Skip to content

Commit

Permalink
Merge branch 'master' into specify-registry-scanner-namespace-in-doc
Browse files Browse the repository at this point in the history
  • Loading branch information
@airadier
airadier authored Oct 19, 2023
2 parents 56fad7b + 560ebe6 commit 2b9d9f7
Show file tree
Hide file tree
Showing 16 changed files with 44 additions and 20 deletions.
3 changes: 3 additions & 0 deletions charts/node-analyzer/CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used
exclusively to fix incorrect entries and not to add new ones.

## Change Log
# v1.17.10
### New Features
* **node-analyzer** [02c55d84](https://github.com/sysdiglabs/charts/commit/02c55d84b746c0d136b0818d4d29df077c5576e5): enable DB V2 by default in Host and Runtime scanner ([#1416](https://github.com/sysdiglabs/charts/issues/1416))
# v1.17.9
### Chores
* **sysdig, node-analyzer** [84cfe9a5](https://github.com/sysdiglabs/charts/commit/84cfe9a5e6f989a9a42b14b3d16597436f23b4b1): update legacy nodeImageAnalyzer (0.1.29) and hostImageAnalyzer (0.1.17) ([#1407](https://github.com/sysdiglabs/charts/issues/1407))
Expand Down
2 changes: 1 addition & 1 deletion charts/node-analyzer/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ name: node-analyzer
description: Sysdig Node Analyzer

# currently matching Sysdig's appVersion 1.14.34
version: 1.17.9
version: 1.17.10
appVersion: 12.8.0
keywords:
- monitoring
Expand Down
4 changes: 2 additions & 2 deletions charts/node-analyzer/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -182,7 +182,7 @@ The following table lists the configurable parameters of the Sysdig Node Analyze
| `nodeAnalyzer.hostScanner.additionalDirsToScan` | Sets the optional comma-separated list of directories in addition to the default ones. | ` ` |
| `nodeAnalyzer.hostScanner.env` | Specifies the extra environment variables that will be passed onto pods. | `{}` |
| `nodeAnalyzer.hostScanner.image.repository` | Specifies the image repository to pull the Host Scanner from. | `sysdig/vuln-host-scanner` |
| `nodeAnalyzer.hostScanner.image.tag` | Specifies the image tag to pull the Host Scanner. | `0.5.2` |
| `nodeAnalyzer.hostScanner.image.tag` | Specifies the image tag to pull the Host Scanner. | `0.6.3` |
| `nodeAnalyzer.hostScanner.image.digest` | Specifies the image digest to pull. | ` ` |
| `nodeAnalyzer.hostScanner.image.pullPolicy` | Specifies the image pull policy for the Host Scanner. | `""` |
| `nodeAnalyzer.hostScanner.resources.requests.cpu` | Specifies the Host Scanner CPU requests per node. | `150m` |
Expand All @@ -196,7 +196,7 @@ The following table lists the configurable parameters of the Sysdig Node Analyze
| `nodeAnalyzer.runtimeScanner.extraMounts` | Specifies a container engine custom socket path (docker, containerd, CRI-O). | |
| `nodeAnalyzer.runtimeScanner.storageClassName` | Specifies the Runtime Scanner storage class to use instead of emptyDir for ephemeral storage. | `` |
| `nodeAnalyzer.runtimeScanner.image.repository` | Specifies the image repository to pull the Runtime Scanner from. | `sysdig/vuln-runtime-scanner` |
| `nodeAnalyzer.runtimeScanner.image.tag` | Specifies the image tag to pull the Runtime Scanner. | `1.5.7` |
| `nodeAnalyzer.runtimeScanner.image.tag` | Specifies the image tag to pull the Runtime Scanner. | `1.6.2` |
| `nodeAnalyzer.runtimeScanner.image.digest` | Specifies the image digest to pull. | ` ` |
| `nodeAnalyzer.runtimeScanner.image.pullPolicy` | Specifies the image pull policy for the Runtime Scanner. | `""` |
| `nodeAnalyzer.runtimeScanner.resources.requests.cpu` | Specifies the Runtime Scanner CPU requests per node. | `150m` |
Expand Down
6 changes: 3 additions & 3 deletions charts/node-analyzer/RELEASE-NOTES.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# What's Changed

### Chores
- **sysdig, node-analyzer** [84cfe9a5](https://github.com/sysdiglabs/charts/commit/84cfe9a5e6f989a9a42b14b3d16597436f23b4b1): update legacy nodeImageAnalyzer (0.1.29) and hostImageAnalyzer (0.1.17) ([#1407](https://github.com/sysdiglabs/charts/issues/1407))
#### Full diff: https://github.com/sysdiglabs/charts/compare/node-analyzer-1.17.8...node-analyzer-1.17.9
### New Features
- **node-analyzer** [02c55d84](https://github.com/sysdiglabs/charts/commit/02c55d84b746c0d136b0818d4d29df077c5576e5): enable DB V2 by default in Host and Runtime scanner ([#1416](https://github.com/sysdiglabs/charts/issues/1416))
#### Full diff: https://github.com/sysdiglabs/charts/compare/node-analyzer-1.17.9...node-analyzer-1.17.10
3 changes: 3 additions & 0 deletions charts/node-analyzer/templates/configmap-host-scanner.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,4 +36,7 @@ data:
{{- if (.Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy) }}
no_proxy: {{ .Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy }}
{{- end -}}
{{- if .Values.nodeAnalyzer.hostScanner.vulnerabilityDBVersion }}
vuln_db_version: {{ .Values.nodeAnalyzer.hostScanner.vulnerabilityDBVersion | quote }}
{{- end }}
{{- end }}
12 changes: 12 additions & 0 deletions charts/node-analyzer/templates/daemonset-node-analyzer.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -643,6 +643,12 @@ spec:
name: {{ .Release.Name }}-runtime-scanner
key: max_image_size_allowed
optional: true
- name: VULNERABILITY_DB_VERSION
valueFrom:
configMapKeyRef:
name: {{ .Release.Name }}-runtime-scanner
key: vuln_db_version
optional: true
- name: SYSDIG_API_URL
valueFrom:
configMapKeyRef:
Expand Down Expand Up @@ -854,6 +860,12 @@ spec:
name: {{ .Release.Name }}-host-scanner
key: analyzer.maxFileSizeAllowed
optional: true
- name: VULNERABILITY_DB_VERSION
valueFrom:
configMapKeyRef:
name: {{ .Release.Name }}-host-scanner
key: vuln_db_version
optional: true
- name: TMPDIR
value: "/tmp"
- name: PROBES_PORT
Expand Down
3 changes: 3 additions & 0 deletions charts/node-analyzer/templates/runtimeScanner/runtime-scanner-configmap.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,4 +37,7 @@ data:
{{- if .Values.nodeAnalyzer.runtimeScanner.settings.maxFileSizeAllowed }}
analyzer.maxFileSizeAllowed: {{ .Values.nodeAnalyzer.runtimeScanner.settings.maxFileSizeAllowed | int64 | quote }}
{{- end -}}
{{- if .Values.nodeAnalyzer.runtimeScanner.settings.vulnerabilityDBVersion }}
vuln_db_version: {{ .Values.nodeAnalyzer.runtimeScanner.settings.vulnerabilityDBVersion | quote }}
{{- end -}}
{{- end }}
4 changes: 2 additions & 2 deletions charts/node-analyzer/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -289,7 +289,7 @@ nodeAnalyzer:
probesPort: 7002
image:
repository: sysdig/vuln-runtime-scanner
tag: "1.5.7"
tag: "1.6.2"
digest:
pullPolicy:
storageClassName:
Expand Down Expand Up @@ -364,7 +364,7 @@ nodeAnalyzer:

image:
repository: sysdig/vuln-host-scanner
tag: "0.5.2"
tag: "0.6.3"
digest:
pullPolicy:

Expand Down
3 changes: 3 additions & 0 deletions charts/registry-scanner/CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used
exclusively to fix incorrect entries and not to add new ones.

## Change Log
# v1.1.12
### Bug Fixes
* **registry-scanner** [95340f9b](https://github.com/sysdiglabs/charts/commit/95340f9b730ce58de5e3ec18b190f0e97634c597): properly set vulnerability DB config ([#1417](https://github.com/sysdiglabs/charts/issues/1417))
# v1.1.11
### New Features
* **registry-scanner** [e948b71d](https://github.com/sysdiglabs/charts/commit/e948b71d4a222a5559306b728e6832af2901d4a2): add gar, gcr and nexus support ([#1354](https://github.com/sysdiglabs/charts/issues/1354))
Expand Down
1 change: 0 additions & 1 deletion charts/registry-scanner/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,6 @@ The following table lists the configurable parameters of the Sysdig Registry Sca
| config.scan.jobs.resources.requests.cpu | The CPU request for the scanner job. | <code>500m</code> |
| config.scan.jobs.resources.limits.memory | The memory limit for the scanner job. | <code>2Gi</code> |
| config.scan.jobs.temporaryVolumeSizeLimit | The size limit for the emptyDir volume used by the scanner job.<br/> This volume is used to store both the vulnerability database and the image to scan. | <code>2Gi</code> |
| config.useMainDbV2 | Enable vulnerability MainDB V2 | <code>false</code> |
| config.parallelGoRoutines | Number of goroutines running in parallel in metadata phase for ECR Org setup. | <code>100</code> |
| ssl.ca.certs | For outbound connections. <br/>List of PEM-encoded x509 certificate authority. | <code>[]</code> |
| customLabels | The additional labels to add to CronJob and Scanning Jobs. The custom labels to be added to kubernetes manifests of all the resources created. | <code>{}</code> |
Expand Down
6 changes: 3 additions & 3 deletions charts/registry-scanner/RELEASE-NOTES.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# What's Changed

### New Features
- **registry-scanner** [e948b71d](https://github.com/sysdiglabs/charts/commit/e948b71d4a222a5559306b728e6832af2901d4a2): add gar, gcr and nexus support ([#1354](https://github.com/sysdiglabs/charts/issues/1354))
#### Full diff: https://github.com/sysdiglabs/charts/compare/registry-scanner-1.1.10...registry-scanner-1.1.11
### Bug Fixes
- **registry-scanner** [95340f9b](https://github.com/sysdiglabs/charts/commit/95340f9b730ce58de5e3ec18b190f0e97634c597): properly set vulnerability DB config ([#1417](https://github.com/sysdiglabs/charts/issues/1417))
#### Full diff: https://github.com/sysdiglabs/charts/compare/registry-scanner-1.1.11...registry-scanner-1.1.12
2 changes: 1 addition & 1 deletion charts/registry-scanner/templates/configmap.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -102,4 +102,4 @@ data:
reportPath: /output/registry-scanner-{DATE}.json
{{- end }}
useMainDbV2: {{ .Values.config.useMainDbV2 }}
vulnerabilityDBVersion: {{ .Values.config.vulnerabilityDBVersion | default "v2" | quote }}
2 changes: 0 additions & 2 deletions charts/registry-scanner/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -103,8 +103,6 @@ config:
# The size limit for the emptyDir volume used by the scanner job.<br/>
# This volume is used to store both the vulnerability database and the image to scan.
temporaryVolumeSizeLimit: 2Gi
# Enable vulnerability MainDB V2
useMainDbV2: false
# Number of goroutines running in parallel in metadata phase for ECR Org setup.
parallelGoRoutines: 100
ssl:
Expand Down
3 changes: 3 additions & 0 deletions charts/sysdig-deploy/CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used
exclusively to fix incorrect entries and not to add new ones.

## Change Log
# v1.26.2
### Chores
* **sysdig-deploy** [2ad42f2f](https://github.com/sysdiglabs/charts/commit/2ad42f2f3f1319bbaf3dc93b63cf7eec1d14bc86): Automatic version bump due to updated dependencies ([#1418](https://github.com/sysdiglabs/charts/issues/1418))
# v1.26.1
### New Features
* **cluster-scanner** [8f19ed47](https://github.com/sysdiglabs/charts/commit/8f19ed47df2be280d2c432d1a182f6235a8e2231): bumped cluster-scanner images to 0.5.1 ([#1412](https://github.com/sysdiglabs/charts/issues/1412))
Expand Down
4 changes: 2 additions & 2 deletions charts/sysdig-deploy/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v2
name: sysdig-deploy
description: A chart with various Sysdig components for Kubernetes
type: application
version: 1.26.1
version: 1.26.2
maintainers:
- name: AlbertoBarba
email: [email protected]
Expand Down Expand Up @@ -36,7 +36,7 @@ dependencies:
- name: node-analyzer
# repository: https://charts.sysdig.com
repository: file://../node-analyzer
version: ~1.17.9
version: ~1.17.10
alias: nodeAnalyzer
condition: nodeAnalyzer.enabled
- name: cluster-scanner
Expand Down
6 changes: 3 additions & 3 deletions charts/sysdig-deploy/RELEASE-NOTES.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# What's Changed

### New Features
- **cluster-scanner** [8f19ed47](https://github.com/sysdiglabs/charts/commit/8f19ed47df2be280d2c432d1a182f6235a8e2231): bumped cluster-scanner images to 0.5.1 ([#1412](https://github.com/sysdiglabs/charts/issues/1412))
#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.26.0...sysdig-deploy-1.26.1
### Chores
- **sysdig-deploy** [2ad42f2f](https://github.com/sysdiglabs/charts/commit/2ad42f2f3f1319bbaf3dc93b63cf7eec1d14bc86): Automatic version bump due to updated dependencies ([#1418](https://github.com/sysdiglabs/charts/issues/1418))
#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.26.1...sysdig-deploy-1.26.2

0 comments on commit 2b9d9f7

Please sign in to comment.