diff --git a/charts/kspm-collector/README.md b/charts/kspm-collector/README.md
index 109a146c9..a830d8416 100644
--- a/charts/kspm-collector/README.md
+++ b/charts/kspm-collector/README.md
@@ -28,7 +28,7 @@ To check the integrity and the origin of the charts you can now append the `--ve
The following table lists the configurable parameters of the Sysdig KSPM Collector chart and their default values.
| Parameter | Description | Default |
-| ------------------------------------------ | ------------------------------------------------------------ | ----------------------------------------------------------- |
+| ------------------------------------------ | ------------------------------------------------------------ |-------------------------------------------------------------|
| `global.proxy.httpProxy` | Sets `HTTP_PROXY` on the KSPM collector containers. | `""` |
| `global.proxy.httpsProxy` | Sets `HTTPS_PROXY` on the KSPM collector containers. | `""` |
| `global.proxy.noProxy` | Sets `NO_PROXY` on the KSPM collector containers. | `""` |
@@ -44,7 +44,7 @@ The following table lists the configurable parameters of the Sysdig KSPM Collect
| `clusterName` | Sets a unique cluster name. This name will be used to identify events using the `kubernetes.cluster.name` tag. | ` ` |
| `image.registry` | Specifies the KSPM collector image registry. | `quay.io` |
| `image.repository` | Specifies the image repository to pull from. | `sysdig/kspm-collector` |
-| `image.tag` | Specifies the image tag to pull from the image repository. | `1.24.0` |
+| `image.tag` | Specifies the image tag to pull from the image repository. | `1.26.0` |
| `image.digest` | Specifies the image digest to pull from the image repository. | ` ` |
| `image.pullPolicy` | Specifies theImage pull policy. | `""` |
| `imagePullSecrets` | Specifies the Image pull secret. | `[]` |
diff --git a/charts/kspm-collector/values.yaml b/charts/kspm-collector/values.yaml
index 98c0ffb8a..dce31b1e4 100644
--- a/charts/kspm-collector/values.yaml
+++ b/charts/kspm-collector/values.yaml
@@ -42,7 +42,7 @@ clusterName: ""
image:
repository: sysdig/kspm-collector
- tag: 1.25.0
+ tag: 1.26.0
digest:
registry: quay.io
pullPolicy:
diff --git a/charts/node-analyzer/README.md b/charts/node-analyzer/README.md
index 5cc54c878..952e0aa99 100644
--- a/charts/node-analyzer/README.md
+++ b/charts/node-analyzer/README.md
@@ -98,135 +98,135 @@ To check the integrity and the origin of the charts, append the `--verify` flag
The following table lists the configurable parameters of the Sysdig Node Analyzer chart and their default values.
-| Parameter | Description | Default |
-| ------------------------------------------------------------ | ------------------------------------------------------------ | ------------------------------------------------------------ |
-| `global.sysdig.region` | The region where Sysdig Secure is deployed. Valid options are`us1`, `us2`, `us3`, `us4`, `eu1`, `au1`, `custom`. | `us1` |
-| `global.sysdig.tags` | The list of custom tags to be assigned to the components. | `{}` |
-| `global.proxy.httpProxy` | Sets `HTTP_PROXY` on the Node Analyzer containers. | `""` |
-| `global.proxy.httpsProxy` | Sets `HTTPS_PROXY` on the Node Analyzer containers. | `""` |
-| `global.proxy.noProxy` | Sets `NO_PROXY` on the Node Analyzer containers. | `""` |
-| `global.kspm.deploy` | Enables Sysdig KSPM node analyzer and KSPM collector. | `false` |
-| `global.gke.autopilot` | If true,the agent configuration will be overridden to run on GKE Autopilot clusters. | `false` |
-| `global.image.pullSecrets` | Sets the global pull secrets. | [] |
-| `global.image.pullPolicy` | Sets the global pull policy. | `IfNotPresent` |
-| `image.registry` | Sets the Sysdig Agent image registry. | `quay.io` |
-| `gke.autopilot` | If true, the agent configuration will be overridden to run on GKE Autopilot clusters. | `false` |
-| `rbac.create` | If true, RBAC resources will be created and used. | `true` |
-| `scc.create` | Creates OpenShift's Security Context constraint. | `true` |
-| `psp.create` | Creates Pod Security Policy to allow the agent running in clusters with PSP enabled. | `true` |
-| `clusterName` | Sets a unique cluster name which is used to identify events with the `kubernetes.cluster.name` tag. | ` ` |
-| `namespace` | Overrides the global namespace setting and release namespace for components. | ` ` |
-| `sysdig.accessKey` | Sets your Sysdig Agent Access Key. | Either `accessKey` or `existingAccessKeySecret` is required |
-| `sysdig.existingAccessKeySecret` | An alternative to using the Sysdig Agent access key. Specify the name of a Kubernetes secret containing an `access-key` entry. | Either `accessKey` or `existingAccessKeySecret` is required |
-| `secure.enabled` | Enables Sysdig Secure. | `true` |
-| `secure.vulnerabilityManagement.newEngineOnly` | Enables only the new vulnerability management engine. | `false` |
-| `daemonset.annotations` | Sets custom annotations for the DaemonSet. | `{}' |
-| `daemonset.labels` | Sets NodeAnalyzer-specific labels as a multi-line templated string map or as YAML. | `{}` |
-| `daemonset.updateStrategy.type` | Sets the updateStrategy for updating the DaemonSet. | RollingUpdate |
-| `daemonset.updateStrategy.rollingUpdate.maxUnavailable` | Sets the maximum number of pods that can be unavailable during the update process. | 1 |
-| `daemonset.updateStrategy.rollingUpdate.maxSurge` | Sets the maximum number of nodes with an existing available DaemonSet pod that can have an updated DaemonSet pod during an update. | `` |
-| `nodeAnalyzer.deploy` | Deploys the Node Analyzer. | `true` |
-| `nodeAnalyzer.apiEndpoint` | Specifies the Sysdig secure API endpoint, without the protocol. `secure.sysdig.com` | ` ` |
-| `nodeAnalyzer.sslVerifyCertificate` | Set to `false` to allow insecure connections to the Sysdig backend, such as an On-Prem deployment. | |
-| `nodeAnalyzer.debug` | Set to `true` to show debug logging, which is useful for troubleshooting. | |
-| `nodeAnalyzer.priorityClassName` | Sets the priority class name variable. | |
-| `nodeAnalyzer.httpProxy` | Sets the HTTP proxy configuration variables. | |
-| `nodeAnalyzer.httpsProxy` | Sets the HTTPS proxy configuration variables. | |
-| `nodeAnalyzer.noProxy` | Sets `noProxy ` configuration variables. | |
-| `nodeAnalyzer.pullSecrets` | Sets the image pull secrets for the Node Analyzer containers. | `nil` |
-| `nodeAnalyzer.extraVolumes.volumes` | Specifies additional volumes to mount in the Node Analyzer. For example, docker socket. | `[]` |
-| `nodeAnalyzer.imageAnalyzer.deploy` | Deploys the Image Analyzer. | `true` |
-| `nodeAnalyzer.imageAnalyzer.image.repository` | Sets the image repository to pull the Node Image Analyzer from. | `sysdig/node-image-analyzer` |
-| `nodeAnalyzer.imageAnalyzer.image.tag` | Sets the image tag for the Node Image Analyzer to be pulled. | `0.1.27` |
-| `nodeAnalyzer.imageAnalyzer.image.digest` | Sets the image digest to pull. | ` ` |
-| `nodeAnalyzer.imageAnalyzer.image.pullPolicy` | Sets the Image pull policy for the Node Image Analyzer. | `""` |
-| `nodeAnalyzer.imageAnalyzer.dockerSocketPath` | Specifies the Docker socket path. | |
-| `nodeAnalyzer.imageAnalyzer.criSocketPath` | Specifies the socket path to a CRI compatible runtime, such as CRI-O. | |
-| `nodeAnalyzer.imageAnalyzer.containerdSocketPath` | Specifies the socket path to a CRI-Containerd daemon. | |
-| `nodeAnalyzer.imageAnalyzer.extraVolumes.volumes` (Deprecated) | Specifies additional volumes to mount in the Node Image Analyzer. For example, docker socket. | `[]` |
-| `nodeAnalyzer.imageAnalyzer.extraVolumes.mounts` | Specifies the mount points for additional volumes. | `[]` |
-| `nodeAnalyzer.imageAnalyzer.resources.requests.cpu` | Specifies the Node Image Analyzer CPU requests per node. | `150m` |
-| `nodeAnalyzer.imageAnalyzer.resources.requests.memory` | Specifies the Node Image Analyzer Memory requests per node. | `512Mi` |
-| `nodeAnalyzer.imageAnalyzer.resources.limits.cpu` | Specifies the Node Image Analyzer CPU limit per node. | `500m` |
-| `nodeAnalyzer.imageAnalyzer.resources.limits.memory` | Specifies the Node Image Analyzer Memory limit per node. | `1536Mi` |
-| `nodeAnalyzer.imageAnalyzer.env` | Specifies the Extra environment variables that will be passed onto pods. | `{}` |
-| `nodeAnalyzer.hostAnalyzer.deploy` | Deploys the Host Analyzer. | `true` |
-| `nodeAnalyzer.hostAnalyzer.image.repository` | Specifies the image repository to pull the Host Analyzer from. | `sysdig/host-analyzer` |
-| `nodeAnalyzer.hostAnalyzer.image.tag` | Set the image tag to pull the Host Analyzer. | `0.1.16` |
-| `nodeAnalyzer.hostAnalyzer.image.digest` | Specifies the image digest to pull. | ` ` |
-| `nodeAnalyzer.hostAnalyzer.image.pullPolicy` | Specifies the Image pull policy for the Host Analyzer. | `""` |
-| `nodeAnalyzer.hostAnalyzer.schedule` | Specifies the scanning schedule specification for the host analyzer expressed as a crontab. | `@dailydefault` |
-| `nodeAnalyzer.hostAnalyzer.dirsToScan` | Specifies the list of directories to inspect during the scan. | `/etc,/var/lib/dpkg,/usr/local,/usr/lib/sysimage/rpm,/var/lib/rpm,/lib/apk/db` |
-| `nodeAnalyzer.hostAnalyzer.maxSendAttempts` | Specifies the number of times the analysis collector is allowed to retry sending results. | `3` |
-| `nodeAnalyzer.hostAnalyzer.resources.requests.cpu` | Specifies the Host Analyzer CPU requests per node. | `150m` |
-| `nodeAnalyzer.hostAnalyzer.resources.requests.memory` | Specifies the Host Analyzer Memory requests per node. | `512Mi` |
-| `nodeAnalyzer.hostAnalyzer.resources.limits.cpu` | Specifies the Host Analyzer CPU limit per node. | `500m` |
-| `nodeAnalyzer.hostAnalyzer.resources.limits.memory` | Specifies the Host Analyzer memory limit per node. | `1536Mi` |
-| `nodeAnalyzer.hostAnalyzer.env` | Specifies the extra environment variables that will be passed onto pods. | `{}` |
-| `nodeAnalyzer.benchmarkRunner.deploy` | Deploys the Benchmark Runner. | `true` |
-| `nodeAnalyzer.benchmarkRunner.image.repository` | Specifies the image repository to pull the Benchmark Runner from. | `sysdig/compliance-benchmark-runner` |
-| `nodeAnalyzer.benchmarkRunner.image.tag` | Specifies the image tag for the Benchmark Runner to be pulled. | `1.1.0.8` |
-| `nodeAnalyzer.benchmarkRunner.image.digest` | Specifies the image digest to pull. | ` ` |
-| `nodeAnalyzer.benchmarkRunner.image.pullPolicy` | Specifies the image pull policy for the Benchmark Runner. | `""` |
-| `nodeAnalyzer.benchmarkRunner.includeSensitivePermissions` | Grant the service account elevated permissions to run CIS Benchmark for OS4. | `false` |
-| `nodeAnalyzer.benchmarkRunner.resources.requests.cpu` | Specifies the Benchmark Runner CPU requests per node. | `150m` |
-| `nodeAnalyzer.benchmarkRunner.resources.requests.memory` | Specifies the Benchmark Runner memory requests per node. | `128Mi` |
-| `nodeAnalyzer.benchmarkRunner.resources.limits.cpu` | Specifies the Benchmark Runner CPU limit per node. | `500m` |
-| `nodeAnalyzer.benchmarkRunner.resources.limits.memory` | Specifies the Benchmark Runner memory limit per node. | `256Mi` |
-| `nodeAnalyzer.benchmarkRunner.env` | Specifies the extra environment variables that will be passed onto pods. | `{}` |
-| `nodeAnalyzer.hostScanner.deploy` | Deploys the Host Scanner. | unset |
+| Parameter | Description | Default |
+| ------------------------------------------------------------ | ------------------------------------------------------------ |-----------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `global.sysdig.region` | The region where Sysdig Secure is deployed. Valid options are`us1`, `us2`, `us3`, `us4`, `eu1`, `au1`, `custom`. | `us1` |
+| `global.sysdig.tags` | The list of custom tags to be assigned to the components. | `{}` |
+| `global.proxy.httpProxy` | Sets `HTTP_PROXY` on the Node Analyzer containers. | `""` |
+| `global.proxy.httpsProxy` | Sets `HTTPS_PROXY` on the Node Analyzer containers. | `""` |
+| `global.proxy.noProxy` | Sets `NO_PROXY` on the Node Analyzer containers. | `""` |
+| `global.kspm.deploy` | Enables Sysdig KSPM node analyzer and KSPM collector. | `false` |
+| `global.gke.autopilot` | If true,the agent configuration will be overridden to run on GKE Autopilot clusters. | `false` |
+| `global.image.pullSecrets` | Sets the global pull secrets. | [] |
+| `global.image.pullPolicy` | Sets the global pull policy. | `IfNotPresent` |
+| `image.registry` | Sets the Sysdig Agent image registry. | `quay.io` |
+| `gke.autopilot` | If true, the agent configuration will be overridden to run on GKE Autopilot clusters. | `false` |
+| `rbac.create` | If true, RBAC resources will be created and used. | `true` |
+| `scc.create` | Creates OpenShift's Security Context constraint. | `true` |
+| `psp.create` | Creates Pod Security Policy to allow the agent running in clusters with PSP enabled. | `true` |
+| `clusterName` | Sets a unique cluster name which is used to identify events with the `kubernetes.cluster.name` tag. | ` ` |
+| `namespace` | Overrides the global namespace setting and release namespace for components. | ` ` |
+| `sysdig.accessKey` | Sets your Sysdig Agent Access Key. | Either `accessKey` or `existingAccessKeySecret` is required |
+| `sysdig.existingAccessKeySecret` | An alternative to using the Sysdig Agent access key. Specify the name of a Kubernetes secret containing an `access-key` entry. | Either `accessKey` or `existingAccessKeySecret` is required |
+| `secure.enabled` | Enables Sysdig Secure. | `true` |
+| `secure.vulnerabilityManagement.newEngineOnly` | Enables only the new vulnerability management engine. | `false` |
+| `daemonset.annotations` | Sets custom annotations for the DaemonSet. | `{}' |
+| `daemonset.labels` | Sets NodeAnalyzer-specific labels as a multi-line templated string map or as YAML. | `{}` |
+| `daemonset.updateStrategy.type` | Sets the updateStrategy for updating the DaemonSet. | RollingUpdate |
+| `daemonset.updateStrategy.rollingUpdate.maxUnavailable` | Sets the maximum number of pods that can be unavailable during the update process. | 1 |
+| `daemonset.updateStrategy.rollingUpdate.maxSurge` | Sets the maximum number of nodes with an existing available DaemonSet pod that can have an updated DaemonSet pod during an update. | `` |
+| `nodeAnalyzer.deploy` | Deploys the Node Analyzer. | `true` |
+| `nodeAnalyzer.apiEndpoint` | Specifies the Sysdig secure API endpoint, without the protocol. `secure.sysdig.com` | ` ` |
+| `nodeAnalyzer.sslVerifyCertificate` | Set to `false` to allow insecure connections to the Sysdig backend, such as an On-Prem deployment. | |
+| `nodeAnalyzer.debug` | Set to `true` to show debug logging, which is useful for troubleshooting. | |
+| `nodeAnalyzer.priorityClassName` | Sets the priority class name variable. | |
+| `nodeAnalyzer.httpProxy` | Sets the HTTP proxy configuration variables. | |
+| `nodeAnalyzer.httpsProxy` | Sets the HTTPS proxy configuration variables. | |
+| `nodeAnalyzer.noProxy` | Sets `noProxy ` configuration variables. | |
+| `nodeAnalyzer.pullSecrets` | Sets the image pull secrets for the Node Analyzer containers. | `nil` |
+| `nodeAnalyzer.extraVolumes.volumes` | Specifies additional volumes to mount in the Node Analyzer. For example, docker socket. | `[]` |
+| `nodeAnalyzer.imageAnalyzer.deploy` | Deploys the Image Analyzer. | `true` |
+| `nodeAnalyzer.imageAnalyzer.image.repository` | Sets the image repository to pull the Node Image Analyzer from. | `sysdig/node-image-analyzer` |
+| `nodeAnalyzer.imageAnalyzer.image.tag` | Sets the image tag for the Node Image Analyzer to be pulled. | `0.1.27` |
+| `nodeAnalyzer.imageAnalyzer.image.digest` | Sets the image digest to pull. | ` ` |
+| `nodeAnalyzer.imageAnalyzer.image.pullPolicy` | Sets the Image pull policy for the Node Image Analyzer. | `""` |
+| `nodeAnalyzer.imageAnalyzer.dockerSocketPath` | Specifies the Docker socket path. | |
+| `nodeAnalyzer.imageAnalyzer.criSocketPath` | Specifies the socket path to a CRI compatible runtime, such as CRI-O. | |
+| `nodeAnalyzer.imageAnalyzer.containerdSocketPath` | Specifies the socket path to a CRI-Containerd daemon. | |
+| `nodeAnalyzer.imageAnalyzer.extraVolumes.volumes` (Deprecated) | Specifies additional volumes to mount in the Node Image Analyzer. For example, docker socket. | `[]` |
+| `nodeAnalyzer.imageAnalyzer.extraVolumes.mounts` | Specifies the mount points for additional volumes. | `[]` |
+| `nodeAnalyzer.imageAnalyzer.resources.requests.cpu` | Specifies the Node Image Analyzer CPU requests per node. | `150m` |
+| `nodeAnalyzer.imageAnalyzer.resources.requests.memory` | Specifies the Node Image Analyzer Memory requests per node. | `512Mi` |
+| `nodeAnalyzer.imageAnalyzer.resources.limits.cpu` | Specifies the Node Image Analyzer CPU limit per node. | `500m` |
+| `nodeAnalyzer.imageAnalyzer.resources.limits.memory` | Specifies the Node Image Analyzer Memory limit per node. | `1536Mi` |
+| `nodeAnalyzer.imageAnalyzer.env` | Specifies the Extra environment variables that will be passed onto pods. | `{}` |
+| `nodeAnalyzer.hostAnalyzer.deploy` | Deploys the Host Analyzer. | `true` |
+| `nodeAnalyzer.hostAnalyzer.image.repository` | Specifies the image repository to pull the Host Analyzer from. | `sysdig/host-analyzer` |
+| `nodeAnalyzer.hostAnalyzer.image.tag` | Set the image tag to pull the Host Analyzer. | `0.1.16` |
+| `nodeAnalyzer.hostAnalyzer.image.digest` | Specifies the image digest to pull. | ` ` |
+| `nodeAnalyzer.hostAnalyzer.image.pullPolicy` | Specifies the Image pull policy for the Host Analyzer. | `""` |
+| `nodeAnalyzer.hostAnalyzer.schedule` | Specifies the scanning schedule specification for the host analyzer expressed as a crontab. | `@dailydefault` |
+| `nodeAnalyzer.hostAnalyzer.dirsToScan` | Specifies the list of directories to inspect during the scan. | `/etc,/var/lib/dpkg,/usr/local,/usr/lib/sysimage/rpm,/var/lib/rpm,/lib/apk/db` |
+| `nodeAnalyzer.hostAnalyzer.maxSendAttempts` | Specifies the number of times the analysis collector is allowed to retry sending results. | `3` |
+| `nodeAnalyzer.hostAnalyzer.resources.requests.cpu` | Specifies the Host Analyzer CPU requests per node. | `150m` |
+| `nodeAnalyzer.hostAnalyzer.resources.requests.memory` | Specifies the Host Analyzer Memory requests per node. | `512Mi` |
+| `nodeAnalyzer.hostAnalyzer.resources.limits.cpu` | Specifies the Host Analyzer CPU limit per node. | `500m` |
+| `nodeAnalyzer.hostAnalyzer.resources.limits.memory` | Specifies the Host Analyzer memory limit per node. | `1536Mi` |
+| `nodeAnalyzer.hostAnalyzer.env` | Specifies the extra environment variables that will be passed onto pods. | `{}` |
+| `nodeAnalyzer.benchmarkRunner.deploy` | Deploys the Benchmark Runner. | `true` |
+| `nodeAnalyzer.benchmarkRunner.image.repository` | Specifies the image repository to pull the Benchmark Runner from. | `sysdig/compliance-benchmark-runner` |
+| `nodeAnalyzer.benchmarkRunner.image.tag` | Specifies the image tag for the Benchmark Runner to be pulled. | `1.1.0.8` |
+| `nodeAnalyzer.benchmarkRunner.image.digest` | Specifies the image digest to pull. | ` ` |
+| `nodeAnalyzer.benchmarkRunner.image.pullPolicy` | Specifies the image pull policy for the Benchmark Runner. | `""` |
+| `nodeAnalyzer.benchmarkRunner.includeSensitivePermissions` | Grant the service account elevated permissions to run CIS Benchmark for OS4. | `false` |
+| `nodeAnalyzer.benchmarkRunner.resources.requests.cpu` | Specifies the Benchmark Runner CPU requests per node. | `150m` |
+| `nodeAnalyzer.benchmarkRunner.resources.requests.memory` | Specifies the Benchmark Runner memory requests per node. | `128Mi` |
+| `nodeAnalyzer.benchmarkRunner.resources.limits.cpu` | Specifies the Benchmark Runner CPU limit per node. | `500m` |
+| `nodeAnalyzer.benchmarkRunner.resources.limits.memory` | Specifies the Benchmark Runner memory limit per node. | `256Mi` |
+| `nodeAnalyzer.benchmarkRunner.env` | Specifies the extra environment variables that will be passed onto pods. | `{}` |
+| `nodeAnalyzer.hostScanner.deploy` | Deploys the Host Scanner. | unset |
| `nodeAnalyzer.hostScanner.dirsToScan` | Specifies the list of directories to inspect during the scan. | `/etc,/var/lib/dpkg,/var/lib/rpm,/lib/apk/db,/bin,/sbin,/usr/bin,/usr/sbin,/usr/share,/usr/local,/usr/lib,/usr/lib64,/var/lib/google,/var/lib/toolbox,/var/lib/cloud` |
-| `nodeAnalyzer.hostScanner.additionalDirsToScan` | Sets the optional comma-separated list of directories in addition to the default ones. | ` ` |
-| `nodeAnalyzer.hostScanner.env` | Specifies the extra environment variables that will be passed onto pods. | `{}` |
-| `nodeAnalyzer.hostScanner.image.repository` | Specifies the image repository to pull the Host Scanner from. | `sysdig/vuln-host-scanner` |
-| `nodeAnalyzer.hostScanner.image.tag` | Specifies the image tag to pull the Host Scanner. | `0.4` |
-| `nodeAnalyzer.hostScanner.image.digest` | Specifies the image digest to pull. | ` ` |
-| `nodeAnalyzer.hostScanner.image.pullPolicy` | Specifies the image pull policy for the Host Scanner. | `""` |
-| `nodeAnalyzer.hostScanner.resources.requests.cpu` | Specifies the Host Scanner CPU requests per node. | `150m` |
-| `nodeAnalyzer.hostScanner.resources.requests.memory` | Specifies the Host Scanner memory requests per node. | `512Mi` |
-| `nodeAnalyzer.hostScanner.resources.requests.ephemeral-storage` | Specifies the Host Scanner Storage requests per node. | `512Mi` |
-| `nodeAnalyzer.hostScanner.resources.limits.cpu` | Specifies the Host Scanner CPU limit per node. | `500m` |
-| `nodeAnalyzer.hostScanner.resources.limits.memory` | Specifies the Host Scanner memory limit per node. | `1Gi` |
-| `nodeAnalyzer.hostScanner.resources.limits.ephemeral-storage` | Specifies the Host Scanner Storage limit per node. | `1Gi` |
-| `nodeAnalyzer.hostScanner.probesPort` | Specifies the port where readiness and liveness probes are exposed. | `7001` |
-| `nodeAnalyzer.runtimeScanner.deploy` | Deploys the Runtime Scanner. | `false` |
-| `nodeAnalyzer.runtimeScanner.extraMounts` | Specifies a container engine custom socket path (docker, containerd, CRI-O). | |
-| `nodeAnalyzer.runtimeScanner.storageClassName` | Specifies the Runtime Scanner storage class to use instead of emptyDir for ephemeral storage. | `` |
-| `nodeAnalyzer.runtimeScanner.image.repository` | Specifies the image repository to pull the Runtime Scanner from. | `sysdig/vuln-runtime-scanner` |
-| `nodeAnalyzer.runtimeScanner.image.tag` | Specifies the image tag to pull the Runtime Scanner. | `1.5` |
-| `nodeAnalyzer.runtimeScanner.image.digest` | Specifies the image digest to pull. | ` ` |
-| `nodeAnalyzer.runtimeScanner.image.pullPolicy` | Specifies the image pull policy for the Runtime Scanner. | `""` |
-| `nodeAnalyzer.runtimeScanner.resources.requests.cpu` | Specifies the Runtime Scanner CPU requests per node. | `150m` |
-| `nodeAnalyzer.runtimeScanner.resources.requests.memory` | Specifies the Runtime Scanner Memory requests per node. | `512Mi` |
-| `nodeAnalyzer.runtimeScanner.resources.requests.ephemeral-storage` | Specifies the Runtime Scanner Storage requests per node. | `2Gi` |
-| `nodeAnalyzer.runtimeScanner.resources.limits.cpu` | Specifies the Runtime Scanner CPU limit per node. | `1000m` |
-| `nodeAnalyzer.runtimeScanner.resources.limits.memory` | Specifies the Runtime Scanner memory limit per node. | `2Gi` |
-| `nodeAnalyzer.runtimeScanner.resources.limits.ephemeral-storage` | Specifies the Runtime Scanner Storage limit per node. | `4Gi` |
-| `nodeAnalyzer.runtimeScanner.env` | Specifies the extra environment variables that will be passed onto pods. | `{}` |
-| `nodeAnalyzer.runtimeScanner.settings.eveEnabled` | Enables Sysdig Eve | `false` |
-| `nodeAnalyzer.runtimeScanner.eveConnector.image.repository` | Specifies the image repository to pull the Eve Connector from. | `sysdig/eveclient-api` |
-| `nodeAnalyzer.runtimeScanner.eveConnector.image.tag` | Specifies the image tag for the Eve Connector to be pulled. | `1.1.0` |
-| `nodeAnalyzer.runtimeScanner.eveConnector.deploy` | Enables Sysdig Eve Connector for third-party integrations. | `false` |
-| `nodeAnalyzer.runtimeScanner.eveConnector.resources.requests.cpu` | Specifies the Eve Connector CPU requests per node. | `100m` |
-| `nodeAnalyzer.runtimeScanner.eveConnector.resources.requests.memory` | Specifies the Eve Connector memory requests per node. | `128Mi` |
-| `nodeAnalyzer.runtimeScanner.eveConnector.resources.limits.cpu` | Specifies the Eve Connector CPU limits per node. | `1000m` |
-| `nodeAnalyzer.runtimeScanner.eveConnector.resources.limits.memory` | Specifies the Eve Connector Memory limits per node. | `512Mi` |
-| `nodeAnalyzer.runtimeScanner.eveConnector.settings.replicas` | Specifies the Eve Connector deployment replicas. | `1` |
-| `nodeAnalyzer.runtimeScanner.eveConnector.priorityClassName` | Specifies the name of an existing PriorityClass to use for the Eve Connector Deployment. | `{}` |
-| `nodeAnalyzer.tolerations` | Specifies the tolerations for scheduling. | `node-role.kubernetes.io/master:NoSchedule` |
-| `node-role.kubernetes.io/control-plane:NoSchedule` | | |
-| `nodeAnalyzer.kspmAnalyzer.debug` | Set to true to show KSPM node analyzer debug logging, which is useful for troubleshooting. | `false` |
-| `nodeAnalyzer.kspmAnalyzer.image.repository` | Specifies the image repository to pull the KSPM node analyzer from. | `sysdig/kspm-analyzer` |
-| `nodeAnalyzer.kspmAnalyzer.image.tag` | Specifies the image tag for the KSPM node analyzer image to be pulled. | `1.24.0` |
-| `nodeAnalyzer.kspmAnalyzer.image.digest` | Specifies the image digest to pull. | ` ` |
-| `nodeAnalyzer.kspmAnalyzer.image.pullPolicy` | Specifies the The image pull policy for the KSPM node analyzer. | `""` |
-| `nodeAnalyzer.kspmAnalyzer.resources.requests.cpu` | Specifies the KSPM node analyzer CPU requests per node. | `150m` |
-| `nodeAnalyzer.kspmAnalyzer.resources.requests.memory` | Specifies the KSPM node analyzer memory requests per node. | `256Mi` |
-| `nodeAnalyzer.kspmAnalyzer.resources.limits.cpu` | Specifies the KSPM node analyzer CPU limits per node. | `500m` |
-| `nodeAnalyzer.kspmAnalyzer.resources.limits.memory` | Specifies the KSPM node analyzer memory limits per node. | `1536Mi` |
-| `nodeAnalyzer.kspmAnalyzer.port` | Specifies the KSPM node analyzer port for health checks and results API. | `12000` |
-| `nodeAnalyzer.kspmAnalyzer.readinessProbe.enabled` | Specifies whether KSPM node analyzer readinessProbe is enabled or not. | `true` |
-| `nodeAnalyzer.kspmAnalyzer.livenessProbe.enabled` | Specifies whether the KSPM node analyzer livenessProbe is enabled or not. | `true` |
-| `nodeAnalyzer.kspmAnalyzer.env` | Specifies the extra environment variables that will be passed onto pods. | `{}` |
-| `nodeAnalyzer.nodeSelector` | Specifies the Node Selector. | `{}` |
-| `nodeAnalyzer.affinity` | Specifies the Node affinities. | `schedule on amd64 and linux` |
+| `nodeAnalyzer.hostScanner.additionalDirsToScan` | Sets the optional comma-separated list of directories in addition to the default ones. | ` ` |
+| `nodeAnalyzer.hostScanner.env` | Specifies the extra environment variables that will be passed onto pods. | `{}` |
+| `nodeAnalyzer.hostScanner.image.repository` | Specifies the image repository to pull the Host Scanner from. | `sysdig/vuln-host-scanner` |
+| `nodeAnalyzer.hostScanner.image.tag` | Specifies the image tag to pull the Host Scanner. | `0.4` |
+| `nodeAnalyzer.hostScanner.image.digest` | Specifies the image digest to pull. | ` ` |
+| `nodeAnalyzer.hostScanner.image.pullPolicy` | Specifies the image pull policy for the Host Scanner. | `""` |
+| `nodeAnalyzer.hostScanner.resources.requests.cpu` | Specifies the Host Scanner CPU requests per node. | `150m` |
+| `nodeAnalyzer.hostScanner.resources.requests.memory` | Specifies the Host Scanner memory requests per node. | `512Mi` |
+| `nodeAnalyzer.hostScanner.resources.requests.ephemeral-storage` | Specifies the Host Scanner Storage requests per node. | `512Mi` |
+| `nodeAnalyzer.hostScanner.resources.limits.cpu` | Specifies the Host Scanner CPU limit per node. | `500m` |
+| `nodeAnalyzer.hostScanner.resources.limits.memory` | Specifies the Host Scanner memory limit per node. | `1Gi` |
+| `nodeAnalyzer.hostScanner.resources.limits.ephemeral-storage` | Specifies the Host Scanner Storage limit per node. | `1Gi` |
+| `nodeAnalyzer.hostScanner.probesPort` | Specifies the port where readiness and liveness probes are exposed. | `7001` |
+| `nodeAnalyzer.runtimeScanner.deploy` | Deploys the Runtime Scanner. | `false` |
+| `nodeAnalyzer.runtimeScanner.extraMounts` | Specifies a container engine custom socket path (docker, containerd, CRI-O). | |
+| `nodeAnalyzer.runtimeScanner.storageClassName` | Specifies the Runtime Scanner storage class to use instead of emptyDir for ephemeral storage. | `` |
+| `nodeAnalyzer.runtimeScanner.image.repository` | Specifies the image repository to pull the Runtime Scanner from. | `sysdig/vuln-runtime-scanner` |
+| `nodeAnalyzer.runtimeScanner.image.tag` | Specifies the image tag to pull the Runtime Scanner. | `1.5` |
+| `nodeAnalyzer.runtimeScanner.image.digest` | Specifies the image digest to pull. | ` ` |
+| `nodeAnalyzer.runtimeScanner.image.pullPolicy` | Specifies the image pull policy for the Runtime Scanner. | `""` |
+| `nodeAnalyzer.runtimeScanner.resources.requests.cpu` | Specifies the Runtime Scanner CPU requests per node. | `150m` |
+| `nodeAnalyzer.runtimeScanner.resources.requests.memory` | Specifies the Runtime Scanner Memory requests per node. | `512Mi` |
+| `nodeAnalyzer.runtimeScanner.resources.requests.ephemeral-storage` | Specifies the Runtime Scanner Storage requests per node. | `2Gi` |
+| `nodeAnalyzer.runtimeScanner.resources.limits.cpu` | Specifies the Runtime Scanner CPU limit per node. | `1000m` |
+| `nodeAnalyzer.runtimeScanner.resources.limits.memory` | Specifies the Runtime Scanner memory limit per node. | `2Gi` |
+| `nodeAnalyzer.runtimeScanner.resources.limits.ephemeral-storage` | Specifies the Runtime Scanner Storage limit per node. | `4Gi` |
+| `nodeAnalyzer.runtimeScanner.env` | Specifies the extra environment variables that will be passed onto pods. | `{}` |
+| `nodeAnalyzer.runtimeScanner.settings.eveEnabled` | Enables Sysdig Eve | `false` |
+| `nodeAnalyzer.runtimeScanner.eveConnector.image.repository` | Specifies the image repository to pull the Eve Connector from. | `sysdig/eveclient-api` |
+| `nodeAnalyzer.runtimeScanner.eveConnector.image.tag` | Specifies the image tag for the Eve Connector to be pulled. | `1.1.0` |
+| `nodeAnalyzer.runtimeScanner.eveConnector.deploy` | Enables Sysdig Eve Connector for third-party integrations. | `false` |
+| `nodeAnalyzer.runtimeScanner.eveConnector.resources.requests.cpu` | Specifies the Eve Connector CPU requests per node. | `100m` |
+| `nodeAnalyzer.runtimeScanner.eveConnector.resources.requests.memory` | Specifies the Eve Connector memory requests per node. | `128Mi` |
+| `nodeAnalyzer.runtimeScanner.eveConnector.resources.limits.cpu` | Specifies the Eve Connector CPU limits per node. | `1000m` |
+| `nodeAnalyzer.runtimeScanner.eveConnector.resources.limits.memory` | Specifies the Eve Connector Memory limits per node. | `512Mi` |
+| `nodeAnalyzer.runtimeScanner.eveConnector.settings.replicas` | Specifies the Eve Connector deployment replicas. | `1` |
+| `nodeAnalyzer.runtimeScanner.eveConnector.priorityClassName` | Specifies the name of an existing PriorityClass to use for the Eve Connector Deployment. | `{}` |
+| `nodeAnalyzer.tolerations` | Specifies the tolerations for scheduling. | `node-role.kubernetes.io/master:NoSchedule` |
+| `node-role.kubernetes.io/control-plane:NoSchedule` | | |
+| `nodeAnalyzer.kspmAnalyzer.debug` | Set to true to show KSPM node analyzer debug logging, which is useful for troubleshooting. | `false` |
+| `nodeAnalyzer.kspmAnalyzer.image.repository` | Specifies the image repository to pull the KSPM node analyzer from. | `sysdig/kspm-analyzer` |
+| `nodeAnalyzer.kspmAnalyzer.image.tag` | Specifies the image tag for the KSPM node analyzer image to be pulled. | `1.26.0` |
+| `nodeAnalyzer.kspmAnalyzer.image.digest` | Specifies the image digest to pull. | ` ` |
+| `nodeAnalyzer.kspmAnalyzer.image.pullPolicy` | Specifies the The image pull policy for the KSPM node analyzer. | `""` |
+| `nodeAnalyzer.kspmAnalyzer.resources.requests.cpu` | Specifies the KSPM node analyzer CPU requests per node. | `150m` |
+| `nodeAnalyzer.kspmAnalyzer.resources.requests.memory` | Specifies the KSPM node analyzer memory requests per node. | `256Mi` |
+| `nodeAnalyzer.kspmAnalyzer.resources.limits.cpu` | Specifies the KSPM node analyzer CPU limits per node. | `500m` |
+| `nodeAnalyzer.kspmAnalyzer.resources.limits.memory` | Specifies the KSPM node analyzer memory limits per node. | `1536Mi` |
+| `nodeAnalyzer.kspmAnalyzer.port` | Specifies the KSPM node analyzer port for health checks and results API. | `12000` |
+| `nodeAnalyzer.kspmAnalyzer.readinessProbe.enabled` | Specifies whether KSPM node analyzer readinessProbe is enabled or not. | `true` |
+| `nodeAnalyzer.kspmAnalyzer.livenessProbe.enabled` | Specifies whether the KSPM node analyzer livenessProbe is enabled or not. | `true` |
+| `nodeAnalyzer.kspmAnalyzer.env` | Specifies the extra environment variables that will be passed onto pods. | `{}` |
+| `nodeAnalyzer.nodeSelector` | Specifies the Node Selector. | `{}` |
+| `nodeAnalyzer.affinity` | Specifies the Node affinities. | `schedule on amd64 and linux` |
diff --git a/charts/node-analyzer/values.yaml b/charts/node-analyzer/values.yaml
index f17fcb6b0..32400e8e6 100644
--- a/charts/node-analyzer/values.yaml
+++ b/charts/node-analyzer/values.yaml
@@ -345,7 +345,7 @@ nodeAnalyzer:
debug: false
image:
repository: sysdig/kspm-analyzer
- tag: 1.25.0
+ tag: 1.26.0
digest:
pullPolicy: