diff --git a/charts/kubescape-operator/Chart.yaml b/charts/kubescape-operator/Chart.yaml index 00339126..69995e86 100644 --- a/charts/kubescape-operator/Chart.yaml +++ b/charts/kubescape-operator/Chart.yaml @@ -9,14 +9,14 @@ type: application # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.18.11 +version: 1.18.12 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: 1.18.11 +appVersion: 1.18.12 maintainers: - name: Ben Hirschberg diff --git a/charts/kubescape-operator/tests/__snapshot__/snapshot_test.yaml.snap b/charts/kubescape-operator/tests/__snapshot__/snapshot_test.yaml.snap index b2dfcb28..18d25ff7 100644 --- a/charts/kubescape-operator/tests/__snapshot__/snapshot_test.yaml.snap +++ b/charts/kubescape-operator/tests/__snapshot__/snapshot_test.yaml.snap @@ -1,6 +1,6 @@ all capabilities: 1: | - raw: "Thank you for installing kubescape-operator version 1.18.11.\nView your cluster's configuration scanning schedule: \n> kubectl -n kubescape get cj kubescape-scheduler -o=jsonpath='{.metadata.name}{\"\\t\"}{.spec.schedule}{\"\\n\"}'\n\nTo change the schedule, set `.spec.schedule`: \n> kubectl -n kubescape edit cj kubescape-scheduler\nView your cluster's image scanning schedule: \n> kubectl -n kubescape get cj kubevuln-scheduler -o=jsonpath='{.metadata.name}{\"\\t\"}{.spec.schedule}{\"\\n\"}' \n\nTo change the schedule, edit `.spec.schedule`: \n> kubectl -n kubescape edit cj kubevuln-scheduler\nView your configuration scan summaries:\n> kubectl get workloadconfigurationscansummaries -A\n\nDetailed reports are also available:\n> kubectl get workloadconfigurationscans -A\n\nView your image vulnerabilities scan summaries:\n> kubectl get vulnerabilitymanifestsummaries -A\n\nDetailed reports are also available:\n> kubectl get vulnerabilitymanifests -A\n\nkubescape-operator generates suggested network policies. To view them: \n> kubectl get generatednetworkpolicies -n \n\n" + raw: "Thank you for installing kubescape-operator version 1.18.12.\nView your cluster's configuration scanning schedule: \n> kubectl -n kubescape get cj kubescape-scheduler -o=jsonpath='{.metadata.name}{\"\\t\"}{.spec.schedule}{\"\\n\"}'\n\nTo change the schedule, set `.spec.schedule`: \n> kubectl -n kubescape edit cj kubescape-scheduler\nView your cluster's image scanning schedule: \n> kubectl -n kubescape get cj kubevuln-scheduler -o=jsonpath='{.metadata.name}{\"\\t\"}{.spec.schedule}{\"\\n\"}' \n\nTo change the schedule, edit `.spec.schedule`: \n> kubectl -n kubescape edit cj kubevuln-scheduler\nView your configuration scan summaries:\n> kubectl get workloadconfigurationscansummaries -A\n\nDetailed reports are also available:\n> kubectl get workloadconfigurationscans -A\n\nView your image vulnerabilities scan summaries:\n> kubectl get vulnerabilitymanifestsummaries -A\n\nDetailed reports are also available:\n> kubectl get vulnerabilitymanifests -A\n\nkubescape-operator generates suggested network policies. To view them: \n> kubectl get generatednetworkpolicies -n \n\n" 2: | apiVersion: batch/v1 kind: CronJob @@ -197,7 +197,7 @@ all capabilities: app: gateway app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: gateway - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 kubescape.io/ignore: "true" kubescape.io/tier: core tier: ks-control-plane @@ -326,7 +326,7 @@ all capabilities: metadata: labels: app: gateway - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 tier: ks-control-plane name: gateway namespace: kubescape @@ -407,7 +407,7 @@ all capabilities: app: grype-offline-db app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: grype-offline-db - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 kubescape.io/tier: core tier: ks-control-plane spec: @@ -599,7 +599,7 @@ all capabilities: app: kollector app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kollector - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 kubescape.io/tier: core tier: ks-control-plane spec: @@ -984,7 +984,7 @@ all capabilities: app: kubescape app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubescape - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 kubescape.io/ignore: "true" kubescape.io/tier: core tier: ks-control-plane @@ -1014,7 +1014,7 @@ all capabilities: app: kubescape app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubescape - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -1060,7 +1060,7 @@ all capabilities: name: cloud-secret - name: OTEL_COLLECTOR_SVC value: otel-collector:4317 - image: quay.io/kubescape/kubescape:v3.0.8 + image: quay.io/kubescape/kubescape:v3.0.9 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -1246,7 +1246,7 @@ all capabilities: metadata: labels: app: kubescape - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 tier: ks-control-plane name: kubescape namespace: kubescape @@ -1514,7 +1514,7 @@ all capabilities: app: kubevuln app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubevuln - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -1544,7 +1544,7 @@ all capabilities: name: cloud-secret - name: OTEL_COLLECTOR_SVC value: otel-collector:4317 - image: quay.io/kubescape/kubevuln:v0.3.15 + image: quay.io/kubescape/kubevuln:v0.3.18 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -1828,7 +1828,7 @@ all capabilities: app: node-agent app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: node-agent - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -1868,7 +1868,7 @@ all capabilities: fieldRef: fieldPath: metadata.namespace - name: NodeName - image: quay.io/kubescape/node-agent:v0.2.50 + image: quay.io/kubescape/node-agent:v0.2.56 imagePullPolicy: IfNotPresent name: node-agent resources: @@ -2128,7 +2128,7 @@ all capabilities: app: operator app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: operator - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -2142,7 +2142,7 @@ all capabilities: - 2>&1 env: - name: HELM_RELEASE - value: kubescape-operator-1.18.11 + value: kubescape-operator-1.18.12 - name: GOMEMLIMIT value: 100MiB - name: KS_LOGGER_LEVEL @@ -2430,7 +2430,7 @@ all capabilities: app: otel-collector app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: otel-collector - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 kubescape.io/ignore: "true" kubescape.io/tier: core tier: ks-control-plane @@ -2516,7 +2516,7 @@ all capabilities: metadata: labels: app: otel-collector - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 tier: ks-control-plane name: otel-collector namespace: kubescape @@ -2597,7 +2597,7 @@ all capabilities: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: service-discovery - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 otel: enabled tier: ks-control-plane name: RELEASE-NAME @@ -2896,7 +2896,7 @@ all capabilities: name: cloud-secret - name: OTEL_COLLECTOR_SVC value: otel-collector:4317 - image: quay.io/kubescape/storage:v0.0.81 + image: quay.io/kubescape/storage:v0.0.83 imagePullPolicy: IfNotPresent name: apiserver resources: @@ -3304,7 +3304,7 @@ all capabilities: app: synchronizer app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: synchronizer - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -3316,7 +3316,7 @@ all capabilities: - /usr/bin/client env: - name: HELM_RELEASE - value: kubescape-operator-1.18.11 + value: kubescape-operator-1.18.12 - name: GOMEMLIMIT value: 250MiB - name: KS_LOGGER_LEVEL @@ -3456,7 +3456,7 @@ all capabilities: namespace: kubescape default capabilities: 1: | - raw: "Thank you for installing kubescape-operator version 1.18.11.\nView your cluster's configuration scanning schedule: \n> kubectl -n kubescape get cj kubescape-scheduler -o=jsonpath='{.metadata.name}{\"\\t\"}{.spec.schedule}{\"\\n\"}'\n\nTo change the schedule, set `.spec.schedule`: \n> kubectl -n kubescape edit cj kubescape-scheduler\nView your cluster's image scanning schedule: \n> kubectl -n kubescape get cj kubevuln-scheduler -o=jsonpath='{.metadata.name}{\"\\t\"}{.spec.schedule}{\"\\n\"}' \n\nTo change the schedule, edit `.spec.schedule`: \n> kubectl -n kubescape edit cj kubevuln-scheduler\n\n\nView your image vulnerabilities scan summaries:\n> kubectl get vulnerabilitymanifestsummaries -A\n\nDetailed reports are also available:\n> kubectl get vulnerabilitymanifests -A\n\nkubescape-operator generates suggested network policies. To view them: \n> kubectl get generatednetworkpolicies -n \n\n" + raw: "Thank you for installing kubescape-operator version 1.18.12.\nView your cluster's configuration scanning schedule: \n> kubectl -n kubescape get cj kubescape-scheduler -o=jsonpath='{.metadata.name}{\"\\t\"}{.spec.schedule}{\"\\n\"}'\n\nTo change the schedule, set `.spec.schedule`: \n> kubectl -n kubescape edit cj kubescape-scheduler\nView your cluster's image scanning schedule: \n> kubectl -n kubescape get cj kubevuln-scheduler -o=jsonpath='{.metadata.name}{\"\\t\"}{.spec.schedule}{\"\\n\"}' \n\nTo change the schedule, edit `.spec.schedule`: \n> kubectl -n kubescape edit cj kubevuln-scheduler\n\n\nView your image vulnerabilities scan summaries:\n> kubectl get vulnerabilitymanifestsummaries -A\n\nDetailed reports are also available:\n> kubectl get vulnerabilitymanifests -A\n\nkubescape-operator generates suggested network policies. To view them: \n> kubectl get generatednetworkpolicies -n \n\n" 2: | apiVersion: v1 data: @@ -3557,7 +3557,7 @@ default capabilities: app: gateway app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: gateway - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 kubescape.io/ignore: "true" kubescape.io/tier: core tier: ks-control-plane @@ -3686,7 +3686,7 @@ default capabilities: metadata: labels: app: gateway - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 tier: ks-control-plane name: gateway namespace: kubescape @@ -3767,7 +3767,7 @@ default capabilities: app: grype-offline-db app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: grype-offline-db - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 kubescape.io/tier: core tier: ks-control-plane spec: @@ -3959,7 +3959,7 @@ default capabilities: app: kollector app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kollector - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 kubescape.io/tier: core tier: ks-control-plane spec: @@ -4344,7 +4344,7 @@ default capabilities: app: kubescape app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubescape - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 kubescape.io/ignore: "true" kubescape.io/tier: core tier: ks-control-plane @@ -4374,7 +4374,7 @@ default capabilities: app: kubescape app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubescape - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -4420,7 +4420,7 @@ default capabilities: name: cloud-secret - name: OTEL_COLLECTOR_SVC value: otel-collector:4317 - image: quay.io/kubescape/kubescape:v3.0.8 + image: quay.io/kubescape/kubescape:v3.0.9 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -4606,7 +4606,7 @@ default capabilities: metadata: labels: app: kubescape - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 tier: ks-control-plane name: kubescape namespace: kubescape @@ -4874,7 +4874,7 @@ default capabilities: app: kubevuln app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubevuln - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -4904,7 +4904,7 @@ default capabilities: name: cloud-secret - name: OTEL_COLLECTOR_SVC value: otel-collector:4317 - image: quay.io/kubescape/kubevuln:v0.3.15 + image: quay.io/kubescape/kubevuln:v0.3.18 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -5188,7 +5188,7 @@ default capabilities: app: node-agent app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: node-agent - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -5228,7 +5228,7 @@ default capabilities: fieldRef: fieldPath: metadata.namespace - name: NodeName - image: quay.io/kubescape/node-agent:v0.2.50 + image: quay.io/kubescape/node-agent:v0.2.56 imagePullPolicy: IfNotPresent name: node-agent resources: @@ -5488,7 +5488,7 @@ default capabilities: app: operator app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: operator - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -5502,7 +5502,7 @@ default capabilities: - 2>&1 env: - name: HELM_RELEASE - value: kubescape-operator-1.18.11 + value: kubescape-operator-1.18.12 - name: GOMEMLIMIT value: 100MiB - name: KS_LOGGER_LEVEL @@ -5790,7 +5790,7 @@ default capabilities: app: otel-collector app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: otel-collector - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 kubescape.io/ignore: "true" kubescape.io/tier: core tier: ks-control-plane @@ -5876,7 +5876,7 @@ default capabilities: metadata: labels: app: otel-collector - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 tier: ks-control-plane name: otel-collector namespace: kubescape @@ -5957,7 +5957,7 @@ default capabilities: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: service-discovery - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 otel: enabled tier: ks-control-plane name: RELEASE-NAME @@ -6256,7 +6256,7 @@ default capabilities: name: cloud-secret - name: OTEL_COLLECTOR_SVC value: otel-collector:4317 - image: quay.io/kubescape/storage:v0.0.81 + image: quay.io/kubescape/storage:v0.0.83 imagePullPolicy: IfNotPresent name: apiserver resources: @@ -6664,7 +6664,7 @@ default capabilities: app: synchronizer app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: synchronizer - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -6676,7 +6676,7 @@ default capabilities: - /usr/bin/client env: - name: HELM_RELEASE - value: kubescape-operator-1.18.11 + value: kubescape-operator-1.18.12 - name: GOMEMLIMIT value: 250MiB - name: KS_LOGGER_LEVEL @@ -6816,7 +6816,7 @@ default capabilities: namespace: kubescape minimal capabilities: 1: | - raw: "Thank you for installing kubescape-operator version 1.18.11.\n\n\n\n\nView your image vulnerabilities scan summaries:\n> kubectl get vulnerabilitymanifestsummaries -A\n\nDetailed reports are also available:\n> kubectl get vulnerabilitymanifests -A\n\nkubescape-operator generates suggested network policies. To view them: \n> kubectl get generatednetworkpolicies -n \n\n" + raw: "Thank you for installing kubescape-operator version 1.18.12.\n\n\n\n\nView your image vulnerabilities scan summaries:\n> kubectl get vulnerabilitymanifestsummaries -A\n\nDetailed reports are also available:\n> kubectl get vulnerabilitymanifests -A\n\nkubescape-operator generates suggested network policies. To view them: \n> kubectl get generatednetworkpolicies -n \n\n" 2: | apiVersion: v1 data: @@ -7116,7 +7116,7 @@ minimal capabilities: app: kubescape app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubescape - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 kubescape.io/ignore: "true" kubescape.io/tier: core tier: ks-control-plane @@ -7145,7 +7145,7 @@ minimal capabilities: app: kubescape app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubescape - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -7191,7 +7191,7 @@ minimal capabilities: name: cloud-secret - name: OTEL_COLLECTOR_SVC value: otel-collector:4317 - image: quay.io/kubescape/kubescape:v3.0.8 + image: quay.io/kubescape/kubescape:v3.0.9 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7505,7 +7505,7 @@ minimal capabilities: app: kubevuln app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubevuln - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -7535,7 +7535,7 @@ minimal capabilities: name: cloud-secret - name: OTEL_COLLECTOR_SVC value: otel-collector:4317 - image: quay.io/kubescape/kubevuln:v0.3.15 + image: quay.io/kubescape/kubevuln:v0.3.18 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7778,7 +7778,7 @@ minimal capabilities: app: node-agent app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: node-agent - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -7818,7 +7818,7 @@ minimal capabilities: fieldRef: fieldPath: metadata.namespace - name: NodeName - image: quay.io/kubescape/node-agent:v0.2.50 + image: quay.io/kubescape/node-agent:v0.2.56 imagePullPolicy: IfNotPresent name: node-agent resources: @@ -8069,7 +8069,7 @@ minimal capabilities: app: operator app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: operator - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -8083,7 +8083,7 @@ minimal capabilities: - 2>&1 env: - name: HELM_RELEASE - value: kubescape-operator-1.18.11 + value: kubescape-operator-1.18.12 - name: GOMEMLIMIT value: 100MiB - name: KS_LOGGER_LEVEL @@ -8320,7 +8320,7 @@ minimal capabilities: app: otel-collector app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: otel-collector - helm.sh/chart: kubescape-operator-1.18.11 + helm.sh/chart: kubescape-operator-1.18.12 kubescape.io/ignore: "true" kubescape.io/tier: core tier: ks-control-plane @@ -8602,7 +8602,7 @@ minimal capabilities: name: cloud-secret - name: OTEL_COLLECTOR_SVC value: otel-collector:4317 - image: quay.io/kubescape/storage:v0.0.81 + image: quay.io/kubescape/storage:v0.0.83 imagePullPolicy: IfNotPresent name: apiserver resources: diff --git a/charts/kubescape-operator/values.yaml b/charts/kubescape-operator/values.yaml index b9ef4869..391d437b 100644 --- a/charts/kubescape-operator/values.yaml +++ b/charts/kubescape-operator/values.yaml @@ -15,7 +15,7 @@ ksNamespace: kubescape ksLabel: kubescape # global logger name and level -# the logger level and name are mapped to environment variables in each component +# the logger level and name are mapped to environment variables in each component logger: level: info name: zap @@ -44,15 +44,15 @@ imagePullSecrets: "" # Host and credentials for third-party providers # Here you can find the list of providers -> https://kubescape.io/docs/providers/#compatible-providers -server: +server: -# The chart will create a secret with the "account" and "access-key", in case you have a pre-created secret, use "credentials.cloudSecret" instead -account: +# The chart will create a secret with the "account" and "access-key", in case you have a pre-created secret, use "credentials.cloudSecret" instead +account: accessKey: # When left blank, the secret will be generated using the default name. Override this option if you already have a secret and wish to prevent Helm from creating the default secret on your behalf credentials: - cloudSecret: + cloudSecret: # ----------------------------------------------------------------------------------------- # --------------------------- Capabilities ------------------------------------------------ @@ -98,9 +98,9 @@ configurations: # installation of the alertCRD chart alertCRD: - installDefault: false # install the default CRD + installDefault: false # install the default CRD scopeClustered: false # it is better to have the CRDs in the cluster scope - scopeNamespaced: false # enable scopeNamespaced when there are no permissions for creating cluster scoped CRDs + scopeNamespaced: false # enable scopeNamespaced when there are no permissions for creating cluster scoped CRDs # ----------------------------------------------------------------------------------------- # ------------------------ Cloud Providers ------------------------------------------------ @@ -164,8 +164,8 @@ imageScanning: # Provide credentials here when scanning images pulled from private container registries. # Note: When using imagePullSecrets this configuration is not necessary. # ref: https://kubescape.io/docs/operator/vulnerabilities/#scanning-images-pulled-from-private-registries - privateRegistries: - credentials: + privateRegistries: + credentials: # - registry: "" # username: "" # password: "" @@ -187,7 +187,7 @@ kubescape: image: # -- source code: https://github.com/kubescape/kubescape/tree/master/httphandler (public repo) repository: quay.io/kubescape/kubescape - tag: v3.0.8 + tag: v3.0.9 pullPolicy: IfNotPresent resources: @@ -281,7 +281,7 @@ kubevuln: image: # -- source code: https://github.com/kubescape/kubevuln repository: quay.io/kubescape/kubevuln - tag: v0.3.15 + tag: v0.3.18 pullPolicy: IfNotPresent replicaCount: 1 @@ -432,7 +432,7 @@ storage: image: # -- source code: https://github.com/kubescape/storage repository: quay.io/kubescape/storage - tag: v0.0.81 + tag: v0.0.83 pullPolicy: IfNotPresent # cleanup interval is a duration string @@ -458,7 +458,7 @@ nodeAgent: image: # -- source code: https://github.com/kubescape/node-agent repository: quay.io/kubescape/node-agent - tag: v0.2.50 + tag: v0.2.56 pullPolicy: IfNotPresent config: @@ -466,7 +466,7 @@ nodeAgent: learningPeriod: 2m # duration string updatePeriod: 10m # duration string prometheusExporter: disable - httpExporterConfig: + httpExporterConfig: url: http://synchronizer:8089/apis/v1/kubescape.io/v1/runtimealerts maxAlertsPerMinute: 1000 alertManagerExporterUrls: [] @@ -475,7 +475,7 @@ nodeAgent: # prometheus (operator) service monitor serviceMonitor: - # -- enable/disable service monitor for prometheus + # -- enable/disable service monitor for prometheus enabled: false # -- Customize prometheus interval and scrapeTimeout @@ -554,7 +554,6 @@ nodeAgent: clamav: name: clamav image: - # -- source code: https://github.com/kubescape/node-agent repository: quay.io/armosec/klamav tag: beta5 pullPolicy: Always @@ -574,7 +573,7 @@ clamav: - mountPath: /etc/clamav name: etc readOnly: true - + volumes: - name: clamdb emptyDir: {}