diff --git a/charts/node-analyzer/Chart.yaml b/charts/node-analyzer/Chart.yaml index 24ddd444e..03215e42f 100644 --- a/charts/node-analyzer/Chart.yaml +++ b/charts/node-analyzer/Chart.yaml @@ -3,7 +3,7 @@ name: node-analyzer description: Sysdig Node Analyzer # currently matching Sysdig's appVersion 1.14.34 -version: 1.8.51 +version: 1.8.52 appVersion: 12.6.0 keywords: - monitoring diff --git a/charts/node-analyzer/README.md b/charts/node-analyzer/README.md index b36fce9e4..caa2576ac 100644 --- a/charts/node-analyzer/README.md +++ b/charts/node-analyzer/README.md @@ -96,6 +96,7 @@ The following table lists the configurable parameters of the Sysdig Node Analyze | `sysdig.existingAccessKeySecret` | Alternatively, specify the name of a Kubernetes secret containing an 'access-key' entry | ` ` Either accessKey or existingAccessKeySecret is required | | `secure.enabled` | Enable Sysdig Secure | `true` | | `secure.vulnerabilityManagement.newEngineOnly` | Enable only the new vulnerability management engine | `false` | +| `daemonset.annotations` | Custom annotations for the daemonset | `{}' | | `daemonset.labels` | NodeAnalyzer specific labels (as a multi-line templated string map or as YAML) | `{}` | `daemonset.updateStrategy.type` | The updateStrategy for updating the daemonset | RollingUpdate | `daemonset.updateStrategy.rollingUpdate.maxUnavailable` | The maximum number of pods that can be unavailable during the update process | 1 diff --git a/charts/node-analyzer/templates/daemonset-node-analyzer.yaml b/charts/node-analyzer/templates/daemonset-node-analyzer.yaml index 8bc7c8e75..c14330275 100644 --- a/charts/node-analyzer/templates/daemonset-node-analyzer.yaml +++ b/charts/node-analyzer/templates/daemonset-node-analyzer.yaml @@ -25,6 +25,10 @@ spec: app.kubernetes.io/name: {{ include "nodeAnalyzer.name" . }} {{ include "daemonset.labels" . | indent 8 }} {{ include "nodeAnalyzer.labels" . | indent 8 }} +{{- if .Values.daemonset.annotations }} + annotations: + {{ toYaml .Values.daemonset.annotations | nindent 8 }} +{{- end }} spec: volumes: {{- if include "nodeAnalyzer.deployBenchmarkRunner" . }} diff --git a/charts/node-analyzer/tests/annotations_test.yaml b/charts/node-analyzer/tests/annotations_test.yaml new file mode 100644 index 000000000..4f195f850 --- /dev/null +++ b/charts/node-analyzer/tests/annotations_test.yaml @@ -0,0 +1,18 @@ +suite: Test specifying annotations to the Node Analyzer DaemonSet +templates: + - templates/daemonset-node-analyzer.yaml +tests: + - it: Test no annotations by default + asserts: + - isNull: + path: template.metadata.annotations + + - it: Test annotations are added as expected + set: + daemonset: + annotations: + super: annotation + asserts: + - equal: + path: spec.template.metadata.annotations['super'] + value: annotation diff --git a/charts/node-analyzer/values.yaml b/charts/node-analyzer/values.yaml index 56ac08403..0854babd8 100644 --- a/charts/node-analyzer/values.yaml +++ b/charts/node-analyzer/values.yaml @@ -25,6 +25,8 @@ gke: autopilot: false daemonset: + # Specify custom annotations for the DaemonSet + annotations: {} # Allow the DaemonSet to set labels labels: {} # Perform rolling updates by default in the DaemonSet agent