From 75c5239e382173bb3ceee22a16188c2b5ca9c3ab Mon Sep 17 00:00:00 2001 From: Francesco Furlan Date: Tue, 20 Feb 2024 15:40:24 +0100 Subject: [PATCH 1/3] chore(agent): set promscrape port to 9091 by default when autopilot is enabled --- charts/agent/Chart.yaml | 2 +- .../agent/templates/configmap-deployment.yaml | 3 ++ charts/agent/templates/configmap.yaml | 5 ++- charts/agent/tests/gke_test.yaml | 39 +++++++++++++++++++ charts/sysdig-deploy/Chart.yaml | 4 +- 5 files changed, 49 insertions(+), 4 deletions(-) diff --git a/charts/agent/Chart.yaml b/charts/agent/Chart.yaml index 500022774..45eb9a466 100644 --- a/charts/agent/Chart.yaml +++ b/charts/agent/Chart.yaml @@ -30,4 +30,4 @@ sources: - https://app.sysdigcloud.com/#/settings/user - https://github.com/draios/sysdig type: application -version: 1.20.1 +version: 1.20.2 diff --git a/charts/agent/templates/configmap-deployment.yaml b/charts/agent/templates/configmap-deployment.yaml index cc5cb5f9d..fb3079157 100644 --- a/charts/agent/templates/configmap-deployment.yaml +++ b/charts/agent/templates/configmap-deployment.yaml @@ -47,6 +47,9 @@ data: If these conditions are true, then we use the agent.sslCaFileName for the http_proxy.ca_certificate */}} {{- $baseSettings := .Values.sysdig.settings -}} +{{- if and (include "agent.gke.autopilot" .) (or (not (hasKey $baseSettings "promscrape_web_address")) (eq (get $baseSettings "promscrape_web_address") "127.0.0.1:9990") ) }} + {{- $baseSettings := mergeOverwrite $baseSettings (dict "promscrape_web_address" "127.0.0.1:9991") -}} +{{- end }} {{- if and (eq (include "sysdig.custom_ca.enabled" (dict "global" .Values.global.ssl "component" .Values.ssl)) "true") (.Values.sysdig.settings) (hasKey .Values.sysdig.settings "http_proxy") (hasKey .Values.sysdig.settings.http_proxy "ssl") (eq (get .Values.sysdig.settings.http_proxy "ssl") true) }} {{- $caFilePath := printf "%s%s" "/etc/ca-certs/" (include "sysdig.custom_ca.keyName" (dict "global" .Values.global.ssl "component" .Values.ssl)) }} {{- $mergedSettings := mergeOverwrite $baseSettings (dict "http_proxy" (dict "ca_certificate" $caFilePath)) -}} diff --git a/charts/agent/templates/configmap.yaml b/charts/agent/templates/configmap.yaml index 288cfa883..cc6ee7632 100644 --- a/charts/agent/templates/configmap.yaml +++ b/charts/agent/templates/configmap.yaml @@ -37,8 +37,11 @@ data: Checking here the user is using Custom CA and if http_proxy.ssl = true If these conditions are true, then we use the agent.sslCaFileName for the http_proxy.ca_certificate */}} +{{- $baseSettings := .Values.sysdig.settings -}} +{{- if and (include "agent.gke.autopilot" .) (or (not (hasKey $baseSettings "promscrape_web_address")) (eq (get $baseSettings "promscrape_web_address") "127.0.0.1:9990") ) }} + {{- $baseSettings := mergeOverwrite $baseSettings (dict "promscrape_web_address" "127.0.0.1:9991") -}} +{{- end }} {{- if and (eq (include "sysdig.custom_ca.enabled" (dict "global" .Values.global.ssl "component" .Values.ssl)) "true") (.Values.sysdig.settings) (hasKey .Values.sysdig.settings "http_proxy") (hasKey (default dict .Values.sysdig.settings.http_proxy) "ssl") (eq (get (default (dict "ssl" false) .Values.sysdig.settings.http_proxy) "ssl") true) }} - {{- $baseSettings := .Values.sysdig.settings -}} {{- $caFilePath := printf "%s%s" "/etc/ca-certs/" (include "sysdig.custom_ca.keyName" (dict "global" .Values.global.ssl "component" .Values.ssl)) }} {{- $mergedSettings := mergeOverwrite $baseSettings (dict "http_proxy" (dict "ca_certificate" $caFilePath)) -}} {{ toYaml $mergedSettings | nindent 4 }} diff --git a/charts/agent/tests/gke_test.yaml b/charts/agent/tests/gke_test.yaml index 596db186d..ab9d8a7ef 100644 --- a/charts/agent/tests/gke_test.yaml +++ b/charts/agent/tests/gke_test.yaml @@ -106,6 +106,45 @@ tests: enabled: false template: templates/configmap.yaml + - it: Ensure promscrape_web_address is set 127.0.0.1:9991 when autopilot is enabled + set: + gke: + autopilot: true + asserts: + - matchRegex: + path: data['dragent.yaml'] + pattern: |- + promscrape_web_address: 127.0.0.1:9991 + template: templates/configmap.yaml + + - it: Ensure promscrape_web_ddress is unaltered when is set on settings and autopilot is enabled + set: + gke: + autopilot: true + sysdig: + settings: + promscrape_web_address: test:1234 + asserts: + - matchRegex: + path: data['dragent.yaml'] + pattern: |- + promscrape_web_address: test:1234 + template: templates/configmap.yaml + + - it: Ensure promscrape_web_address is unaltered when autopilot is disabled + set: + gke: + autopilot: false + sysdig: + settings: + promscrape_web_address: test:1234 + asserts: + - matchRegex: + path: data['dragent.yaml'] + pattern: |- + promscrape_web_address: test:1234 + template: templates/configmap.yaml + - it: Ensure ephemeral storage is set correctly on kmod container when slim mode is enabled set: gke: diff --git a/charts/sysdig-deploy/Chart.yaml b/charts/sysdig-deploy/Chart.yaml index 121528fdd..2f60322fe 100644 --- a/charts/sysdig-deploy/Chart.yaml +++ b/charts/sysdig-deploy/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: sysdig-deploy description: A chart with various Sysdig components for Kubernetes type: application -version: 1.39.0 +version: 1.39.1 maintainers: - name: AlbertoBarba email: alberto.barba@sysdig.com @@ -26,7 +26,7 @@ dependencies: - name: agent # repository: https://charts.sysdig.com repository: file://../agent - version: ~1.20.1 + version: ~1.20.2 alias: agent condition: agent.enabled - name: common From b6ef020977a5310be4f5d4aa2b2327191ecf7c41 Mon Sep 17 00:00:00 2001 From: Francesco Furlan Date: Wed, 21 Feb 2024 09:36:22 +0100 Subject: [PATCH 2/3] chore(agent): remove useless promscrape override on configmap-deployment --- charts/agent/templates/configmap-deployment.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/charts/agent/templates/configmap-deployment.yaml b/charts/agent/templates/configmap-deployment.yaml index fb3079157..cc5cb5f9d 100644 --- a/charts/agent/templates/configmap-deployment.yaml +++ b/charts/agent/templates/configmap-deployment.yaml @@ -47,9 +47,6 @@ data: If these conditions are true, then we use the agent.sslCaFileName for the http_proxy.ca_certificate */}} {{- $baseSettings := .Values.sysdig.settings -}} -{{- if and (include "agent.gke.autopilot" .) (or (not (hasKey $baseSettings "promscrape_web_address")) (eq (get $baseSettings "promscrape_web_address") "127.0.0.1:9990") ) }} - {{- $baseSettings := mergeOverwrite $baseSettings (dict "promscrape_web_address" "127.0.0.1:9991") -}} -{{- end }} {{- if and (eq (include "sysdig.custom_ca.enabled" (dict "global" .Values.global.ssl "component" .Values.ssl)) "true") (.Values.sysdig.settings) (hasKey .Values.sysdig.settings "http_proxy") (hasKey .Values.sysdig.settings.http_proxy "ssl") (eq (get .Values.sysdig.settings.http_proxy "ssl") true) }} {{- $caFilePath := printf "%s%s" "/etc/ca-certs/" (include "sysdig.custom_ca.keyName" (dict "global" .Values.global.ssl "component" .Values.ssl)) }} {{- $mergedSettings := mergeOverwrite $baseSettings (dict "http_proxy" (dict "ca_certificate" $caFilePath)) -}} From 9dbad08dad4c1ebee06c8db25a698aca9d558d9a Mon Sep 17 00:00:00 2001 From: Francesco Furlan Date: Wed, 21 Feb 2024 16:51:21 +0100 Subject: [PATCH 3/3] chore: fix test name typo Co-authored-by: Javier Fuster --- charts/agent/tests/gke_test.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/agent/tests/gke_test.yaml b/charts/agent/tests/gke_test.yaml index ab9d8a7ef..8a989e145 100644 --- a/charts/agent/tests/gke_test.yaml +++ b/charts/agent/tests/gke_test.yaml @@ -117,7 +117,7 @@ tests: promscrape_web_address: 127.0.0.1:9991 template: templates/configmap.yaml - - it: Ensure promscrape_web_ddress is unaltered when is set on settings and autopilot is enabled + - it: Ensure promscrape_web_address is unaltered when is set on settings and autopilot is enabled set: gke: autopilot: true