diff --git a/charts/node-analyzer/CHANGELOG.md b/charts/node-analyzer/CHANGELOG.md
index fe3572563..ecd21cdc0 100644
--- a/charts/node-analyzer/CHANGELOG.md
+++ b/charts/node-analyzer/CHANGELOG.md
@@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used
exclusively to fix incorrect entries and not to add new ones.
## Change Log
+# v1.17.10
+### New Features
+* **node-analyzer** [02c55d84](https://github.com/sysdiglabs/charts/commit/02c55d84b746c0d136b0818d4d29df077c5576e5): enable DB V2 by default in Host and Runtime scanner ([#1416](https://github.com/sysdiglabs/charts/issues/1416))
# v1.17.9
### Chores
* **sysdig, node-analyzer** [84cfe9a5](https://github.com/sysdiglabs/charts/commit/84cfe9a5e6f989a9a42b14b3d16597436f23b4b1): update legacy nodeImageAnalyzer (0.1.29) and hostImageAnalyzer (0.1.17) ([#1407](https://github.com/sysdiglabs/charts/issues/1407))
diff --git a/charts/node-analyzer/Chart.yaml b/charts/node-analyzer/Chart.yaml
index a1823dc22..637fda99a 100644
--- a/charts/node-analyzer/Chart.yaml
+++ b/charts/node-analyzer/Chart.yaml
@@ -3,7 +3,7 @@ name: node-analyzer
description: Sysdig Node Analyzer
# currently matching Sysdig's appVersion 1.14.34
-version: 1.17.9
+version: 1.17.10
appVersion: 12.8.0
keywords:
- monitoring
diff --git a/charts/node-analyzer/README.md b/charts/node-analyzer/README.md
index f95298d6e..e9acca9c4 100644
--- a/charts/node-analyzer/README.md
+++ b/charts/node-analyzer/README.md
@@ -182,7 +182,7 @@ The following table lists the configurable parameters of the Sysdig Node Analyze
| `nodeAnalyzer.hostScanner.additionalDirsToScan` | Sets the optional comma-separated list of directories in addition to the default ones. | ` ` |
| `nodeAnalyzer.hostScanner.env` | Specifies the extra environment variables that will be passed onto pods. | `{}` |
| `nodeAnalyzer.hostScanner.image.repository` | Specifies the image repository to pull the Host Scanner from. | `sysdig/vuln-host-scanner` |
-| `nodeAnalyzer.hostScanner.image.tag` | Specifies the image tag to pull the Host Scanner. | `0.5.2` |
+| `nodeAnalyzer.hostScanner.image.tag` | Specifies the image tag to pull the Host Scanner. | `0.6.3` |
| `nodeAnalyzer.hostScanner.image.digest` | Specifies the image digest to pull. | ` ` |
| `nodeAnalyzer.hostScanner.image.pullPolicy` | Specifies the image pull policy for the Host Scanner. | `""` |
| `nodeAnalyzer.hostScanner.resources.requests.cpu` | Specifies the Host Scanner CPU requests per node. | `150m` |
@@ -196,7 +196,7 @@ The following table lists the configurable parameters of the Sysdig Node Analyze
| `nodeAnalyzer.runtimeScanner.extraMounts` | Specifies a container engine custom socket path (docker, containerd, CRI-O). | |
| `nodeAnalyzer.runtimeScanner.storageClassName` | Specifies the Runtime Scanner storage class to use instead of emptyDir for ephemeral storage. | `` |
| `nodeAnalyzer.runtimeScanner.image.repository` | Specifies the image repository to pull the Runtime Scanner from. | `sysdig/vuln-runtime-scanner` |
-| `nodeAnalyzer.runtimeScanner.image.tag` | Specifies the image tag to pull the Runtime Scanner. | `1.5.7` |
+| `nodeAnalyzer.runtimeScanner.image.tag` | Specifies the image tag to pull the Runtime Scanner. | `1.6.2` |
| `nodeAnalyzer.runtimeScanner.image.digest` | Specifies the image digest to pull. | ` ` |
| `nodeAnalyzer.runtimeScanner.image.pullPolicy` | Specifies the image pull policy for the Runtime Scanner. | `""` |
| `nodeAnalyzer.runtimeScanner.resources.requests.cpu` | Specifies the Runtime Scanner CPU requests per node. | `150m` |
diff --git a/charts/node-analyzer/RELEASE-NOTES.md b/charts/node-analyzer/RELEASE-NOTES.md
index c27e46af1..cbf87600e 100644
--- a/charts/node-analyzer/RELEASE-NOTES.md
+++ b/charts/node-analyzer/RELEASE-NOTES.md
@@ -1,5 +1,5 @@
# What's Changed
-### Chores
-- **sysdig, node-analyzer** [84cfe9a5](https://github.com/sysdiglabs/charts/commit/84cfe9a5e6f989a9a42b14b3d16597436f23b4b1): update legacy nodeImageAnalyzer (0.1.29) and hostImageAnalyzer (0.1.17) ([#1407](https://github.com/sysdiglabs/charts/issues/1407))
-#### Full diff: https://github.com/sysdiglabs/charts/compare/node-analyzer-1.17.8...node-analyzer-1.17.9
+### New Features
+- **node-analyzer** [02c55d84](https://github.com/sysdiglabs/charts/commit/02c55d84b746c0d136b0818d4d29df077c5576e5): enable DB V2 by default in Host and Runtime scanner ([#1416](https://github.com/sysdiglabs/charts/issues/1416))
+#### Full diff: https://github.com/sysdiglabs/charts/compare/node-analyzer-1.17.9...node-analyzer-1.17.10
diff --git a/charts/node-analyzer/templates/configmap-host-scanner.yaml b/charts/node-analyzer/templates/configmap-host-scanner.yaml
index cb0046123..374eae283 100644
--- a/charts/node-analyzer/templates/configmap-host-scanner.yaml
+++ b/charts/node-analyzer/templates/configmap-host-scanner.yaml
@@ -36,4 +36,7 @@ data:
{{- if (.Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy) }}
no_proxy: {{ .Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy }}
{{- end -}}
+ {{- if .Values.nodeAnalyzer.hostScanner.vulnerabilityDBVersion }}
+ vuln_db_version: {{ .Values.nodeAnalyzer.hostScanner.vulnerabilityDBVersion | quote }}
+ {{- end }}
{{- end }}
diff --git a/charts/node-analyzer/templates/daemonset-node-analyzer.yaml b/charts/node-analyzer/templates/daemonset-node-analyzer.yaml
index 31028878e..0f6ac844e 100644
--- a/charts/node-analyzer/templates/daemonset-node-analyzer.yaml
+++ b/charts/node-analyzer/templates/daemonset-node-analyzer.yaml
@@ -643,6 +643,12 @@ spec:
name: {{ .Release.Name }}-runtime-scanner
key: max_image_size_allowed
optional: true
+ - name: VULNERABILITY_DB_VERSION
+ valueFrom:
+ configMapKeyRef:
+ name: {{ .Release.Name }}-runtime-scanner
+ key: vuln_db_version
+ optional: true
- name: SYSDIG_API_URL
valueFrom:
configMapKeyRef:
@@ -854,6 +860,12 @@ spec:
name: {{ .Release.Name }}-host-scanner
key: analyzer.maxFileSizeAllowed
optional: true
+ - name: VULNERABILITY_DB_VERSION
+ valueFrom:
+ configMapKeyRef:
+ name: {{ .Release.Name }}-host-scanner
+ key: vuln_db_version
+ optional: true
- name: TMPDIR
value: "/tmp"
- name: PROBES_PORT
diff --git a/charts/node-analyzer/templates/runtimeScanner/runtime-scanner-configmap.yaml b/charts/node-analyzer/templates/runtimeScanner/runtime-scanner-configmap.yaml
index 928809609..38db49651 100644
--- a/charts/node-analyzer/templates/runtimeScanner/runtime-scanner-configmap.yaml
+++ b/charts/node-analyzer/templates/runtimeScanner/runtime-scanner-configmap.yaml
@@ -37,4 +37,7 @@ data:
{{- if .Values.nodeAnalyzer.runtimeScanner.settings.maxFileSizeAllowed }}
analyzer.maxFileSizeAllowed: {{ .Values.nodeAnalyzer.runtimeScanner.settings.maxFileSizeAllowed | int64 | quote }}
{{- end -}}
+ {{- if .Values.nodeAnalyzer.runtimeScanner.settings.vulnerabilityDBVersion }}
+ vuln_db_version: {{ .Values.nodeAnalyzer.runtimeScanner.settings.vulnerabilityDBVersion | quote }}
+ {{- end -}}
{{- end }}
diff --git a/charts/node-analyzer/values.yaml b/charts/node-analyzer/values.yaml
index 9967b0a78..c13504870 100644
--- a/charts/node-analyzer/values.yaml
+++ b/charts/node-analyzer/values.yaml
@@ -289,7 +289,7 @@ nodeAnalyzer:
probesPort: 7002
image:
repository: sysdig/vuln-runtime-scanner
- tag: "1.5.7"
+ tag: "1.6.2"
digest:
pullPolicy:
storageClassName:
@@ -364,7 +364,7 @@ nodeAnalyzer:
image:
repository: sysdig/vuln-host-scanner
- tag: "0.5.2"
+ tag: "0.6.3"
digest:
pullPolicy:
diff --git a/charts/registry-scanner/CHANGELOG.md b/charts/registry-scanner/CHANGELOG.md
index e3484c97f..35cddeb91 100644
--- a/charts/registry-scanner/CHANGELOG.md
+++ b/charts/registry-scanner/CHANGELOG.md
@@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used
exclusively to fix incorrect entries and not to add new ones.
## Change Log
+# v1.1.12
+### Bug Fixes
+* **registry-scanner** [95340f9b](https://github.com/sysdiglabs/charts/commit/95340f9b730ce58de5e3ec18b190f0e97634c597): properly set vulnerability DB config ([#1417](https://github.com/sysdiglabs/charts/issues/1417))
# v1.1.11
### New Features
* **registry-scanner** [e948b71d](https://github.com/sysdiglabs/charts/commit/e948b71d4a222a5559306b728e6832af2901d4a2): add gar, gcr and nexus support ([#1354](https://github.com/sysdiglabs/charts/issues/1354))
diff --git a/charts/registry-scanner/README.md b/charts/registry-scanner/README.md
index cb3356ea7..a93491d72 100644
--- a/charts/registry-scanner/README.md
+++ b/charts/registry-scanner/README.md
@@ -91,7 +91,6 @@ The following table lists the configurable parameters of the Sysdig Registry Sca
| config.scan.jobs.resources.requests.cpu | The CPU request for the scanner job. | 500m |
| config.scan.jobs.resources.limits.memory | The memory limit for the scanner job. | 2Gi |
| config.scan.jobs.temporaryVolumeSizeLimit | The size limit for the emptyDir volume used by the scanner job.
This volume is used to store both the vulnerability database and the image to scan. | 2Gi |
-| config.useMainDbV2 | Enable vulnerability MainDB V2 | false |
| config.parallelGoRoutines | Number of goroutines running in parallel in metadata phase for ECR Org setup. | 100 |
| ssl.ca.certs | For outbound connections.
List of PEM-encoded x509 certificate authority. | [] |
| customLabels | The additional labels to add to CronJob and Scanning Jobs. The custom labels to be added to kubernetes manifests of all the resources created. | {} |
diff --git a/charts/registry-scanner/RELEASE-NOTES.md b/charts/registry-scanner/RELEASE-NOTES.md
index 84f81ea56..481259f08 100644
--- a/charts/registry-scanner/RELEASE-NOTES.md
+++ b/charts/registry-scanner/RELEASE-NOTES.md
@@ -1,5 +1,5 @@
# What's Changed
-### New Features
-- **registry-scanner** [e948b71d](https://github.com/sysdiglabs/charts/commit/e948b71d4a222a5559306b728e6832af2901d4a2): add gar, gcr and nexus support ([#1354](https://github.com/sysdiglabs/charts/issues/1354))
-#### Full diff: https://github.com/sysdiglabs/charts/compare/registry-scanner-1.1.10...registry-scanner-1.1.11
+### Bug Fixes
+- **registry-scanner** [95340f9b](https://github.com/sysdiglabs/charts/commit/95340f9b730ce58de5e3ec18b190f0e97634c597): properly set vulnerability DB config ([#1417](https://github.com/sysdiglabs/charts/issues/1417))
+#### Full diff: https://github.com/sysdiglabs/charts/compare/registry-scanner-1.1.11...registry-scanner-1.1.12
diff --git a/charts/registry-scanner/templates/configmap.yaml b/charts/registry-scanner/templates/configmap.yaml
index 9d80db88b..7d460aa25 100644
--- a/charts/registry-scanner/templates/configmap.yaml
+++ b/charts/registry-scanner/templates/configmap.yaml
@@ -102,4 +102,4 @@ data:
reportPath: /output/registry-scanner-{DATE}.json
{{- end }}
- useMainDbV2: {{ .Values.config.useMainDbV2 }}
+ vulnerabilityDBVersion: {{ .Values.config.vulnerabilityDBVersion | default "v2" | quote }}
diff --git a/charts/registry-scanner/values.yaml b/charts/registry-scanner/values.yaml
index 4b5026eb5..8053d2696 100644
--- a/charts/registry-scanner/values.yaml
+++ b/charts/registry-scanner/values.yaml
@@ -103,8 +103,6 @@ config:
# The size limit for the emptyDir volume used by the scanner job.
# This volume is used to store both the vulnerability database and the image to scan.
temporaryVolumeSizeLimit: 2Gi
- # Enable vulnerability MainDB V2
- useMainDbV2: false
# Number of goroutines running in parallel in metadata phase for ECR Org setup.
parallelGoRoutines: 100
ssl:
diff --git a/charts/sysdig-deploy/CHANGELOG.md b/charts/sysdig-deploy/CHANGELOG.md
index 32071ab1c..c809e75a7 100644
--- a/charts/sysdig-deploy/CHANGELOG.md
+++ b/charts/sysdig-deploy/CHANGELOG.md
@@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used
exclusively to fix incorrect entries and not to add new ones.
## Change Log
+# v1.26.2
+### Chores
+* **sysdig-deploy** [2ad42f2f](https://github.com/sysdiglabs/charts/commit/2ad42f2f3f1319bbaf3dc93b63cf7eec1d14bc86): Automatic version bump due to updated dependencies ([#1418](https://github.com/sysdiglabs/charts/issues/1418))
# v1.26.1
### New Features
* **cluster-scanner** [8f19ed47](https://github.com/sysdiglabs/charts/commit/8f19ed47df2be280d2c432d1a182f6235a8e2231): bumped cluster-scanner images to 0.5.1 ([#1412](https://github.com/sysdiglabs/charts/issues/1412))
diff --git a/charts/sysdig-deploy/Chart.yaml b/charts/sysdig-deploy/Chart.yaml
index 3001db1d1..5bbf4694a 100644
--- a/charts/sysdig-deploy/Chart.yaml
+++ b/charts/sysdig-deploy/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v2
name: sysdig-deploy
description: A chart with various Sysdig components for Kubernetes
type: application
-version: 1.26.1
+version: 1.26.2
maintainers:
- name: AlbertoBarba
email: alberto.barba@sysdig.com
@@ -36,7 +36,7 @@ dependencies:
- name: node-analyzer
# repository: https://charts.sysdig.com
repository: file://../node-analyzer
- version: ~1.17.9
+ version: ~1.17.10
alias: nodeAnalyzer
condition: nodeAnalyzer.enabled
- name: cluster-scanner
diff --git a/charts/sysdig-deploy/RELEASE-NOTES.md b/charts/sysdig-deploy/RELEASE-NOTES.md
index 63d8db485..acc9451fd 100644
--- a/charts/sysdig-deploy/RELEASE-NOTES.md
+++ b/charts/sysdig-deploy/RELEASE-NOTES.md
@@ -1,5 +1,5 @@
# What's Changed
-### New Features
-- **cluster-scanner** [8f19ed47](https://github.com/sysdiglabs/charts/commit/8f19ed47df2be280d2c432d1a182f6235a8e2231): bumped cluster-scanner images to 0.5.1 ([#1412](https://github.com/sysdiglabs/charts/issues/1412))
-#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.26.0...sysdig-deploy-1.26.1
+### Chores
+- **sysdig-deploy** [2ad42f2f](https://github.com/sysdiglabs/charts/commit/2ad42f2f3f1319bbaf3dc93b63cf7eec1d14bc86): Automatic version bump due to updated dependencies ([#1418](https://github.com/sysdiglabs/charts/issues/1418))
+#### Full diff: https://github.com/sysdiglabs/charts/compare/sysdig-deploy-1.26.1...sysdig-deploy-1.26.2