feat(node-analyzer,kspm-collector,sysdig-deploy): allow custom proxy …

…for individual containers in node analyzer (#1432) Signed-off-by: Daniele De Lorenzi <[email protected]> Co-authored-by: Daniele De Lorenzi <[email protected]>
sysdiglabs · Nov 2, 2023 · f6f68ff · f6f68ff
1 parent a116d90
commit f6f68ff
Show file tree

Hide file tree

Showing 19 changed files with 933 additions and 98 deletions.
diff --git a/charts/kspm-collector/Chart.yaml b/charts/kspm-collector/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v2
 name: kspm-collector
 description: Sysdig KSPM collector
 
-version: 0.9.0
+version: 0.9.1
 appVersion: 1.34.0
 
 keywords:

diff --git a/charts/kspm-collector/templates/_helpers.tpl b/charts/kspm-collector/templates/_helpers.tpl
@@ -132,12 +132,12 @@ Sysdig NATS service URL
  Helper to define if to enable nats_insecure
 */}}
 {{- define "kspmCollector.natsInsecure" -}}
-{{- if and (hasKey .Values "sslVerifyCertificate") ( .Values.sslVerifyCertificate ) -}}
+{{- if (.Values.sslVerifyCertificate | default .Values.global.sslVerifyCertificate) -}}
     "false"
-{{- else if and (hasKey .Values.global "sslVerifyCertificate") ( .Values.global.sslVerifyCertificate ) -}}
-    "false"
-{{- else -}}
+{{- else if or (eq .Values.sslVerifyCertificate false) (eq .Values.global.sslVerifyCertificate false) -}}
     "true"
+{{- else -}}
+    "false"
 {{- end -}}
 {{- end -}}
 

diff --git a/charts/kspm-collector/tests/cert_validation_test.yaml b/charts/kspm-collector/tests/cert_validation_test.yaml
@@ -0,0 +1,44 @@
+suite: KSPM Collector Skip certificate tests
+templates:
+  - templates/configmap.yaml
+tests:
+  - it: "SSL certificate validation enabled"
+    set:
+      clusterName: "test"
+      global:
+        kspm:
+          deploy: true
+    templates:
+      - templates/configmap.yaml
+    asserts:
+      - equal:
+          path: data.nats_insecure
+          value: "false"
+
+  - it: "Global SSL certificate validation disabled"
+    set:
+      clusterName: "test"
+      global:
+        kspm:
+          deploy: true
+        sslVerifyCertificate: false
+    templates:
+      - templates/configmap.yaml
+    asserts:
+      - equal:
+          path: data.nats_insecure
+          value: "true"
+
+  - it: "SSL certificate validation disabled"
+    set:
+      clusterName: "test"
+      global:
+        kspm:
+          deploy: true
+      sslVerifyCertificate: false
+    templates:
+      - templates/configmap.yaml
+    asserts:
+      - equal:
+          path: data.nats_insecure
+          value: "true"
diff --git a/charts/kspm-collector/tests/proxy_test.yaml b/charts/kspm-collector/tests/proxy_test.yaml
@@ -0,0 +1,68 @@
+suite: KSPM Collector Proxy tests
+templates:
+  - templates/configmap.yaml
+tests:
+  - it: "No proxy configured"
+    set:
+      clusterName: "test"
+      global:
+        kspm:
+          deploy: true
+    templates:
+      - templates/configmap.yaml
+    asserts:
+      - notExists:
+          path: data.http_proxy
+      - notExists:
+          path: data.https_proxy
+      - notExists:
+          path: data.no_proxy
+
+  - it: "Global proxy settings are set"
+    set:
+      clusterName: "test"
+      global:
+        kspm:
+          deploy: true
+        proxy:
+          httpProxy: "http://squid.domain.local:3128"
+          httpsProxy: "http://squid.domain.local:3128"
+          noProxy: "100.64.0.0/10"
+    templates:
+      - templates/configmap.yaml
+    asserts:
+      - isKind:
+          of: ConfigMap
+      - equal:
+          path: data.http_proxy
+          value: "http://squid.domain.local:3128"
+      - equal:
+          path: data.https_proxy
+          value: "http://squid.domain.local:3128"
+      - equal:
+          path: data.no_proxy
+          value: "100.64.0.0/10"
+
+  - it: "Proxy settings are set"
+    set:
+      clusterName: "test"
+      global:
+        kspm:
+          deploy: true
+      httpProxy: "http://squid.domain.local:3128"
+      httpsProxy: "http://squid.domain.local:3128"
+      noProxy: "100.64.0.0/10"
+    templates:
+      - templates/configmap.yaml
+    asserts:
+      - isKind:
+          of: ConfigMap
+      - equal:
+          path: data.http_proxy
+          value: "http://squid.domain.local:3128"
+      - equal:
+          path: data.https_proxy
+          value: "http://squid.domain.local:3128"
+      - equal:
+          path: data.no_proxy
+          value: "100.64.0.0/10"
diff --git a/charts/node-analyzer/Chart.yaml b/charts/node-analyzer/Chart.yaml
@@ -3,7 +3,7 @@ name: node-analyzer
 description: Sysdig Node Analyzer
 
 # currently matching Sysdig's appVersion 1.14.34
-version: 1.17.13
+version: 1.18.0
 appVersion: 12.8.0
 keywords:
   - monitoring

diff --git a/charts/node-analyzer/README.md b/charts/node-analyzer/README.md
diff --git a/charts/node-analyzer/templates/_helpers.tpl b/charts/node-analyzer/templates/_helpers.tpl
@@ -113,6 +113,19 @@ Return the proper image name for the CSPM Analyzer
     {{- include "nodeAnalyzer.imageRegistry" . -}} / {{- .Values.nodeAnalyzer.kspmAnalyzer.image.repository -}} {{- if .Values.nodeAnalyzer.kspmAnalyzer.image.digest -}} @ {{- .Values.nodeAnalyzer.kspmAnalyzer.image.digest -}} {{- else -}} : {{- .Values.nodeAnalyzer.kspmAnalyzer.image.tag -}} {{- end -}}
 {{- end -}}
 
+{{/*
+ Helper to define if to enable nats_insecure
+*/}}
+{{- define "kspmAnalyzer.natsInsecure" -}}
+{{- if (.Values.nodeAnalyzer.kspmAnalyzer.sslVerifyCertificate | default .Values.nodeAnalyzer.sslVerifyCertificate | default .Values.global.sslVerifyCertificate) -}}
+    "false"
+{{- else if or (eq .Values.nodeAnalyzer.kspmAnalyzer.sslVerifyCertificate false) (eq .Values.nodeAnalyzer.sslVerifyCertificate false) (eq .Values.global.sslVerifyCertificate false) -}}
+    "true"
+{{- else -}}
+    "false"
+{{- end -}}
+{{- end -}}
+
 {{/*
 Node Analyzer labels
 */}}

diff --git a/charts/node-analyzer/templates/configmap-benchmark-runner.yaml b/charts/node-analyzer/templates/configmap-benchmark-runner.yaml
@@ -13,14 +13,14 @@ data:
   ssl_verify_certificate: "{{ .Values.nodeAnalyzer.sslVerifyCertificate }}"
   {{- end }}
   debug: "{{ .Values.nodeAnalyzer.debug | default false }}"
-  {{- if (.Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy) }}
-  http_proxy: {{ .Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy }}
+  {{- if (.Values.nodeAnalyzer.benchmarkRunner.httpProxy | default .Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy) }}
+  http_proxy: {{ .Values.nodeAnalyzer.benchmarkRunner.httpProxy | default .Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy }}
   {{- end -}}
-  {{- if (.Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy) }}
-  https_proxy: {{ .Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy }}
+  {{- if (.Values.nodeAnalyzer.benchmarkRunner.httpsProxy | default .Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy) }}
+  https_proxy: {{ .Values.nodeAnalyzer.benchmarkRunner.httpsProxy | default .Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy }}
   {{- end -}}
-  {{- if (.Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy) }}
-  no_proxy: {{ .Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy }}
+  {{- if (.Values.nodeAnalyzer.benchmarkRunner.noProxy | default .Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy) }}
+  no_proxy: {{ .Values.nodeAnalyzer.benchmarkRunner.noProxy | default .Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy }}
   {{- end -}}
 {{- end }}
 {{- end }}
diff --git a/charts/node-analyzer/templates/configmap-host-analyzer.yaml b/charts/node-analyzer/templates/configmap-host-analyzer.yaml
@@ -29,14 +29,14 @@ data:
   {{- if .Values.nodeAnalyzer.hostAnalyzer.maxSendAttempts }}
   max_send_attempts: {{ .Values.nodeAnalyzer.hostAnalyzer.maxSendAttempts }}
   {{- end }}
-  {{- if (.Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy) }}
-  http_proxy: {{ .Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy }}
+  {{- if (.Values.nodeAnalyzer.hostAnalyzer.httpProxy | default .Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy) }}
+  http_proxy: {{ .Values.nodeAnalyzer.hostAnalyzer.httpProxy | default .Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy }}
   {{- end -}}
-  {{- if (.Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy) }}
-  https_proxy: {{ .Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy }}
+  {{- if (.Values.nodeAnalyzer.hostAnalyzer.httpsProxy | default .Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy) }}
+  https_proxy: {{ .Values.nodeAnalyzer.hostAnalyzer.httpsProxy | default .Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy }}
   {{- end -}}
-  {{- if (.Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy) }}
-  no_proxy: {{ .Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy }}
+  {{- if (.Values.nodeAnalyzer.hostAnalyzer.noProxy | default .Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy) }}
+  no_proxy: {{ .Values.nodeAnalyzer.hostAnalyzer.noProxy | default .Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy }}
   {{- end -}}
 {{- end }}
 {{- end }}

diff --git a/charts/node-analyzer/templates/configmap-host-scanner.yaml b/charts/node-analyzer/templates/configmap-host-scanner.yaml
@@ -27,14 +27,14 @@ data:
   ssl_verify_certificate: "{{ .Values.nodeAnalyzer.sslVerifyCertificate }}"
   {{- end }}
   debug: "{{ .Values.nodeAnalyzer.debug | default false }}"
-  {{- if (.Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy) }}
-  http_proxy: {{ .Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy }}
+  {{- if (.Values.nodeAnalyzer.hostScanner.httpProxy | default .Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy) }}
+  http_proxy: {{ .Values.nodeAnalyzer.hostScanner.httpProxy | default .Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy }}
   {{- end -}}
-  {{- if (.Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy) }}
-  https_proxy: {{ .Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy }}
+  {{- if (.Values.nodeAnalyzer.hostScanner.httpsProxy | default .Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy) }}
+  https_proxy: {{ .Values.nodeAnalyzer.hostScanner.httpsProxy | default .Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy }}
   {{- end -}}
-  {{- if (.Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy) }}
-  no_proxy: {{ .Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy }}
+  {{- if (.Values.nodeAnalyzer.hostScanner.noProxy | default .Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy) }}
+  no_proxy: {{ .Values.nodeAnalyzer.hostScanner.noProxy | default .Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy }}
   {{- end -}}
   {{- if .Values.nodeAnalyzer.hostScanner.vulnerabilityDBVersion }}
   vuln_db_version: {{ .Values.nodeAnalyzer.hostScanner.vulnerabilityDBVersion | quote }}

diff --git a/charts/node-analyzer/templates/configmap-image-analyzer.yaml b/charts/node-analyzer/templates/configmap-image-analyzer.yaml
@@ -33,13 +33,13 @@ data:
   {{- if .Values.nodeAnalyzer.imageAnalyzer.collectorTimeout }}
   collector_timeout: {{ .Values.nodeAnalyzer.imageAnalyzer.collectorTimeout }}
   {{- end }}
-  {{- if (.Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy) }}
-  http_proxy: {{ .Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy }}
+  {{- if (.Values.nodeAnalyzer.imageAnalyzer.httpProxy | default .Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy) }}
+  http_proxy: {{ .Values.nodeAnalyzer.imageAnalyzer.httpProxy | default .Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy }}
   {{- end -}}
-  {{- if (.Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy) }}
-  https_proxy: {{ .Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy }}
+  {{- if (.Values.nodeAnalyzer.imageAnalyzer.httpsProxy | default .Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy) }}
+  https_proxy: {{ .Values.nodeAnalyzer.imageAnalyzer.httpsProxy | default .Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy }}
   {{- end -}}
-  {{- if (.Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy) }}
-  no_proxy: {{ .Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy }}
+  {{- if (.Values.nodeAnalyzer.imageAnalyzer.noProxy | default .Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy) }}
+  no_proxy: {{ .Values.nodeAnalyzer.imageAnalyzer.noProxy | default .Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy }}
   {{- end -}}
 {{- end }}
diff --git a/charts/node-analyzer/templates/configmap-kspm-analyzer.yaml b/charts/node-analyzer/templates/configmap-kspm-analyzer.yaml
@@ -17,17 +17,15 @@ data:
   nats_max_reconnect: {{ .Values.nodeAnalyzer.natsMaxReconnect | default 0 | quote }}
   cluster_name: {{ required "A valid clusterName is required" (include "nodeAnalyzer.clusterName" .) }}
   agent_app_name: {{ include "nodeAnalyzer.name" . }}
-  {{- if hasKey .Values.nodeAnalyzer "sslVerifyCertificate" }}
-  nats_insecure: "{{ not .Values.nodeAnalyzer.sslVerifyCertificate }}"
-  {{- end }}
-  {{- if (.Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy) }}
-  http_proxy: {{ .Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy }}
+  nats_insecure: {{ include "kspmAnalyzer.natsInsecure" . }}
+  {{- if (.Values.nodeAnalyzer.kspmAnalyzer.httpProxy | default .Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy) }}
+  http_proxy: {{ .Values.nodeAnalyzer.kspmAnalyzer.httpProxy | default .Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy }}
   {{- end -}}
-  {{- if (.Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy) }}
-  https_proxy: {{ .Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy }}
+  {{- if (.Values.nodeAnalyzer.kspmAnalyzer.httpsProxy | default .Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy) }}
+  https_proxy: {{ .Values.nodeAnalyzer.kspmAnalyzer.httpsProxy | default .Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy }}
   {{- end -}}
-  {{- if (.Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy) }}
-  no_proxy: {{ .Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy }}
+  {{- if (.Values.nodeAnalyzer.kspmAnalyzer.noProxy | default .Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy) }}
+  no_proxy: {{ .Values.nodeAnalyzer.kspmAnalyzer.noProxy | default .Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy }}
   {{- end -}}
   {{- if .Values.nodeAnalyzer.kspmAnalyzer.port }}
   agent_port: {{ .Values.nodeAnalyzer.kspmAnalyzer.port | quote }}

diff --git a/charts/node-analyzer/templates/runtimeScanner/eveconnector-api-configmap.yaml b/charts/node-analyzer/templates/runtimeScanner/eveconnector-api-configmap.yaml
@@ -14,13 +14,13 @@ data:
   {{- if hasKey .Values.nodeAnalyzer.runtimeScanner "eveConnector" }}
   cert_dns_name: {{ include "eveconnector.host" . | quote }}
   {{- end }}
-  {{- if (.Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy) }}
-  http_proxy: {{ .Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy }}
+  {{- if (.Values.nodeAnalyzer.runtimeScanner.httpProxy | default .Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy) }}
+  http_proxy: {{ .Values.nodeAnalyzer.runtimeScanner.httpProxy | default .Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy }}
   {{- end -}}
-  {{- if (.Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy) }}
-  https_proxy: {{ .Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy }}
+  {{- if (.Values.nodeAnalyzer.runtimeScanner.httpsProxy | default .Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy) }}
+  https_proxy: {{ .Values.nodeAnalyzer.runtimeScanner.httpsProxy | default .Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy }}
   {{- end -}}
-  {{- if (.Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy) }}
-  no_proxy: {{ .Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy }}
+  {{- if (.Values.nodeAnalyzer.runtimeScanner.noProxy | default .Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy) }}
+  no_proxy: {{ .Values.nodeAnalyzer.runtimeScanner.noProxy | default .Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy }}
   {{- end -}}
 {{- end }}
diff --git a/charts/node-analyzer/templates/runtimeScanner/runtime-scanner-configmap.yaml b/charts/node-analyzer/templates/runtimeScanner/runtime-scanner-configmap.yaml
@@ -12,14 +12,14 @@ data:
   ssl_verify_certificate: "{{ .Values.nodeAnalyzer.sslVerifyCertificate }}"
   {{- end }}
   debug: "{{ .Values.nodeAnalyzer.debug | default false }}"
-  {{- if (.Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy) }}
-  http_proxy: {{ .Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy }}
+  {{- if (.Values.nodeAnalyzer.runtimeScanner.httpProxy | default .Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy) }}
+  http_proxy: {{ .Values.nodeAnalyzer.runtimeScanner.httpProxy | default .Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy }}
   {{- end -}}
-  {{- if (.Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy) }}
-  https_proxy: {{ .Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy }}
+  {{- if (.Values.nodeAnalyzer.runtimeScanner.httpsProxy | default .Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy) }}
+  https_proxy: {{ .Values.nodeAnalyzer.runtimeScanner.httpsProxy | default .Values.nodeAnalyzer.httpsProxy | default .Values.global.proxy.httpsProxy }}
   {{- end -}}
-  {{- if (.Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy) }}
-  no_proxy: {{ .Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy }}
+  {{- if (.Values.nodeAnalyzer.runtimeScanner.noProxy | default .Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy) }}
+  no_proxy: {{ .Values.nodeAnalyzer.runtimeScanner.noProxy | default .Values.nodeAnalyzer.noProxy | default .Values.global.proxy.noProxy }}
   {{- end -}}
   {{- if .Values.nodeAnalyzer.runtimeScanner.settings.eveEnabled }}
   eve_enabled: "true"

diff --git a/charts/node-analyzer/tests/hostscanner_test.yaml b/charts/node-analyzer/tests/hostscanner_test.yaml
@@ -156,47 +156,3 @@ tests:
           of: ConfigMap
       - isNull:
           path: data.additional_dirs_to_scan
-
-  - it: "Global proxy settings are set"
-    set:
-      clusterName: "test"
-      nodeAnalyzer.hostScanner.deploy: true
-      global.proxy.httpProxy: "http://squid.domain.local:3128"
-      global.proxy.httpsProxy: "http://squid.domain.local:3128"
-      global.proxy.noProxy: "100.64.0.0/10"
-    templates:
-      - ../templates/configmap-host-scanner.yaml
-    asserts:
-      - isKind:
-          of: ConfigMap
-      - equal:
-          path: data.http_proxy
-          value: "http://squid.domain.local:3128"
-      - equal:
-          path: data.https_proxy
-          value: "http://squid.domain.local:3128"
-      - equal:
-          path: data.no_proxy
-          value: "100.64.0.0/10"
-
-  - it: "Proxy settings are set"
-    set:
-      clusterName: "test"
-      nodeAnalyzer.hostScanner.deploy: true
-      nodeAnalyzer.httpProxy: "http://squid.domain.local:3128"
-      nodeAnalyzer.httpsProxy: "http://squid.domain.local:3128"
-      nodeAnalyzer.noProxy: "100.64.0.0/10"
-    templates:
-      - ../templates/configmap-host-scanner.yaml
-    asserts:
-      - isKind:
-          of: ConfigMap
-      - equal:
-          path: data.http_proxy
-          value: "http://squid.domain.local:3128"
-      - equal:
-          path: data.https_proxy
-          value: "http://squid.domain.local:3128"
-      - equal:
-          path: data.no_proxy
-          value: "100.64.0.0/10"