Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(cluster-shield): Automatic bump to version 1.4.0 #1977

Merged
merged 1 commit into from
Oct 14, 2024
Merged

chore(cluster-shield): Automatic bump to version 1.4.0 #1977

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion charts/cluster-shield/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v2
name: cluster-shield
description: Cluster Shield Helm Chart for Kubernetes
type: application
version: 1.4.0
version: 1.4.1
appVersion: "1.4.0"
maintainers:
- name: AlbertoBarba
Expand Down
3 changes: 3 additions & 0 deletions charts/cluster-shield/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -179,6 +179,9 @@ The following table lists the configurable parameters of the `cluster-shield` ch
| existingTLSSecret.tlsCertName | Provide the certificate filename that is defined inside the existing Secret (default tls.crt) | <code></code> |
| existingTLSSecret.tlsCertKeyName | Provide the certificate key filename that is defined inside the existing Secret (default tls.key) | <code></code> |
| existingTLSSecret.caCertName | Provide the certificate authority filename that is defined inside the existing Secret (default ca.crt) | <code></code> |
| env | Optional parameter used to add environment variables to the Cluster Shield pods | <code>[]</code> |
| volumes | Optional parameter to specify additional host volumes for the Cluster Shield pods | <code>[]</code> |
| volumeMounts | Optional parameter to specify additional volume mounts for the Cluster Shield pods | <code>[]</code> |


## Running helm unit tests
Expand Down
2 changes: 1 addition & 1 deletion charts/cluster-shield/templates/_helpers.tpl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -453,6 +453,6 @@ run-all-namespaced
{{- $tags := (include "cluster-shield.dict.flatten" (list .Values.global.sysdig.tags "") | split ",") -}}
{{- range $tags -}}
{{- $tag := (split ":" .) -}}
{{- $tag._0 }}: {{ $tag._1 }}
{{- $tag._0 }}: {{ $tag._1 | quote }}
{{ end -}}
{{- end -}}
9 changes: 9 additions & 0 deletions charts/cluster-shield/templates/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -104,6 +104,9 @@ spec:
mountPath: /ca-certs
readOnly: true
{{- end }}
{{- with .Values.volumeMounts }}
{{- toYaml . | nindent 12 }}
{{- end }}
env:
- name: KUBE_POD_NAME
valueFrom:
Expand Down Expand Up @@ -139,6 +142,9 @@ spec:
key: noProxy
optional: true
{{- end }}
{{- with .Values.env }}
{{- toYaml . | nindent 12 }}
{{- end }}
volumes:
- name: cluster-shield
configMap:
Expand Down Expand Up @@ -166,6 +172,9 @@ spec:
configMap:
name: {{ .Values.ca.existingCaConfigMap | default .Values.global.ssl.ca.existingCaConfigMap }}
{{- end }}
{{- with .Values.volumes }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
Expand Down
12 changes: 6 additions & 6 deletions charts/cluster-shield/tests/configmap_test.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -332,7 +332,7 @@ tests:
key2:
subkey1: subvalue2
subkey2:
subsubkey1: subsubvalue1
subsubkey1: "true"
asserts:
- containsDocument:
kind: ConfigMap
Expand All @@ -351,15 +351,15 @@ tests:
tags:
key1: value1
key2.subkey1: subvalue2
key2.subkey2.subsubkey1: subsubvalue1
key2.subkey2.subsubkey1: "true"

- it: Cluster Config Tags
set:
cluster_shield:
cluster_config:
tags:
key1: value1
key2: value2
key2: "true"
asserts:
- containsDocument:
kind: ConfigMap
Expand All @@ -377,7 +377,7 @@ tests:
name: lint-cluster
tags:
key1: value1
key2: value2
key2: "true"

- it: Test Cluster Config Tags overrides Global Tags
set:
Expand All @@ -393,7 +393,7 @@ tests:
cluster_config:
tags:
key1: value1
key2: value2
key2: "true"
asserts:
- containsDocument:
kind: ConfigMap
Expand All @@ -411,4 +411,4 @@ tests:
name: lint-cluster
tags:
key1: value1
key2: value2
key2: "true"
36 changes: 36 additions & 0 deletions charts/cluster-shield/tests/deployment_test.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -452,3 +452,39 @@ tests:
name: cert
secret:
secretName: my-custom-tls-secret

- it: Test setting custom environment variables
set:
env:
- name: MY_ENV_VAR
value: my-value
asserts:
- contains:
path: spec.template.spec.containers[?(@.name == "cluster-shield")].env
content:
name: MY_ENV_VAR
value: my-value

- it: Test adding custom volume and volume mounts
set:
volumes:
- name: my-volume
hostPath:
path: /opt/my-dir
volumeMounts:
- name: my-volume
mountPath: /host/opt/my-dir
readOnly: true
asserts:
- contains:
path: spec.template.spec.containers[?(@.name == "cluster-shield")].volumeMounts
content:
name: my-volume
mountPath: /host/opt/my-dir
readOnly: true
- contains:
path: spec.template.spec.volumes
content:
name: my-volume
hostPath:
path: /opt/my-dir
69 changes: 69 additions & 0 deletions charts/cluster-shield/values.schema.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -188,6 +188,75 @@
"Default",
"None"
]
},
"env": {
"type": "array",
"description": "Define additional environment variables to be used by the Cluster Shield",
"items": {
"type": "object",
"properties": {
"name": {
"type": "string",
"description": "The name of the environment variable"
},
"value": {
"type": "string",
"description": "The value of the environment variable"
}
},
"required": [
"name",
"value"
]
}
},
"volumes": {
"type": "array",
"description": "Define additional volumes to be used by the Cluster Shield",
"items": {
"type": "object",
"additionalProperties": true,
"properties": {
"name": {
"type": "string",
"description": "The name of the volume"
}
},
"required": [
"name"
]
}
},
"volumeMounts": {
"type": "array",
"description": "Define additional volume mounts to be used by the Cluster Shield pods",
"items": {
"type": "object",
"additionalProperties": true,
"properties": {
"name": {
"type": "string",
"description": "The name of the volume"
},
"mountPath": {
"type": "string",
"description": "The path where the volume will be mounted"
},
"subPath": {
"type": "string",
"description": "The subpath of the volume to mount"
},
"readOnly": {
"type": "boolean",
"description": "Set the volume read-only",
"default": false
}
},
"required": [
"name",
"mountPath"
]
}
}
},
"allOf": [
Expand Down
16 changes: 16 additions & 0 deletions charts/cluster-shield/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -273,3 +273,19 @@ existingTLSSecret:
tlsCertKeyName:
# Provide the certificate authority filename that is defined inside the existing Secret (default ca.crt)
caCertName:
# Optional parameter used to add environment variables to the Cluster Shield pods
env: []
# - name: MY_ENV_VAR
# value: my-env-var-value

# Optional parameter to specify additional host volumes for the Cluster Shield pods
volumes: []
# - name: my-volume
# hostPath:
# path: /path/to/host/folder

# Optional parameter to specify additional volume mounts for the Cluster Shield pods
volumeMounts: []
# - name: my-volume
# mountPath: /host/path/to/mount/folder
# readOnly: true
Loading