diff --git a/charts/node-analyzer/Chart.yaml b/charts/node-analyzer/Chart.yaml index c9a2e9218..4ebcbe5e0 100644 --- a/charts/node-analyzer/Chart.yaml +++ b/charts/node-analyzer/Chart.yaml @@ -3,7 +3,7 @@ name: node-analyzer description: Sysdig Node Analyzer # currently matching Sysdig's appVersion 1.14.34 -version: 1.11.3 +version: 1.12.0 appVersion: 12.6.0 keywords: - monitoring diff --git a/charts/node-analyzer/templates/_helpers.tpl b/charts/node-analyzer/templates/_helpers.tpl index 438e97439..cbdf9f705 100644 --- a/charts/node-analyzer/templates/_helpers.tpl +++ b/charts/node-analyzer/templates/_helpers.tpl @@ -239,6 +239,14 @@ true {{- end -}} {{- end -}} +{{- define "nodeAnalyzer.useHostPID" -}} +{{- if (include "nodeAnalyzer.deployBenchmarkRunner" .) }} +true +{{ else if or (not (hasKey .Values.global.kspm "deploy")) .Values.global.kspm.deploy }} +true +{{- end -}} +{{- end -}} + {{- define "nodeAnalyzer.deployImageAnalyzer" -}} {{- if and (not .Values.secure.vulnerabilityManagement.newEngineOnly) (or (not (hasKey .Values.nodeAnalyzer.imageAnalyzer "deploy")) .Values.nodeAnalyzer.imageAnalyzer.deploy) }} true diff --git a/charts/node-analyzer/templates/daemonset-node-analyzer.yaml b/charts/node-analyzer/templates/daemonset-node-analyzer.yaml index 767a4b265..5e70566a5 100644 --- a/charts/node-analyzer/templates/daemonset-node-analyzer.yaml +++ b/charts/node-analyzer/templates/daemonset-node-analyzer.yaml @@ -118,7 +118,7 @@ spec: # This is required by the Benchmark and the HostScanner containers to determine the hostname and host mac address hostNetwork: true {{- end }} - {{- if include "nodeAnalyzer.deployBenchmarkRunner" . }} + {{- if include "nodeAnalyzer.useHostPID" . }} # Use the Host PID namespace. # This is required for Kubernetes benchmarks, as they contain tests that check Kubernetes processes running on # the host diff --git a/charts/node-analyzer/tests/conditional_flag_test.yaml b/charts/node-analyzer/tests/conditional_flag_test.yaml index 1a5962db4..83a0c8edd 100644 --- a/charts/node-analyzer/tests/conditional_flag_test.yaml +++ b/charts/node-analyzer/tests/conditional_flag_test.yaml @@ -20,6 +20,30 @@ tests: apiVersion: v1 template: configmap-kspm-analyzer.yaml + - it: Check hostPID is true if global.kspm.deploy is true + set: + global: + kspm: + deploy: true + clusterName: test-cluster + template: daemonset-node-analyzer.yaml + asserts: + - equal: + path: spec.template.spec.hostPID + value: true + + - it: Check hostPID is true if nodeAnalyzer.benchmarkRunner.deploy is true + set: + nodeAnalyzer: + benchmarkRunner: + deploy: true + clusterName: test-cluster + template: daemonset-node-analyzer.yaml + asserts: + - equal: + path: spec.template.spec.hostPID + value: true + - it: Check global kspm deploy without clusterName set: global: diff --git a/charts/sysdig-deploy/Chart.yaml b/charts/sysdig-deploy/Chart.yaml index ada67e6bb..95815e12e 100644 --- a/charts/sysdig-deploy/Chart.yaml +++ b/charts/sysdig-deploy/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: sysdig-deploy description: A chart with various Sysdig components for Kubernetes type: application -version: 1.15.4 +version: 1.15.5 maintainers: - name: AlbertoBarba email: alberto.barba@sysdig.com @@ -36,7 +36,7 @@ dependencies: - name: node-analyzer # repository: https://charts.sysdig.com repository: file://../node-analyzer - version: ~1.11.3 + version: ~1.12.0 alias: nodeAnalyzer condition: nodeAnalyzer.enabled - name: cluster-scanner