityManagement.newEngineOnly: true nodeAnalyzer.hostScanner.deploy: false + global.clusterConfig.name: "test" templates: - - ../templates/daemonset-node-analyzer.yaml + - daemonset-node-analyzer.yaml asserts: - isKind: of: DaemonSet @@ -92,7 +104,7 @@ tests: clusterName: "test" nodeAnalyzer.hostScanner.deploy: true templates: - - ../templates/daemonset-node-analyzer.yaml + - daemonset-node-analyzer.yaml asserts: - isKind: of: DaemonSet @@ -115,7 +127,7 @@ tests: set: nodeAnalyzer.hostScanner.deploy: false templates: - - ../templates/daemonset-node-analyzer.yaml + - daemonset-node-analyzer.yaml asserts: - isKind: of: DaemonSet @@ -138,7 +150,7 @@ tests: nodeAnalyzer.hostScanner.additionalDirsToScan: "/hello,/world" nodeAnalyzer.hostScanner.deploy: true templates: - - ../templates/configmap-host-scanner.yaml + - configmap-host-scanner.yaml asserts: - isKind: of: ConfigMap @@ -150,7 +162,7 @@ tests: clusterName: "test" nodeAnalyzer.hostScanner.deploy: true templates: - - ../templates/configmap-host-scanner.yaml + - configmap-host-scanner.yaml asserts: - isKind: of: ConfigMap diff --git a/charts/node-analyzer/tests/label_test.yaml b/charts/node-analyzer/tests/label_test.yaml index 3d8880eab..dac08d1fa 100644 --- a/charts/node-analyzer/tests/label_test.yaml +++ b/charts/node-analyzer/tests/label_test.yaml @@ -1,8 +1,23 @@ suite: Testing if labels are applied correctly templates: - daemonset-node-analyzer.yaml + # For checksums + - clusterrole-node-analyzer.yaml + - clusterrolebinding-node-analyzer.yaml + - configmap-benchmark-runner.yaml + - configmap-host-analyzer.yaml + - configmap-host-scanner.yaml + - configmap-image-analyzer.yaml + - configmap-kspm-analyzer.yaml + - secrets.yaml + - serviceaccount-node-analyzer.yaml +values: + - ./default_required_values.yaml + tests: - it: check application of node-analyzer labels example 1 + templates: + - daemonset-node-analyzer.yaml set: sysdig: accessKey: AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE @@ -16,6 +31,8 @@ tests: path: metadata.labels['my.label/key2'] value: testlabel2 - it: check application of node-analyzer example 2 + templates: + - daemonset-node-analyzer.yaml set: sysdig: accessKey: AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE @@ -31,6 +48,8 @@ tests: path: metadata.labels['my.label/key2'] value: testlabel2 - it: check application of node-analyzer labels example 3 + templates: + - daemonset-node-analyzer.yaml set: sysdig: accessKey: AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE @@ -46,6 +65,8 @@ tests: path: metadata.labels['my.label/version'] value: 2.7.3 - it: check application of correct node-analyzer labels with value of label empty + templates: + - daemonset-node-analyzer.yaml set: sysdig: accessKey: AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE @@ -56,6 +77,8 @@ tests: path: metadata.labels['my.label/key1'] value: - it: check application of incorrect node-analyzer labels with yaml + templates: + - daemonset-node-analyzer.yaml set: sysdig: accessKey: AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE @@ -65,6 +88,8 @@ tests: - failedTemplate: errorMessage: "daemonset.label does not seem to be of the type key:[space]value" - it: check application of incorrect node-analyzer labels with yaml key is empty + templates: + - daemonset-node-analyzer.yaml set: sysdig: accessKey: AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE diff --git a/charts/node-analyzer/tests/priorityclass_test.yaml b/charts/node-analyzer/tests/priorityclass_test.yaml index f9b102b00..aabdbc1a0 100644 --- a/charts/node-analyzer/tests/priorityclass_test.yaml +++ b/charts/node-analyzer/tests/priorityclass_test.yaml @@ -2,6 +2,18 @@ suite: Node Analyzer PriorityClass tests templates: - templates/daemonset-node-analyzer.yaml - templates/priorityclass.yaml + # For checksums + - clusterrole-node-analyzer.yaml + - clusterrolebinding-node-analyzer.yaml + - configmap-benchmark-runner.yaml + - configmap-host-analyzer.yaml + - configmap-host-scanner.yaml + - configmap-image-analyzer.yaml + - configmap-kspm-analyzer.yaml + - secrets.yaml + - serviceaccount-node-analyzer.yaml +values: + - ./default_required_values.yaml tests: - it: Check PriorityClass limits are correctly set set: diff --git a/charts/node-analyzer/tests/psp_test.yaml b/charts/node-analyzer/tests/psp_test.yaml index 5df49ca83..35be310ba 100644 --- a/charts/node-analyzer/tests/psp_test.yaml +++ b/charts/node-analyzer/tests/psp_test.yaml @@ -1,8 +1,23 @@ suite: PSP create test templates: - templates/psp.yaml + # For checksums + - clusterrole-node-analyzer.yaml + - clusterrolebinding-node-analyzer.yaml + - configmap-benchmark-runner.yaml + - configmap-host-analyzer.yaml + - configmap-host-scanner.yaml + - configmap-image-analyzer.yaml + - configmap-kspm-analyzer.yaml + - secrets.yaml + - serviceaccount-node-analyzer.yaml +values: + - ./default_required_values.yaml + tests: - it: Ensure PSP is created on k8s <1.25 + templates: + - templates/psp.yaml capabilities: majorVersion: 1 minorVersion: 24 @@ -15,6 +30,8 @@ tests: kind: PodSecurityPolicy - it: Ensure PSP is not created on k8s >=1.25 + templates: + - templates/psp.yaml capabilities: majorVersion: 1 minorVersion: 25 @@ -23,6 +40,8 @@ tests: count: 0 - it: Ensure PSP is created on k8s <1.25 with '+' character in minor version + templates: + - templates/psp.yaml capabilities: majorVersion: 1 minorVersion: "24+" @@ -35,6 +54,8 @@ tests: kind: PodSecurityPolicy - it: Ensure PSP is not created on k8s >=1.25 with '+' character in minor version + templates: + - templates/psp.yaml capabilities: majorVersion: 1 minorVersion: "25+" diff --git a/charts/node-analyzer/tests/runtimescanner_test.yaml b/charts/node-analyzer/tests/runtimescanner_test.yaml index 20595a74d..e9f6dbcd5 100644 --- a/charts/node-analyzer/tests/runtimescanner_test.yaml +++ b/charts/node-analyzer/tests/runtimescanner_test.yaml @@ -2,14 +2,26 @@ # Run "helm unittest -3 -f ./tests/runtimescanner_test.yaml ." from within the `charts/node-analyzer` folder suite: Test RuntimeScanner configuration templates: - - ../templates/daemonset-node-analyzer.yaml + - daemonset-node-analyzer.yaml + # For checksums + - clusterrole-node-analyzer.yaml + - clusterrolebinding-node-analyzer.yaml + - configmap-benchmark-runner.yaml + - configmap-host-analyzer.yaml + - configmap-host-scanner.yaml + - configmap-image-analyzer.yaml + - configmap-kspm-analyzer.yaml + - secrets.yaml + - serviceaccount-node-analyzer.yaml + - runtimeScanner/runtime-scanner-configmap.yaml values: + - ./default_required_values.yaml - ../values.yaml tests: - it: "Add extra volume through nodeAnalyzer.imageAnalyzer.extraVolumes parameter (deprecated)" templates: - - ../templates/daemonset-node-analyzer.yaml + - daemonset-node-analyzer.yaml set: nodeAnalyzer: imageAnalyzer: @@ -30,7 +42,7 @@ tests: - it: "Add extra volume through nodeAnalyzer.extraVolumes parameter" templates: - - ../templates/daemonset-node-analyzer.yaml + - daemonset-node-analyzer.yaml set: nodeAnalyzer: extraVolumes: @@ -52,8 +64,9 @@ tests: set: secure.vulnerabilityManagement.newEngineOnly: true nodeAnalyzer.runtimeScanner.deploy: false + global.clusterConfig.name: "test" templates: - - ../templates/daemonset-node-analyzer.yaml + - daemonset-node-analyzer.yaml asserts: - isKind: of: DaemonSet @@ -69,7 +82,7 @@ tests: - it: "is disabled by default, legacy will be deployed" templates: - - ../templates/daemonset-node-analyzer.yaml + - daemonset-node-analyzer.yaml asserts: - isKind: of: DaemonSet @@ -89,8 +102,9 @@ tests: - it: "is enabled when newEngineOnly is set" set: secure.vulnerabilityManagement.newEngineOnly: true + global.clusterConfig.name: "test" templates: - - ../templates/daemonset-node-analyzer.yaml + - daemonset-node-analyzer.yaml asserts: - isKind: of: DaemonSet @@ -109,6 +123,9 @@ tests: - it: "always expose the EVE_ENABLED and EVE_INTEGRATION_ENABLED variables when eveEnabled is not specified" set: + global: + clusterConfig: + name: "test" nodeAnalyzer: runtimeScanner: deploy: true @@ -122,6 +139,9 @@ tests: - it: "always expose the EVE_ENABLED and EVE_INTEGRATION_ENABLED variables when eveEnabled is true" set: + global: + clusterConfig: + name: "test" nodeAnalyzer: runtimeScanner: deploy: true @@ -137,6 +157,9 @@ tests: - it: "always expose the EVE_ENABLED and EVE_INTEGRATION_ENABLED variables when eveEnabled is false" set: + global: + clusterConfig: + name: "test" nodeAnalyzer: runtimeScanner: deploy: true diff --git a/charts/sysdig-deploy/Chart.yaml b/charts/sysdig-deploy/Chart.yaml index 24d2565bb..f05eb2fb4 100644 --- a/charts/sysdig-deploy/Chart.yaml +++ b/charts/sysdig-deploy/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: sysdig-deploy description: A chart with various Sysdig components for Kubernetes type: application -version: 1.34.4 +version: 1.34.5 maintainers: - name: AlbertoBarba email: alberto.barba@sysdig.com @@ -36,7 +36,7 @@ dependencies: - name: node-analyzer # repository: https://charts.sysdig.com repository: file://../node-analyzer - version: ~1.20.2 + version: ~1.20.3 alias: nodeAnalyzer condition: nodeAnalyzer.enabled - name: cluster-scanner diff --git a/charts/sysdig-deploy/tests/golden_template_test.yaml b/charts/sysdig-deploy/tests/golden_template_test.yaml index 49b021034..6b43ec277 100644 --- a/charts/sysdig-deploy/tests/golden_template_test.yaml +++ b/charts/sysdig-deploy/tests/golden_template_test.yaml @@ -5,6 +5,17 @@ templates: - charts/agent/templates/secrets.yaml - charts/nodeAnalyzer/templates/daemonset-node-analyzer.yaml - charts/nodeAnalyzer/templates/configmap-benchmark-runner.yaml + # For checksums + - charts/nodeAnalyzer/templates/clusterrole-node-analyzer.yaml + - charts/nodeAnalyzer/templates/clusterrolebinding-node-analyzer.yaml + - charts/nodeAnalyzer/templates/configmap-benchmark-runner.yaml + - charts/nodeAnalyzer/templates/configmap-host-analyzer.yaml + - charts/nodeAnalyzer/templates/configmap-host-scanner.yaml + - charts/nodeAnalyzer/templates/configmap-image-analyzer.yaml + - charts/nodeAnalyzer/templates/configmap-kspm-analyzer.yaml + - charts/nodeAnalyzer/templates/secrets.yaml + - charts/nodeAnalyzer/templates/serviceaccount-node-analyzer.yaml + - charts/nodeAnalyzer/templates/runtimeScanner/runtime-scanner-configmap.yaml tests: - it: Testing agent and node-analyzer deployed set: From e89ee0e370f504635d46338b75986d8ed5a71383 Mon Sep 17 00:00:00 2001 From: draios-jenkins Date: Mon, 18 Dec 2023 07:43:40 +0000 Subject: [PATCH 17/31] github_actions_ci: Update CHANGELOG and RELEASE-NOTES for node-analyzer-1.20.3 --- charts/node-analyzer/CHANGELOG.md | 5 +++++ charts/node-analyzer/RELEASE-NOTES.md | 8 +++++--- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/charts/node-analyzer/CHANGELOG.md b/charts/node-analyzer/CHANGELOG.md index 80d5533a7..6493ab287 100644 --- a/charts/node-analyzer/CHANGELOG.md +++ b/charts/node-analyzer/CHANGELOG.md @@ -10,6 +10,11 @@ Manual edits are supported only below '## Change Log' and should be used exclusively to fix incorrect entries and not to add new ones. ## Change Log +# v1.20.3 +### Bug Fixes +* **nodeAnalyzer** [7019a941](https://github.com/sysdiglabs/charts/commit/7019a94176feca81f12b5458788bd62d5d8316a5): deamonset not being rollout after configuration changes ([#1533](https://github.com/sysdiglabs/charts/issues/1533)) + + * * Fix node-analyzer daemonset rollout not triggered by a change in configuration # v1.20.2 ### New Features * **node-analyzer** [809552f7](https://github.com/sysdiglabs/charts/commit/809552f71f8b17b9f57a72dd6b659e959eaa4fe4): namespace variable for runtime-scanner and eve-connector ([#1518](https://github.com/sysdiglabs/charts/issues/1518)) diff --git a/charts/node-analyzer/RELEASE-NOTES.md b/charts/node-analyzer/RELEASE-NOTES.md index 79afb7cf4..479c0f260 100644 --- a/charts/node-analyzer/RELEASE-NOTES.md +++ b/charts/node-analyzer/RELEASE-NOTES.md @@ -1,5 +1,7 @@ # What's Changed -### New Features -- **node-analyzer** [809552f7](https://github.com/sysdiglabs/charts/commit/809552f71f8b17b9f57a72dd6b659e959eaa4fe4): namespace variable for runtime-scanner and eve-connector ([#1518](https://github.com/sysdiglabs/charts/issues/1518)) -#### Full diff: https://github.com/sysdiglabs/charts/compare/node-analyzer-1.20.1...node-analyzer-1.20.2 +### Bug Fixes +- **nodeAnalyzer** [7019a941](https://github.com/sysdiglabs/charts/commit/7019a94176feca81f12b5458788bd62d5d8316a5): deamonset not being rollout after configuration changes ([#1533](https://github.com/sysdiglabs/charts/issues/1533)) + + * * Fix node-analyzer daemonset rollout not triggered by a change in configuration +#### Full diff: https://github.com/sysdiglabs/charts/compare/node-analyzer-1.20.2...node-analyzer-1.20.3 From 8cda1ad940f2975306531ae0ffc86949b896de9f Mon Sep 17 00:00:00 2001 From: draios-jenkins Date: Mon, 18 Dec 2023 07:43:40 +0000 Subject: [PATCH 18/31] github_actions_ci: Update CHANGELOG and RELEASE-NOTES for sysdig-deploy-1.34.5 --- charts/sysdig-deploy/CHANGELOG.md | 5 +++++ charts/sysdig-deploy/RELEASE-NOTES.md | 8 +++++--- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/charts/sysdig-deploy/CHANGELOG.md b/charts/sysdig-deploy/CHANGELOG.md index 1ddd56498..70c9f7892 100644 --- a/charts/sysdig-deploy/CHANGELOG.md +++ b/charts/sysdig-deploy/CHANGELOG.md @@ -10,6 +10,11 @@ Manual edits are supported only below '## Change Log' and should be used exclusively to fix incorrect entries and not to add new ones. ## Change Log +# v1.34.5 +### Bug Fixes +* **nodeAnalyzer** [7019a941](https://github.com/sysdiglabs/charts/commit/7019a94176feca81f12b5458788bd62d5d8316a5): deamonset not being rollout after configuration changes ([#1533](https://github.com/sysdiglabs/charts/issues/1533)) + + * * Fix node-analyzer daemonset rollout not triggered by a change in configuration # v1.34.4 ### New Features * **node-analyzer** [809552f7](https://github.com/sysdiglabs/charts/commit/809552f71f8b17b9f57a72dd6b659e959eaa4fe4): namespace variable for runtime-scanner and eve-connector ([#1518](https://github.com/sysdiglabs/charts/issues/1518)) diff --git a/charts/sysdig-deploy/RELEASE-NOTES.md b/charts/sysdig-deploy/RELEASE-NOTES.md index a4abc994a..924d130db 100644 --- a/charts/sysdig-deploy/RELEASE-NOTES.md +++ b/charts/sysdig-deploy/RELEASE-NOTES.md @@ -1,5 +1,7 @@ # What's Changed -### New Features -- **node-analyzer** [809552f7](https://github.com/sysdiglabs/charts/commit/809552f71f8b17b9f57a72dd6b659e959eaa4fe4): namespace variable for runtime-scanner and eve-connector ([#1518](https://github.com/sysdiglabs/charts/issues/1518)) -#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.34.3...sysdig-deploy-1.34.4 +### Bug Fixes +- **nodeAnalyzer** [7019a941](https://github.com/sysdiglabs/charts/commit/7019a94176feca81f12b5458788bd62d5d8316a5): deamonset not being rollout after configuration changes ([#1533](https://github.com/sysdiglabs/charts/issues/1533)) + + * * Fix node-analyzer daemonset rollout not triggered by a change in configuration +#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.34.4...sysdig-deploy-1.34.5 From 3be55461cc3b28f710c1000583018c9584616681 Mon Sep 17 00:00:00 2001 From: Adam Roberts Date: Mon, 18 Dec 2023 09:48:14 -0500 Subject: [PATCH 19/31] feat(agent): add tolerations for rke2 master nodes (#1539) --- charts/agent/Chart.yaml | 2 +- charts/agent/values.yaml | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/charts/agent/Chart.yaml b/charts/agent/Chart.yaml index 0fb8d3645..cf8a171d2 100644 --- a/charts/agent/Chart.yaml +++ b/charts/agent/Chart.yaml @@ -30,4 +30,4 @@ sources: - https://app.sysdigcloud.com/#/settings/user - https://github.com/draios/sysdig type: application -version: 1.18.3 +version: 1.18.4 diff --git a/charts/agent/values.yaml b/charts/agent/values.yaml index 99a9fd765..35b19e06a 100644 --- a/charts/agent/values.yaml +++ b/charts/agent/values.yaml @@ -279,6 +279,10 @@ tolerations: key: node-role.kubernetes.io/etcd operator: Equal value: "true" + - effect: NoExecute + key: CriticalAddonsOnly + operator: Equal + value: "true" leaderelection: enable: false localForwarder: From edcb4495b48c3310f85918d8aafad292a4f05e94 Mon Sep 17 00:00:00 2001 From: draios-jenkins Date: Mon, 18 Dec 2023 14:49:29 +0000 Subject: [PATCH 20/31] github_actions_ci: Update CHANGELOG and RELEASE-NOTES for agent-1.18.4 --- charts/agent/CHANGELOG.md | 3 +++ charts/agent/RELEASE-NOTES.md | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/agent/CHANGELOG.md b/charts/agent/CHANGELOG.md index bd74164c6..f325b93d8 100644 --- a/charts/agent/CHANGELOG.md +++ b/charts/agent/CHANGELOG.md @@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used exclusively to fix incorrect entries and not to add new ones. ## Change Log +# v1.18.4 +### New Features +* **agent** [3be55461](https://github.com/sysdiglabs/charts/commit/3be55461cc3b28f710c1000583018c9584616681): add tolerations for rke2 master nodes ([#1539](https://github.com/sysdiglabs/charts/issues/1539)) # v1.18.3 ### Bug Fixes * **agent,sysdig-deploy** [d8e38523](https://github.com/sysdiglabs/charts/commit/d8e38523b3e94f0a6311bb5be8f5135e56d47f1c): /var/data volume mount ([#1532](https://github.com/sysdiglabs/charts/issues/1532)) diff --git a/charts/agent/RELEASE-NOTES.md b/charts/agent/RELEASE-NOTES.md index 982487028..ae8039494 100644 --- a/charts/agent/RELEASE-NOTES.md +++ b/charts/agent/RELEASE-NOTES.md @@ -1,5 +1,5 @@ # What's Changed -### Bug Fixes -- **agent,sysdig-deploy** [d8e38523](https://github.com/sysdiglabs/charts/commit/d8e38523b3e94f0a6311bb5be8f5135e56d47f1c): /var/data volume mount ([#1532](https://github.com/sysdiglabs/charts/issues/1532)) -#### Full diff: https://github.com/sysdiglabs/charts/compare/agent-1.18.2...agent-1.18.3 +### New Features +- **agent** [3be55461](https://github.com/sysdiglabs/charts/commit/3be55461cc3b28f710c1000583018c9584616681): add tolerations for rke2 master nodes ([#1539](https://github.com/sysdiglabs/charts/issues/1539)) +#### Full diff: https://github.com/sysdiglabs/charts/compare/agent-1.18.3...agent-1.18.4 From 45e6e37a925ce869bfaa86c00514bb75f0f0dc79 Mon Sep 17 00:00:00 2001 From: draios-jenkins Date: Mon, 18 Dec 2023 07:08:25 -0800 Subject: [PATCH 21/31] chore(sysdig-deploy): Automatic version bump due to updated dependencies (#1540) Co-authored-by: aroberts87 --- charts/sysdig-deploy/Chart.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/sysdig-deploy/Chart.yaml b/charts/sysdig-deploy/Chart.yaml index f05eb2fb4..0869ab3f4 100644 --- a/charts/sysdig-deploy/Chart.yaml +++ b/charts/sysdig-deploy/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: sysdig-deploy description: A chart with various Sysdig components for Kubernetes type: application -version: 1.34.5 +version: 1.34.6 maintainers: - name: AlbertoBarba email: alberto.barba@sysdig.com @@ -26,7 +26,7 @@ dependencies: - name: agent # repository: https://charts.sysdig.com repository: file://../agent - version: ~1.18.3 + version: ~1.18.4 alias: agent condition: agent.enabled - name: common From 554c946436c8442516cdb35ceedd74d8359c60d5 Mon Sep 17 00:00:00 2001 From: draios-jenkins Date: Mon, 18 Dec 2023 15:09:38 +0000 Subject: [PATCH 22/31] github_actions_ci: Update CHANGELOG and RELEASE-NOTES for sysdig-deploy-1.34.6 --- charts/sysdig-deploy/CHANGELOG.md | 3 +++ charts/sysdig-deploy/RELEASE-NOTES.md | 8 +++----- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/charts/sysdig-deploy/CHANGELOG.md b/charts/sysdig-deploy/CHANGELOG.md index 70c9f7892..2d1b1aa06 100644 --- a/charts/sysdig-deploy/CHANGELOG.md +++ b/charts/sysdig-deploy/CHANGELOG.md @@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used exclusively to fix incorrect entries and not to add new ones. ## Change Log +# v1.34.6 +### Chores +* **sysdig-deploy** [45e6e37a](https://github.com/sysdiglabs/charts/commit/45e6e37a925ce869bfaa86c00514bb75f0f0dc79): Automatic version bump due to updated dependencies ([#1540](https://github.com/sysdiglabs/charts/issues/1540)) # v1.34.5 ### Bug Fixes * **nodeAnalyzer** [7019a941](https://github.com/sysdiglabs/charts/commit/7019a94176feca81f12b5458788bd62d5d8316a5): deamonset not being rollout after configuration changes ([#1533](https://github.com/sysdiglabs/charts/issues/1533)) diff --git a/charts/sysdig-deploy/RELEASE-NOTES.md b/charts/sysdig-deploy/RELEASE-NOTES.md index 924d130db..d88c1db9c 100644 --- a/charts/sysdig-deploy/RELEASE-NOTES.md +++ b/charts/sysdig-deploy/RELEASE-NOTES.md @@ -1,7 +1,5 @@ # What's Changed -### Bug Fixes -- **nodeAnalyzer** [7019a941](https://github.com/sysdiglabs/charts/commit/7019a94176feca81f12b5458788bd62d5d8316a5): deamonset not being rollout after configuration changes ([#1533](https://github.com/sysdiglabs/charts/issues/1533)) - - * * Fix node-analyzer daemonset rollout not triggered by a change in configuration -#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.34.4...sysdig-deploy-1.34.5 +### Chores +- **sysdig-deploy** [45e6e37a](https://github.com/sysdiglabs/charts/commit/45e6e37a925ce869bfaa86c00514bb75f0f0dc79): Automatic version bump due to updated dependencies ([#1540](https://github.com/sysdiglabs/charts/issues/1540)) +#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.34.5...sysdig-deploy-1.34.6 From d2e168101fca1ae3d47a789126b1b8fb2e2d389a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 18 Dec 2023 15:44:04 +0000 Subject: [PATCH 23/31] chore(deps): bump updatecli/updatecli-action from 2.50.0 to 2.51.0 (#1528) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/agent-release.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/agent-release.yaml b/.github/workflows/agent-release.yaml index 620b588e7..ec92ad55d 100644 --- a/.github/workflows/agent-release.yaml +++ b/.github/workflows/agent-release.yaml @@ -20,7 +20,7 @@ jobs: uses: actions/checkout@v4 - name: Install Updatecli in the runner - uses: updatecli/updatecli-action@v2.50.0 + uses: updatecli/updatecli-action@v2.51.0 - name: Run Updatecli in apply mode run: "updatecli apply --config .github/updatecli.d/config-agent-release.yaml" From 49fe006fb0ff206c7b566a45bfa5f71713d5ad0a Mon Sep 17 00:00:00 2001 From: Radhika Puthiyetath Date: Mon, 18 Dec 2023 17:27:04 +0000 Subject: [PATCH 24/31] feat(sysdig-deploy): Add prerequisite information on the chart (#1468) Co-authored-by: Marco Vito Moscaritolo Co-authored-by: Adam Roberts --- charts/admission-controller/Chart.yaml | 2 +- charts/admission-controller/README.md | 4 ++-- charts/admission-controller/doc.yaml | 2 +- charts/cloud-connector/Chart.yaml | 2 +- charts/cloud-connector/README.md | 8 ++++---- charts/cloud-connector/doc.yaml | 2 +- charts/cluster-scanner/Chart.yaml | 2 +- charts/cluster-scanner/README.md | 10 +++++----- charts/cluster-scanner/doc.yaml | 2 +- charts/registry-scanner/Chart.yaml | 2 +- charts/registry-scanner/README.md | 4 ++-- charts/registry-scanner/doc.yaml | 2 +- charts/sysdig-deploy/Chart.yaml | 2 +- charts/sysdig-deploy/README.md | 4 ++++ 14 files changed, 26 insertions(+), 22 deletions(-) diff --git a/charts/admission-controller/Chart.yaml b/charts/admission-controller/Chart.yaml index 9dd629149..b899ba584 100644 --- a/charts/admission-controller/Chart.yaml +++ b/charts/admission-controller/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: admission-controller description: Sysdig Admission Controller using Sysdig Secure inline image scanner type: application -version: 0.14.15 +version: 0.14.16 appVersion: 3.9.35 home: https://sysdiglabs.github.io/admission-controller/ icon: https://avatars.githubusercontent.com/u/5068817?s=200&v=4 diff --git a/charts/admission-controller/README.md b/charts/admission-controller/README.md index ca36ef6ee..7004007f3 100644 --- a/charts/admission-controller/README.md +++ b/charts/admission-controller/README.md @@ -68,7 +68,7 @@ For example: ```bash helm upgrade --install admission-controller sysdig/admission-controller \ - --create-namespace -n sysdig-admission-controller --version=0.14.15 \ + --create-namespace -n sysdig-admission-controller --version=0.14.16 \ --set sysdig.secureAPIToken=YOUR-KEY-HERE,clusterName=YOUR-CLUSTER-NAME ``` @@ -80,7 +80,7 @@ For example: ```bash helm upgrade --install admission-controller sysdig/admission-controller \ - --create-namespace -n sysdig-admission-controller --version=0.14.15 \ + --create-namespace -n sysdig-admission-controller --version=0.14.16 \ --values values.yaml ``` diff --git a/charts/admission-controller/doc.yaml b/charts/admission-controller/doc.yaml index d26e489d3..04975bde3 100644 --- a/charts/admission-controller/doc.yaml +++ b/charts/admission-controller/doc.yaml @@ -13,7 +13,7 @@ chart: # values: "-- generate from values file --" valuesExample: "sysdig.secureAPIToken=YOUR-KEY-HERE,clusterName=YOUR-CLUSTER-NAME" prerequisites: - - "Helm 3" + - "Helm 3.6" - "Kubernetes v1.16+" - "Cluster Name (pick one to identify your Kubernetes Cluster)" - "Sysdig Secure API Token" diff --git a/charts/cloud-connector/Chart.yaml b/charts/cloud-connector/Chart.yaml index 31a948a8c..f49be7433 100644 --- a/charts/cloud-connector/Chart.yaml +++ b/charts/cloud-connector/Chart.yaml @@ -3,7 +3,7 @@ name: cloud-connector description: Sysdig Cloud Connector type: application -version: 0.8.7 +version: 0.8.8 appVersion: 0.16.48 home: https://sysdiglabs.github.io/cloud-connector diff --git a/charts/cloud-connector/README.md b/charts/cloud-connector/README.md index f96bb8d7d..721492436 100644 --- a/charts/cloud-connector/README.md +++ b/charts/cloud-connector/README.md @@ -25,7 +25,7 @@ Use [Cloud Connector](https://docs.sysdig.com/en/docs/installation/sysdig-secure ### Prerequisites -- Helm v3 +- Helm v3.6 - Sysdig Secure API Token ### Installation @@ -36,7 +36,7 @@ To install the chart: helm repo add sysdig https://charts.sysdig.com helm repo update helm upgrade --install cloud-connector sysdig/cloud-connector \ - --create-namespace -n cloud-connector --version=0.8.7 \ + --create-namespace -n cloud-connector --version=0.8.8 \ --set sysdig.secureAPIToken= ``` @@ -60,7 +60,7 @@ For example: ```bash helm upgrade --install cloud-connector sysdig/cloud-connector \ - --create-namespace -n cloud-connector --version=0.8.7 \ + --create-namespace -n cloud-connector --version=0.8.8 \ --set sysdig.secureAPIToken= ``` @@ -72,7 +72,7 @@ For example: ```bash helm upgrade --install cloud-connector sysdig/cloud-connector \ - --create-namespace -n cloud-connector --version=0.8.7 \ + --create-namespace -n cloud-connector --version=0.8.8 \ --values values.yaml ``` diff --git a/charts/cloud-connector/doc.yaml b/charts/cloud-connector/doc.yaml index 24d90ff4a..d57c93730 100644 --- a/charts/cloud-connector/doc.yaml +++ b/charts/cloud-connector/doc.yaml @@ -14,7 +14,7 @@ chart: # values: "-- generate from values file --" valuesExample: "sysdig.secureAPIToken=" prerequisites: -- "Helm v3" +- "Helm v3.6" - "Sysdig Secure API Token" release: diff --git a/charts/cluster-scanner/Chart.yaml b/charts/cluster-scanner/Chart.yaml index 607bf5059..4643cafc4 100644 --- a/charts/cluster-scanner/Chart.yaml +++ b/charts/cluster-scanner/Chart.yaml @@ -3,7 +3,7 @@ name: cluster-scanner description: Sysdig Cluster Scanner type: application -version: 0.8.6 +version: 0.8.7 appVersion: "0.1.0" home: https://www.sysdig.com/ diff --git a/charts/cluster-scanner/README.md b/charts/cluster-scanner/README.md index db45b8446..906ce146c 100644 --- a/charts/cluster-scanner/README.md +++ b/charts/cluster-scanner/README.md @@ -25,7 +25,7 @@ $ pre-commit run -a $ helm repo add sysdig https://charts.sysdig.com $ helm repo update $ helm upgrade --install sysdig-cluster-scanner sysdig/cluster-scanner \ - --create-namespace -n sysdig --version=0.8.6 \ + --create-namespace -n sysdig --version=0.8.7 \ --set global.clusterConfig.name=CLUSTER_NAME \ --set global.sysdig.region=SYSDIG_REGION \ --set global.sysdig.accessKey=YOUR-KEY-HERE @@ -45,7 +45,7 @@ This chart deploys the Sysdig Cluster Scanner as a Deployment on a [Kubernetes]( ### Prerequisites -- Helm 3 +- Helm 3.6 - Sysdig AccessKey @@ -55,7 +55,7 @@ To install the chart with the release name `cluster-scanner`, run: ```console $ helm upgrade --install sysdig-cluster-scanner sysdig/cluster-scanner \ - --create-namespace -n sysdig --version=0.8.6 \ + --create-namespace -n sysdig --version=0.8.7 \ --set global.clusterConfig.name=CLUSTER_NAME \ --set global.sysdig.region=SYSDIG_REGION \ --set global.sysdig.accessKey=YOUR-KEY-HERE @@ -162,7 +162,7 @@ Specify each parameter using the **`--set key=value[,key=value]`** argument to ` ```console $ helm upgrade --install sysdig-cluster-scanner sysdig/cluster-scanner \ - --create-namespace -n sysdig --version=0.8.6 \ + --create-namespace -n sysdig --version=0.8.7 \ --set global.sysdig.region="us1" ``` @@ -171,7 +171,7 @@ installing the chart. For example: ```console $ helm upgrade --install sysdig-cluster-scanner sysdig/cluster-scanner \ - --create-namespace -n sysdig --version=0.8.6 \ + --create-namespace -n sysdig --version=0.8.7 \ --values values.yaml ``` diff --git a/charts/cluster-scanner/doc.yaml b/charts/cluster-scanner/doc.yaml index 9312b5b49..fb646f993 100644 --- a/charts/cluster-scanner/doc.yaml +++ b/charts/cluster-scanner/doc.yaml @@ -10,7 +10,7 @@ repository: chart: name: admission-controller prerequisites: - - "Helm 3" + - "Helm 3.6" - "Sysdig AccessKey" release: diff --git a/charts/registry-scanner/Chart.yaml b/charts/registry-scanner/Chart.yaml index 712147781..0da670392 100644 --- a/charts/registry-scanner/Chart.yaml +++ b/charts/registry-scanner/Chart.yaml @@ -4,7 +4,7 @@ description: Sysdig Registry Scanner type: application home: https://www.sysdig.com/ icon: https://avatars.githubusercontent.com/u/5068817?s=200&v=4 -version: 1.1.24 +version: 1.1.25 appVersion: 0.2.60 maintainers: - name: sysdiglabs diff --git a/charts/registry-scanner/README.md b/charts/registry-scanner/README.md index 2b559f482..bcd194828 100644 --- a/charts/registry-scanner/README.md +++ b/charts/registry-scanner/README.md @@ -41,7 +41,7 @@ Once installed, you can view the scan results in the [Vulnerabilities UI](https: ### Prerequisites -- Helm 3 +- Helm 3.6 - Kubernetes v1.16+ - Unique name to identify your Kubernetes cluster - Sysdig Secure API Token @@ -129,7 +129,7 @@ Use the following command to deploy: helm upgrade --install registry-scanner \ --namespace sysdig-agent \ --create-namespace \ - --version=1.1.24 \ + --version=1.1.25 \ --set config.secureBaseURL= \ --set config.secureAPIToken= \ --set config.secureSkipTLS=true \ diff --git a/charts/registry-scanner/doc.yaml b/charts/registry-scanner/doc.yaml index f3e1b6ce5..4c78182fa 100644 --- a/charts/registry-scanner/doc.yaml +++ b/charts/registry-scanner/doc.yaml @@ -13,7 +13,7 @@ chart: # values: "-- generate from values file --" valuesExample: "config.secureAPIToken=YOUR-KEY-HERE,config.secureBaseURL=SECURE_URL" prerequisites: - - "Helm 3" + - "Helm 3.6" - "Kubernetes v1.16+" - "Unique name to identify your Kubernetes cluster" - "Sysdig Secure API Token" diff --git a/charts/sysdig-deploy/Chart.yaml b/charts/sysdig-deploy/Chart.yaml index 0869ab3f4..f23c234f7 100644 --- a/charts/sysdig-deploy/Chart.yaml +++ b/charts/sysdig-deploy/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: sysdig-deploy description: A chart with various Sysdig components for Kubernetes type: application -version: 1.34.6 +version: 1.34.7 maintainers: - name: AlbertoBarba email: alberto.barba@sysdig.com diff --git a/charts/sysdig-deploy/README.md b/charts/sysdig-deploy/README.md index d081c9832..bf49e38e7 100644 --- a/charts/sysdig-deploy/README.md +++ b/charts/sysdig-deploy/README.md @@ -2,6 +2,10 @@ Use the `sysdig-deploy` Helm chart to install Sysdig Secure and Sysdig Monitor in a Kubernetes environment. +## Prerequisites + +Helm v3.6 or above + ## Overview This chart deploys the following Sysdig components into your Kubernetes cluster: From 7ade708bff9dfdd8314638fb8ea001c6ecb5da21 Mon Sep 17 00:00:00 2001 From: draios-jenkins Date: Mon, 18 Dec 2023 17:28:18 +0000 Subject: [PATCH 25/31] github_actions_ci: Update CHANGELOG and RELEASE-NOTES for admission-controller-0.14.16 --- charts/admission-controller/CHANGELOG.md | 3 +++ charts/admission-controller/RELEASE-NOTES.md | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/admission-controller/CHANGELOG.md b/charts/admission-controller/CHANGELOG.md index e55faeee9..caf76e2d2 100644 --- a/charts/admission-controller/CHANGELOG.md +++ b/charts/admission-controller/CHANGELOG.md @@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used exclusively to fix incorrect entries and not to add new ones. ## Change Log +# v0.14.16 +### New Features +* **sysdig-deploy** [49fe006f](https://github.com/sysdiglabs/charts/commit/49fe006fb0ff206c7b566a45bfa5f71713d5ad0a): Add prerequisite information on the chart ([#1468](https://github.com/sysdiglabs/charts/issues/1468)) # v0.14.15 ### Chores * **admission-controller,cloud-connector,cluster-scanner,node-analyzer,registry-scanner,sysdig-deploy** [9d5d8c58](https://github.com/sysdiglabs/charts/commit/9d5d8c5809d35bcb5e8060ccc454f446cb1e3bc7): change charts ownership ([#1461](https://github.com/sysdiglabs/charts/issues/1461)) diff --git a/charts/admission-controller/RELEASE-NOTES.md b/charts/admission-controller/RELEASE-NOTES.md index 26e7adb44..b16b18762 100644 --- a/charts/admission-controller/RELEASE-NOTES.md +++ b/charts/admission-controller/RELEASE-NOTES.md @@ -1,5 +1,5 @@ # What's Changed -### Chores -- **admission-controller,cloud-connector,cluster-scanner,node-analyzer,registry-scanner,sysdig-deploy** [9d5d8c58](https://github.com/sysdiglabs/charts/commit/9d5d8c5809d35bcb5e8060ccc454f446cb1e3bc7): change charts ownership ([#1461](https://github.com/sysdiglabs/charts/issues/1461)) -#### Full diff: https://github.com/sysdiglabs/charts/compare/admission-controller-0.14.14...admission-controller-0.14.15 +### New Features +- **sysdig-deploy** [49fe006f](https://github.com/sysdiglabs/charts/commit/49fe006fb0ff206c7b566a45bfa5f71713d5ad0a): Add prerequisite information on the chart ([#1468](https://github.com/sysdiglabs/charts/issues/1468)) +#### Full diff: https://github.com/sysdiglabs/charts/compare/admission-controller-0.14.15...admission-controller-0.14.16 From 7a311208dc45a766887304e44e2d9d90c8f6e8a7 Mon Sep 17 00:00:00 2001 From: draios-jenkins Date: Mon, 18 Dec 2023 17:28:18 +0000 Subject: [PATCH 26/31] github_actions_ci: Update CHANGELOG and RELEASE-NOTES for cloud-connector-0.8.8 --- charts/cloud-connector/CHANGELOG.md | 3 +++ charts/cloud-connector/RELEASE-NOTES.md | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/cloud-connector/CHANGELOG.md b/charts/cloud-connector/CHANGELOG.md index 9274a6a28..873e229bb 100644 --- a/charts/cloud-connector/CHANGELOG.md +++ b/charts/cloud-connector/CHANGELOG.md @@ -11,6 +11,9 @@ exclusively to fix incorrect entries and not to add new ones. ## Change Log +# v0.8.8 +### New Features +* **sysdig-deploy** [49fe006f](https://github.com/sysdiglabs/charts/commit/49fe006fb0ff206c7b566a45bfa5f71713d5ad0a): Add prerequisite information on the chart ([#1468](https://github.com/sysdiglabs/charts/issues/1468)) # v0.8.7 ### Chores * **admission-controller,cloud-connector,cluster-scanner,node-analyzer,registry-scanner,sysdig-deploy** [9d5d8c58](https://github.com/sysdiglabs/charts/commit/9d5d8c5809d35bcb5e8060ccc454f446cb1e3bc7): change charts ownership ([#1461](https://github.com/sysdiglabs/charts/issues/1461)) diff --git a/charts/cloud-connector/RELEASE-NOTES.md b/charts/cloud-connector/RELEASE-NOTES.md index 1717d7b24..307520776 100644 --- a/charts/cloud-connector/RELEASE-NOTES.md +++ b/charts/cloud-connector/RELEASE-NOTES.md @@ -1,5 +1,5 @@ # What's Changed -### Chores -- **admission-controller,cloud-connector,cluster-scanner,node-analyzer,registry-scanner,sysdig-deploy** [9d5d8c58](https://github.com/sysdiglabs/charts/commit/9d5d8c5809d35bcb5e8060ccc454f446cb1e3bc7): change charts ownership ([#1461](https://github.com/sysdiglabs/charts/issues/1461)) -#### Full diff: https://github.com/sysdiglabs/charts/compare/cloud-connector-0.8.6...cloud-connector-0.8.7 +### New Features +- **sysdig-deploy** [49fe006f](https://github.com/sysdiglabs/charts/commit/49fe006fb0ff206c7b566a45bfa5f71713d5ad0a): Add prerequisite information on the chart ([#1468](https://github.com/sysdiglabs/charts/issues/1468)) +#### Full diff: https://github.com/sysdiglabs/charts/compare/cloud-connector-0.8.7...cloud-connector-0.8.8 From e49f84022a6fdb6e5279ab2f870b6ad2856bd8ea Mon Sep 17 00:00:00 2001 From: draios-jenkins Date: Mon, 18 Dec 2023 17:28:18 +0000 Subject: [PATCH 27/31] github_actions_ci: Update CHANGELOG and RELEASE-NOTES for cluster-scanner-0.8.7 --- charts/cluster-scanner/CHANGELOG.md | 3 +++ charts/cluster-scanner/RELEASE-NOTES.md | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/cluster-scanner/CHANGELOG.md b/charts/cluster-scanner/CHANGELOG.md index 62f5736d0..cb84eeb21 100644 --- a/charts/cluster-scanner/CHANGELOG.md +++ b/charts/cluster-scanner/CHANGELOG.md @@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used exclusively to fix incorrect entries and not to add new ones. ## Change Log +# v0.8.7 +### New Features +* **sysdig-deploy** [49fe006f](https://github.com/sysdiglabs/charts/commit/49fe006fb0ff206c7b566a45bfa5f71713d5ad0a): Add prerequisite information on the chart ([#1468](https://github.com/sysdiglabs/charts/issues/1468)) # v0.8.6 ### Chores * **admission-controller,cloud-connector,cluster-scanner,node-analyzer,registry-scanner,sysdig-deploy** [9d5d8c58](https://github.com/sysdiglabs/charts/commit/9d5d8c5809d35bcb5e8060ccc454f446cb1e3bc7): change charts ownership ([#1461](https://github.com/sysdiglabs/charts/issues/1461)) diff --git a/charts/cluster-scanner/RELEASE-NOTES.md b/charts/cluster-scanner/RELEASE-NOTES.md index ca64933cc..f2f4270c6 100644 --- a/charts/cluster-scanner/RELEASE-NOTES.md +++ b/charts/cluster-scanner/RELEASE-NOTES.md @@ -1,5 +1,5 @@ # What's Changed -### Chores -- **admission-controller,cloud-connector,cluster-scanner,node-analyzer,registry-scanner,sysdig-deploy** [9d5d8c58](https://github.com/sysdiglabs/charts/commit/9d5d8c5809d35bcb5e8060ccc454f446cb1e3bc7): change charts ownership ([#1461](https://github.com/sysdiglabs/charts/issues/1461)) -#### Full diff: https://github.com/sysdiglabs/charts/compare/cluster-scanner-0.8.5...cluster-scanner-0.8.6 +### New Features +- **sysdig-deploy** [49fe006f](https://github.com/sysdiglabs/charts/commit/49fe006fb0ff206c7b566a45bfa5f71713d5ad0a): Add prerequisite information on the chart ([#1468](https://github.com/sysdiglabs/charts/issues/1468)) +#### Full diff: https://github.com/sysdiglabs/charts/compare/cluster-scanner-0.8.6...cluster-scanner-0.8.7 From 71ca5640bcfbcebab89c57387123a24bea0c2c7a Mon Sep 17 00:00:00 2001 From: draios-jenkins Date: Mon, 18 Dec 2023 17:28:18 +0000 Subject: [PATCH 28/31] github_actions_ci: Update CHANGELOG and RELEASE-NOTES for registry-scanner-1.1.25 --- charts/registry-scanner/CHANGELOG.md | 3 +++ charts/registry-scanner/RELEASE-NOTES.md | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/registry-scanner/CHANGELOG.md b/charts/registry-scanner/CHANGELOG.md index 220dc495f..e2b670e2d 100644 --- a/charts/registry-scanner/CHANGELOG.md +++ b/charts/registry-scanner/CHANGELOG.md @@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used exclusively to fix incorrect entries and not to add new ones. ## Change Log +# v1.1.25 +### New Features +* **sysdig-deploy** [49fe006f](https://github.com/sysdiglabs/charts/commit/49fe006fb0ff206c7b566a45bfa5f71713d5ad0a): Add prerequisite information on the chart ([#1468](https://github.com/sysdiglabs/charts/issues/1468)) # v1.1.24 ### Chores * **admission-controller,cloud-connector,cluster-scanner,node-analyzer,registry-scanner,sysdig-deploy** [9d5d8c58](https://github.com/sysdiglabs/charts/commit/9d5d8c5809d35bcb5e8060ccc454f446cb1e3bc7): change charts ownership ([#1461](https://github.com/sysdiglabs/charts/issues/1461)) diff --git a/charts/registry-scanner/RELEASE-NOTES.md b/charts/registry-scanner/RELEASE-NOTES.md index 80ac33358..954a3c945 100644 --- a/charts/registry-scanner/RELEASE-NOTES.md +++ b/charts/registry-scanner/RELEASE-NOTES.md @@ -1,5 +1,5 @@ # What's Changed -### Chores -- **admission-controller,cloud-connector,cluster-scanner,node-analyzer,registry-scanner,sysdig-deploy** [9d5d8c58](https://github.com/sysdiglabs/charts/commit/9d5d8c5809d35bcb5e8060ccc454f446cb1e3bc7): change charts ownership ([#1461](https://github.com/sysdiglabs/charts/issues/1461)) -#### Full diff: https://github.com/sysdiglabs/charts/compare/registry-scanner-1.1.23...registry-scanner-1.1.24 +### New Features +- **sysdig-deploy** [49fe006f](https://github.com/sysdiglabs/charts/commit/49fe006fb0ff206c7b566a45bfa5f71713d5ad0a): Add prerequisite information on the chart ([#1468](https://github.com/sysdiglabs/charts/issues/1468)) +#### Full diff: https://github.com/sysdiglabs/charts/compare/registry-scanner-1.1.24...registry-scanner-1.1.25 From 4cac32fa707e3b6a654e418e6c99b965df44d70f Mon Sep 17 00:00:00 2001 From: draios-jenkins Date: Mon, 18 Dec 2023 17:28:18 +0000 Subject: [PATCH 29/31] github_actions_ci: Update CHANGELOG and RELEASE-NOTES for sysdig-deploy-1.34.7 --- charts/sysdig-deploy/CHANGELOG.md | 3 +++ charts/sysdig-deploy/RELEASE-NOTES.md | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/sysdig-deploy/CHANGELOG.md b/charts/sysdig-deploy/CHANGELOG.md index 2d1b1aa06..53940c095 100644 --- a/charts/sysdig-deploy/CHANGELOG.md +++ b/charts/sysdig-deploy/CHANGELOG.md @@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used exclusively to fix incorrect entries and not to add new ones. ## Change Log +# v1.34.7 +### New Features +* **sysdig-deploy** [49fe006f](https://github.com/sysdiglabs/charts/commit/49fe006fb0ff206c7b566a45bfa5f71713d5ad0a): Add prerequisite information on the chart ([#1468](https://github.com/sysdiglabs/charts/issues/1468)) # v1.34.6 ### Chores * **sysdig-deploy** [45e6e37a](https://github.com/sysdiglabs/charts/commit/45e6e37a925ce869bfaa86c00514bb75f0f0dc79): Automatic version bump due to updated dependencies ([#1540](https://github.com/sysdiglabs/charts/issues/1540)) diff --git a/charts/sysdig-deploy/RELEASE-NOTES.md b/charts/sysdig-deploy/RELEASE-NOTES.md index d88c1db9c..a17e95b7a 100644 --- a/charts/sysdig-deploy/RELEASE-NOTES.md +++ b/charts/sysdig-deploy/RELEASE-NOTES.md @@ -1,5 +1,5 @@ # What's Changed -### Chores -- **sysdig-deploy** [45e6e37a](https://github.com/sysdiglabs/charts/commit/45e6e37a925ce869bfaa86c00514bb75f0f0dc79): Automatic version bump due to updated dependencies ([#1540](https://github.com/sysdiglabs/charts/issues/1540)) -#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.34.5...sysdig-deploy-1.34.6 +### New Features +- **sysdig-deploy** [49fe006f](https://github.com/sysdiglabs/charts/commit/49fe006fb0ff206c7b566a45bfa5f71713d5ad0a): Add prerequisite information on the chart ([#1468](https://github.com/sysdiglabs/charts/issues/1468)) +#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.34.6...sysdig-deploy-1.34.7 From c00c5d7ef2a0eda98bf6691869fc3c846cb08a4d Mon Sep 17 00:00:00 2001 From: draios-jenkins Date: Mon, 18 Dec 2023 09:47:27 -0800 Subject: [PATCH 30/31] chore(sysdig-deploy): Automatic version bump due to updated dependencies (#1541) --- charts/sysdig-deploy/Chart.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/sysdig-deploy/Chart.yaml b/charts/sysdig-deploy/Chart.yaml index f23c234f7..9624541cf 100644 --- a/charts/sysdig-deploy/Chart.yaml +++ b/charts/sysdig-deploy/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: sysdig-deploy description: A chart with various Sysdig components for Kubernetes type: application -version: 1.34.7 +version: 1.34.8 maintainers: - name: AlbertoBarba email: alberto.barba@sysdig.com @@ -20,7 +20,7 @@ dependencies: - name: admission-controller # repository: https://charts.sysdig.com repository: file://../admission-controller - version: ~0.14.15 + version: ~0.14.16 alias: admissionController condition: admissionController.enabled - name: agent @@ -42,7 +42,7 @@ dependencies: - name: cluster-scanner # repository: https://charts.sysdig.com repository: file://../cluster-scanner - version: ~0.8.6 + version: ~0.8.7 alias: clusterScanner condition: clusterScanner.enabled - name: kspm-collector From 7e30f6ed75065d2934673e968e444aa2c2cb50d4 Mon Sep 17 00:00:00 2001 From: draios-jenkins Date: Mon, 18 Dec 2023 17:48:50 +0000 Subject: [PATCH 31/31] github_actions_ci: Update CHANGELOG and RELEASE-NOTES for sysdig-deploy-1.34.8 --- charts/sysdig-deploy/CHANGELOG.md | 3 +++ charts/sysdig-deploy/RELEASE-NOTES.md | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/charts/sysdig-deploy/CHANGELOG.md b/charts/sysdig-deploy/CHANGELOG.md index 53940c095..eb9b6e738 100644 --- a/charts/sysdig-deploy/CHANGELOG.md +++ b/charts/sysdig-deploy/CHANGELOG.md @@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used exclusively to fix incorrect entries and not to add new ones. ## Change Log +# v1.34.8 +### Chores +* **sysdig-deploy** [c00c5d7e](https://github.com/sysdiglabs/charts/commit/c00c5d7ef2a0eda98bf6691869fc3c846cb08a4d): Automatic version bump due to updated dependencies ([#1541](https://github.com/sysdiglabs/charts/issues/1541)) # v1.34.7 ### New Features * **sysdig-deploy** [49fe006f](https://github.com/sysdiglabs/charts/commit/49fe006fb0ff206c7b566a45bfa5f71713d5ad0a): Add prerequisite information on the chart ([#1468](https://github.com/sysdiglabs/charts/issues/1468)) diff --git a/charts/sysdig-deploy/RELEASE-NOTES.md b/charts/sysdig-deploy/RELEASE-NOTES.md index a17e95b7a..94edc0907 100644 --- a/charts/sysdig-deploy/RELEASE-NOTES.md +++ b/charts/sysdig-deploy/RELEASE-NOTES.md @@ -1,5 +1,5 @@ # What's Changed -### New Features -- **sysdig-deploy** [49fe006f](https://github.com/sysdiglabs/charts/commit/49fe006fb0ff206c7b566a45bfa5f71713d5ad0a): Add prerequisite information on the chart ([#1468](https://github.com/sysdiglabs/charts/issues/1468)) -#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.34.6...sysdig-deploy-1.34.7 +### Chores +- **sysdig-deploy** [c00c5d7e](https://github.com/sysdiglabs/charts/commit/c00c5d7ef2a0eda98bf6691869fc3c846cb08a4d): Automatic version bump due to updated dependencies ([#1541](https://github.com/sysdiglabs/charts/issues/1541)) +#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.34.7...sysdig-deploy-1.34.8