Merge pull request #1444 from snyk/fix/rename-region-sysdig

feat: rename region to endpoint

snyk-monitor/README.md

@@ -199,13 +199,13 @@ Create the snyk-sysdig-secret in the snyk-monitor namespace:
 ```bash
 kubectl create secret generic snyk-sysdig-secret -n snyk-monitor \
   --from-literal=token=$SYSDIG_RISK_SPOTLIGHT_TOKEN \
-  --from-literal=region=$SYSDIG_AGENT_REGION \
+  --from-literal=endpoint=$SYSDIG_ENDPOINT_URL \
   --from-literal=cluster=$SYSDIG_AGENT_CLUSTER
 ```
 SYSDIG_RISK_SPOTLIGHT_TOKEN is the "Risk Spotlight Integrations Token" and has to be generated via the Sysdig UI. To create this API token, see the
 [Sysdig Risk Spotlight guide](https://docs.sysdig.com/en/docs/sysdig-secure/integrations-for-sysdig-secure/risk-spotlight-integrations/#generate-a-token-for-the-integration).
-SYSDIG_AGENT_REGION and SYSDIG_AGENT_CLUSTER are the ones that you configured when installing the [On Prem Sysdig Agent](https://docs.sysdig.com/en/docs/installation/agent-install-for-on-prem/#options),
-global.sysdig.region and global.clusterConfig.name.
+SYSDIG_ENDPOINT_URL is assiciated with your Sysdig SaaS application and region and can be identified from [here](https://docs.sysdig.com/en/docs/administration/saas-regions-and-ip-ranges/) (e.g us2.app.sysdig.com, note that 'https://' prefix has to be omitted).
+SYSDIG_AGENT_CLUSTER is the one that you configured when [installing the Sysdig Agent](https://docs.sysdig.com/en/docs/installation/sysdig-secure/install-agent-components/kubernetes/#parameter-definitions) - global.clusterConfig.name.
 
 To enable Snyk to integrate with Sysdig and collect information about packages executed at runtime, use `--set sysdig.enabled=true` when installing the snyk-monitor:
 

snyk-monitor/templates/deployment.yaml

@@ -194,11 +194,11 @@ spec:
                 name: snyk-sysdig-secret
                 key: token
                 optional: true
-          - name: SNYK_SYSDIG_REGION_URL
+          - name: SNYK_SYSDIG_ENDPOINT_URL
             valueFrom:
               secretKeyRef:
                 name: snyk-sysdig-secret
-                key: region
+                key: endpoint
                 optional: true
           - name: SNYK_SYSDIG_CLUSTER_NAME
             valueFrom:

src/common/config.ts

@@ -50,12 +50,12 @@ config.SKOPEO_COMPRESSION_LEVEL = Number(config.SKOPEO_COMPRESSION_LEVEL) || 6;
 // return Sysdig v2 endpoint information
 if (
   config.SYSDIG_RISK_SPOTLIGHT_TOKEN &&
-  config.SYSDIG_REGION_URL &&
+  config.SYSDIG_ENDPOINT_URL &&
   config.SYSDIG_CLUSTER_NAME
 ) {
   config.SYSDIG_RISK_SPOTLIGHT_TOKEN =
     config.SYSDIG_RISK_SPOTLIGHT_TOKEN.trim();
-  config.SYSDIG_REGION_URL = config.SYSDIG_REGION_URL.trim();
+  config.SYSDIG_ENDPOINT_URL = config.SYSDIG_ENDPOINT_URL.trim();
   config.SYSDIG_CLUSTER_NAME = config.SYSDIG_CLUSTER_NAME.trim();
 }
 

src/common/types.ts

@@ -34,7 +34,7 @@ export interface Config {
   SYSDIG_ENDPOINT?: string;
   SYSDIG_TOKEN?: string;
   SYSDIG_RISK_SPOTLIGHT_TOKEN?: string;
-  SYSDIG_REGION_URL?: string;
+  SYSDIG_ENDPOINT_URL?: string;
   SYSDIG_CLUSTER_NAME?: string;
   HTTPS_PROXY: string | undefined;
   HTTP_PROXY: string | undefined;

src/data-scraper/index.ts

@@ -16,7 +16,7 @@ const httpsAgent = new HttpsAgent({
 function getSysdigUrl(): string {
   return (
     'https://' +
-    config.SYSDIG_REGION_URL +
+    config.SYSDIG_ENDPOINT_URL +
     '/api/scanning/eveintegration/v2/runtimeimages'
   );
 }

src/healthcheck.ts

@@ -26,7 +26,7 @@ async function healthCheck(): Promise<void> {
 
 export function getSysdigVersion() {
   if (
-    config.SYSDIG_REGION_URL &&
+    config.SYSDIG_ENDPOINT_URL &&
     config.SYSDIG_RISK_SPOTLIGHT_TOKEN &&
     config.SYSDIG_CLUSTER_NAME
   ) {
@@ -43,7 +43,7 @@ async function sysdigHealthCheck(): Promise<void> {
     !(
       config.SYSDIG_CLUSTER_NAME &&
       config.SYSDIG_RISK_SPOTLIGHT_TOKEN &&
-      config.SYSDIG_REGION_URL
+      config.SYSDIG_ENDPOINT_URL
     ) ||
     !(config.SYSDIG_ENDPOINT && config.SYSDIG_TOKEN)
   ) {

src/index.ts

@@ -71,7 +71,7 @@ async function monitor(): Promise<void> {
 async function setupSysdigIntegration(): Promise<void> {
   if (
     !(
-      config.SYSDIG_REGION_URL &&
+      config.SYSDIG_ENDPOINT_URL &&
       config.SYSDIG_RISK_SPOTLIGHT_TOKEN &&
       config.SYSDIG_CLUSTER_NAME
     ) &&

test/unit/data-scraper/scrape-data.spec.ts

@@ -9,13 +9,13 @@ import * as transmitterTypes from '../../../src/transmitter/types';
 describe('dataScraper()', () => {
   describe('sysdig v2 env vars configured', () => {
     beforeAll(() => {
-      config.SYSDIG_REGION_URL = 'sysdig';
+      config.SYSDIG_ENDPOINT_URL = 'sysdig';
       config.SYSDIG_RISK_SPOTLIGHT_TOKEN = 'token123';
       config.SYSDIG_CLUSTER_NAME = 'test-sysdig-cluster';
     });
 
     afterAll(() => {
-      delete config.SYSDIG_REGION_URL;
+      delete config.SYSDIG_ENDPOINT_URL;
       delete config.SYSDIG_RISK_SPOTLIGHT_TOKEN;
       delete config.SYSDIG_CLUSTER_NAME;
     });
@@ -137,15 +137,15 @@ describe('dataScraper()', () => {
     beforeAll(() => {
       config.SYSDIG_ENDPOINT = 'https://sysdig';
       config.SYSDIG_TOKEN = 'token123';
-      config.SYSDIG_REGION_URL = 'sysdig';
+      config.SYSDIG_ENDPOINT_URL = 'sysdig';
       config.SYSDIG_RISK_SPOTLIGHT_TOKEN = 'token123';
       config.SYSDIG_CLUSTER_NAME = 'test-sysdig-cluster';
     });
 
     afterAll(() => {
       delete config.SYSDIG_ENDPOINT;
       delete config.SYSDIG_TOKEN;
-      delete config.SYSDIG_REGION_URL;
+      delete config.SYSDIG_ENDPOINT_URL;
       delete config.SYSDIG_RISK_SPOTLIGHT_TOKEN;
       delete config.SYSDIG_CLUSTER_NAME;
     });