Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[sysdig] Update default registry, correct host analyzer schedule, fix readme #150

Merged
merged 2 commits into from
May 18, 2021
Merged

[sysdig] Update default registry, correct host analyzer schedule, fix readme #150

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
b84c1db
Update default registry, correct host analyer schedule, fix readme
nkraemer-sysdig May 18, 2021
8d58c2e
fix: Why this file has execution permissions?
May 18, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions charts/sysdig/CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,14 @@

This file documents all notable changes to Sysdig Helm Chart. The release numbering uses [semantic versioning](http://semver.org).

## v1.12.1

### Minor changes

* Switch default registry from `docker.io` to `quay.io`
* Update Benchmark Runner to 1.0.6.0
* Correct error in Host Analyzer Configmap

## v1.12.0

### Major changes
Expand Down
2 changes: 1 addition & 1 deletion charts/sysdig/Chart.yaml
100755 → 100644
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
apiVersion: v1
name: sysdig
version: 1.12.0
version: 1.12.1
appVersion: 11.2.1
description: Sysdig Monitor and Secure agent
keywords:
Expand Down
8 changes: 4 additions & 4 deletions charts/sysdig/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,7 @@ The following table lists the configurable parameters of the Sysdig chart and th
| `prometheus.yaml` | prometheus.yaml content to configure metric collection: relabelling and filtering | ` ` |
| `extraVolumes.volumes` | Additional volumes to mount in the sysdig agent to pass new secrets or configmaps | `[]` |
| `extraVolumes.mounts` | Mount points for additional volumes | `[]` |
| `nodeImageAnalyzer.deploy` | Deploy the Node Image Analyzer (See https://docs.sysdig.com/en/scan-running-images.html) | `false` |
| `nodeImageAnalyzer.deploy` | Deploy the Node Image Analyzer (See https://docs.sysdig.com/en/scan-running-images.html) | `false` |
| `nodeImageAnalyzer.settings.dockerSocketPath` | The Docker socket path | |
| `nodeImageAnalyzer.settings.criSocketPath` | The socket path to a CRI compatible runtime, such as CRI-O | |
| `nodeImageAnalyzer.settings.containerdSocketPath` | The socket path to a CRI-Containerd daemon | |
Expand All @@ -107,7 +107,7 @@ The following table lists the configurable parameters of the Sysdig chart and th
| `nodeImageAnalyzer.resources.limits.memory` | Node Image Analyzer Memory limit per node | `1024Mi` |
| `nodeImageAnalyzer.extraVolumes.volumes` | Additional volumes to mount in the Node Image Analyzer (i.e. for docker socket) | `[]` |
| `nodeImageAnalyzer.extraVolumes.mounts` | Mount points for additional volumes | `[]` |
| `nodeAnalyzer.deploy` | Deploy the Node Analyzer | `true` |
| `nodeAnalyzer.deploy` | Deploy the Node Analyzer | `true` |
| `nodeAnalyzer.collectorEndpoint` | The endpoint to the Scanning Analysis collector | |
| `nodeAnalyzer.sslVerifyCertificate` | Can be set to false to allow insecure connections to the Sysdig backend, such as On-Prem | |
| `nodeAnalyzer.debug` | Can be set to true to show debug logging, useful for troubleshooting | |
Expand Down Expand Up @@ -138,8 +138,8 @@ The following table lists the configurable parameters of the Sysdig chart and th
| `nodeAnalyzer.hostAnalyzer.resources.limits.cpu` | Host Analyzer CPU limit per node | `500m` |
| `nodeAnalyzer.hostAnalyzer.resources.limits.memory` | Host Analyzer Memory limit per node | `1536Mi` |
| `nodeAnalyzer.benchmarkRunner.image.repository` | The image repository to pull the Benchmark Runner from | `sysdig/compliance-benchmark-runner` |
| `nodeAnalyzer.benchmarkRunner.image.tag` | The image tag to pull the Benchmark Runner | `latest` |
| `nodeAnalyzer.benchmarkRunner.image.pullPolicy` | The Image pull policy for the Benchmark Runner | `Always` |
| `nodeAnalyzer.benchmarkRunner.image.tag` | The image tag to pull the Benchmark Runner | `1.0.6.0` |
| `nodeAnalyzer.benchmarkRunner.image.pullPolicy` | The Image pull policy for the Benchmark Runner | `IfNotPresent` |
| `nodeAnalyzer.benchmarkRunner.resources.requests.cpu` | Benchmark Runner CPU requests per node | `150m` |
| `nodeAnalyzer.benchmarkRunner.resources.requests.memory` | Benchmark Runner Memory requests per node | `128Mi` |
| `nodeAnalyzer.benchmarkRunner.resources.limits.cpu` | Benchmark Runner CPU limit per node | `500m` |
Expand Down
2 changes: 1 addition & 1 deletion charts/sysdig/templates/configmap-host-analyzer.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ data:
{{- end }}
debug: "{{ .Values.nodeAnalyzer.debug | default false }}"
{{- if .Values.nodeAnalyzer.hostAnalyzer.schedule }}
schedule: {{ .Values.nodeAnalyzer.hostAnalyzer.schedule }}
schedule: {{ .Values.nodeAnalyzer.hostAnalyzer.schedule | quote }}
{{- end }}
{{- if .Values.nodeAnalyzer.hostAnalyzer.analyzeAtStartup }}
analyze_at_startup: {{ .Values.nodeAnalyzer.hostAnalyzer.analyzeAtStartup }}
Expand Down
6 changes: 3 additions & 3 deletions charts/sysdig/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ image:
# As long as I don't want to people to use this, I will keep it undocumented
overrideValue:

registry: docker.io
registry: quay.io
repository: sysdig/agent
tag: 11.2.1
# Specify a imagePullPolicy
Expand Down Expand Up @@ -327,7 +327,7 @@ nodeAnalyzer:
# The scanning schedule specification for the host analyzer expressed as a crontab string such as “5 4 * * *”.
# The default value of @dailydefault instructs the analyzer to automatically pick a schedule that will start
# shortly after it is deployed and will perform a scan every 24 hours.
# schedule: “5 4 * * *”
schedule: "@dailydefault"

# The list of directories to inspect during the scan, expressed as a comma separated list.
# dirsToScan: "/etc,/var/lib/dpkg,/usr/local,/usr/lib/sysimage/rpm,/var/lib/rpm,/lib/apk/db"
Expand All @@ -345,7 +345,7 @@ nodeAnalyzer:
benchmarkRunner:
image:
repository: sysdig/compliance-benchmark-runner
tag: 1.0.4.0
tag: 1.0.6.0
pullPolicy: IfNotPresent

resources:
Expand Down