feat(node-analyzer): Allow setting parameters for runtime and host sc…

…anner probes in Daemoset (#1940)

Co-authored-by: Mike Bryant <[email protected]>

charts/node-analyzer/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 name: node-analyzer
 description: Sysdig Node Analyzer
 # currently matching Sysdig's appVersion 1.14.34
-version: 1.31.7
+version: 1.32.0
 appVersion: 12.9.0
 keywords:
   - monitoring

charts/node-analyzer/templates/daemonset-node-analyzer.yaml

@@ -661,14 +661,14 @@ spec:
           httpGet:
             port: {{ .Values.nodeAnalyzer.runtimeScanner.probesPort }}
             path: /probes/liveness
-          initialDelaySeconds: 90
-          periodSeconds: 3
+          initialDelaySeconds: {{ .Values.nodeAnalyzer.runtimeScanner.livenessProbe.probe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.nodeAnalyzer.runtimeScanner.livenessProbe.probe.periodSeconds }}
         readinessProbe:
           httpGet:
             port: {{ .Values.nodeAnalyzer.runtimeScanner.probesPort }}
             path: /probes/readiness
-          initialDelaySeconds: 90
-          periodSeconds: 3
+          initialDelaySeconds: {{ .Values.nodeAnalyzer.runtimeScanner.readinessProbe.probe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.nodeAnalyzer.runtimeScanner.readinessProbe.probe.periodSeconds }}
         securityContext:
             privileged: true
         resources:
@@ -808,14 +808,14 @@ spec:
           httpGet:
             port: {{ .Values.nodeAnalyzer.hostScanner.probesPort }}
             path: /probes/liveness
-          initialDelaySeconds: 90
-          periodSeconds: 3
+          initialDelaySeconds: {{ .Values.nodeAnalyzer.hostScanner.livenessProbe.probe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.nodeAnalyzer.hostScanner.livenessProbe.probe.periodSeconds }}
         readinessProbe:
           httpGet:
             port: {{ .Values.nodeAnalyzer.hostScanner.probesPort }}
             path: /probes/readiness
-          initialDelaySeconds: 90
-          periodSeconds: 3
+          initialDelaySeconds: {{ .Values.nodeAnalyzer.hostScanner.readinessProbe.probe.initialDelaySeconds }}
+          periodSeconds: {{ .Values.nodeAnalyzer.hostScanner.readinessProbe.probe.periodSeconds }}
         securityContext:
           # The privileged flag is necessary for OCP 4.x and other Kubernetes setups that deny host filesystem access to
           # running containers by default regardless of volume mounts.

charts/node-analyzer/tests/daemonset_probes_test.yaml

@@ -0,0 +1,112 @@
+suite: Test Daemonset Abc
+templates:
+  - templates/daemonset-node-analyzer.yaml
+  # For checksums
+  - templates/runtimeScanner/runtime-scanner-configmap.yaml
+  - templates/configmap-host-scanner.yaml
+  - clusterrole-node-analyzer.yaml
+  - clusterrolebinding-node-analyzer.yaml
+  - configmap-benchmark-runner.yaml
+  - configmap-host-analyzer.yaml
+  - configmap-image-analyzer.yaml
+  - secrets.yaml
+  - serviceaccount-node-analyzer.yaml
+values:
+  - ./default_required_values.yaml
+tests:
+  - it: assert default sysdig-runtime-scanner probes
+    set:
+      nodeAnalyzer:
+        runtimeScanner:
+          deploy: true
+    asserts:
+      - equal:
+          path: spec.template.spec.containers[?(@.name == "sysdig-runtime-scanner")].livenessProbe.initialDelaySeconds
+          value: 90
+      - equal:
+          path: spec.template.spec.containers[?(@.name == "sysdig-runtime-scanner")].livenessProbe.periodSeconds
+          value: 3
+      - equal:
+          path: spec.template.spec.containers[?(@.name == "sysdig-runtime-scanner")].readinessProbe.initialDelaySeconds
+          value: 90
+      - equal:
+          path: spec.template.spec.containers[?(@.name == "sysdig-runtime-scanner")].readinessProbe.periodSeconds
+          value: 3
+    templates:
+      - templates/daemonset-node-analyzer.yaml
+  - it: assert custom sysdig-runtime-scanner probess
+    set:
+      nodeAnalyzer:
+        runtimeScanner:
+          deploy: true
+          livenessProbe:
+            probe:
+              initialDelaySeconds: 10
+              periodSeconds: 5
+          readinessProbe:
+              probe:
+                initialDelaySeconds: 15
+                periodSeconds: 10
+    asserts:
+      - equal:
+          path: spec.template.spec.containers[?(@.name == "sysdig-runtime-scanner")].livenessProbe.initialDelaySeconds
+          value: 10
+      - equal:
+          path: spec.template.spec.containers[?(@.name == "sysdig-runtime-scanner")].livenessProbe.periodSeconds
+          value: 5
+      - equal:
+          path: spec.template.spec.containers[?(@.name == "sysdig-runtime-scanner")].readinessProbe.initialDelaySeconds
+          value: 15
+      - equal:
+          path: spec.template.spec.containers[?(@.name == "sysdig-runtime-scanner")].readinessProbe.periodSeconds
+          value: 10
+    templates:
+      - templates/daemonset-node-analyzer.yaml
+  - it: assert default sysdig-host-scanner probes
+    set:
+      nodeAnalyzer:
+        hostScanner:
+          deploy: true
+    asserts:
+      - equal:
+          path: spec.template.spec.containers[?(@.name == "sysdig-host-scanner")].livenessProbe.initialDelaySeconds
+          value: 90
+      - equal:
+          path: spec.template.spec.containers[?(@.name == "sysdig-host-scanner")].livenessProbe.periodSeconds
+          value: 3
+      - equal:
+          path: spec.template.spec.containers[?(@.name == "sysdig-host-scanner")].readinessProbe.initialDelaySeconds
+          value: 90
+      - equal:
+          path: spec.template.spec.containers[?(@.name == "sysdig-host-scanner")].readinessProbe.periodSeconds
+          value: 3
+    templates:
+      - templates/daemonset-node-analyzer.yaml
+  - it: assert custom sysdig-host-scanner probess
+    set:
+      nodeAnalyzer:
+        hostScanner:
+          deploy: true
+          livenessProbe:
+            probe:
+              initialDelaySeconds: 10
+              periodSeconds: 5
+          readinessProbe:
+            probe:
+              initialDelaySeconds: 15
+              periodSeconds: 10
+    asserts:
+      - equal:
+          path: spec.template.spec.containers[?(@.name == "sysdig-host-scanner")].livenessProbe.initialDelaySeconds
+          value: 10
+      - equal:
+          path: spec.template.spec.containers[?(@.name == "sysdig-host-scanner")].livenessProbe.periodSeconds
+          value: 5
+      - equal:
+          path: spec.template.spec.containers[?(@.name == "sysdig-host-scanner")].readinessProbe.initialDelaySeconds
+          value: 15
+      - equal:
+          path: spec.template.spec.containers[?(@.name == "sysdig-host-scanner")].readinessProbe.periodSeconds
+          value: 10
+    templates:
+      - templates/daemonset-node-analyzer.yaml

charts/node-analyzer/values.yaml

@@ -339,6 +339,15 @@ nodeAnalyzer:
         memory: 2Gi
         ephemeral-storage: "4Gi"
 
+    readinessProbe:
+      probe:
+        initialDelaySeconds: 90
+        periodSeconds: 3
+    livenessProbe:
+      probe:
+        initialDelaySeconds: 90
+        periodSeconds: 3
+
     env: {}
 
     settings:
@@ -422,6 +431,15 @@ nodeAnalyzer:
         memory: 150Mi
         ephemeral-storage: 250Mi
 
+    readinessProbe:
+      probe:
+        initialDelaySeconds: 90
+        periodSeconds: 3
+    livenessProbe:
+      probe:
+        initialDelaySeconds: 90
+        periodSeconds: 3
+
     env: {}
 
     settings:

charts/sysdig-deploy/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 name: sysdig-deploy
 description: A chart with various Sysdig components for Kubernetes
 type: application
-version: 1.64.10
+version: 1.65.0
 maintainers:
   - name: AlbertoBarba
     email: [email protected]
@@ -36,7 +36,7 @@ dependencies:
   - name: node-analyzer
     # repository: https://charts.sysdig.com
     repository: file://../node-analyzer
-    version: ~1.31.7
+    version: ~1.32.0
     alias: nodeAnalyzer
     condition: nodeAnalyzer.enabled
   - name: cluster-scanner