Skip to content

Commit

Permalink
feat(shield): rename monitoring and responding keys
Browse files Browse the repository at this point in the history 
The Host Shield has had the 'features.monitoring' and 'features.responding'
configuration keys renamed to be the following:

* features.monitor
* features.respond

This PR is to adjust the shield chart accordingly.
  • Loading branch information
@aroberts87
aroberts87 committed Jan 6, 2025
1 parent 3a0cfe7 commit 52ecd88
Show file tree
Hide file tree
Showing 12 changed files with 60 additions and 60 deletions.
2 changes: 1 addition & 1 deletion charts/shield/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,5 +13,5 @@ maintainers:
- name: mavimo
email: [email protected]
type: application
version: 0.4.2
version: 0.4.3
appVersion: "1.0.0"
12 changes: 6 additions & 6 deletions charts/shield/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -118,12 +118,12 @@ The following table lists the configurable parameters of the `shield` chart and
| features.investigations.event_forwarder.enabled | | <code>false</code> |
| features.investigations.event_forwarder.integrations | | <code>[]</code> |
| features.investigations.event_forwarder.transmit_message_types | | <code>[]</code> |
| features.responding.rapid_response.enabled | | <code>false</code> |
| features.monitoring.app_checks.enabled | | <code>false</code> |
| features.monitoring.java_management_extensions.enabled | | <code>false</code> |
| features.monitoring.prometheus.enabled | | <code>false</code> |
| features.monitoring.prometheus.prometheus_yaml | The content of the prometheus.yaml file | <code>{}</code> |
| features.monitoring.statsd.enabled | | <code>false</code> |
| features.respond.rapid_response.enabled | | <code>false</code> |
| features.monitor.app_checks.enabled | | <code>false</code> |
| features.monitor.java_management_extensions.enabled | | <code>false</code> |
| features.monitor.prometheus.enabled | | <code>false</code> |
| features.monitor.prometheus.prometheus_yaml | The content of the prometheus.yaml file | <code>{}</code> |
| features.monitor.statsd.enabled | | <code>false</code> |
| host.driver | The driver to use for the host agent (Accepted Values: kmod, legacy_ebpf, universal_ebpf) | <code>kmod</code> |
| host.additional_settings | Additional settings to be passed to the host shield (overrides the helm generated settings) | <code>{}</code> |
| host.image.registry | The registry where the host shield images are stored | <code>quay.io</code> |
Expand Down
26 changes: 13 additions & 13 deletions charts/shield/templates/host/_configmap_helpers.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,8 @@
{{- dict "vulnerability_management" (pick . "host_vulnerability_management" "in_use") | toYaml }}
{{- end }}
{{- define "host.configmap.responding" }}
{{- dict "responding" (pick . "rapid_response") | toYaml }}
{{- define "host.configmap.respond" }}
{{- dict "respond" (pick . "rapid_response") | toYaml }}
{{- end }}
{{- define "host.configmap.detections" }}
Expand All @@ -25,8 +25,8 @@
{{- with .Values.features.vulnerability_management }}
{{- $config = merge $config ((include "host.configmap.vm" .) | fromYaml) }}
{{- end }}
{{- with .Values.features.responding }}
{{- $config = merge $config ((include "host.configmap.responding" .) | fromYaml) }}
{{- with .Values.features.respond }}
{{- $config = merge $config ((include "host.configmap.respond" .) | fromYaml) }}
{{- end }}
{{- with .Values.features.detections }}
{{- $config = merge $config ((include "host.configmap.detections" .) | fromYaml)}}
Expand All @@ -42,10 +42,10 @@ true
{{- end }}
{{- define "host.features.monitor_enabled" }}
{{- if or .Values.features.monitoring.app_checks.enabled
.Values.features.monitoring.java_management_extensions.enabled
.Values.features.monitoring.prometheus.enabled
.Values.features.monitoring.statsd.enabled
{{- if or .Values.features.monitor.app_checks.enabled
.Values.features.monitor.java_management_extensions.enabled
.Values.features.monitor.prometheus.enabled
.Values.features.monitor.statsd.enabled
(dig "app_checks_enabled" false .Values.host.additional_settings)
(dig "jmx" "enabled" false .Values.host.additional_settings)
(dig "prometheus" "enabled" false .Values.host.additional_settings)
Expand All @@ -70,13 +70,13 @@ true
{{/* TODO: Kubernetes metadata */}}
{{- with .Values.features }}
{{- $config := dict
"app_checks_enabled" .monitoring.app_checks.enabled
"app_checks_enabled" .monitor.app_checks.enabled
"audit_tap"
(dict "enabled" .investigations.audit_tap.enabled)
"drift_control"
(dict "enabled" .detections.drift_control.enabled)
"jmx"
(dict "enabled" .monitoring.java_management_extensions.enabled)
(dict "enabled" .monitor.java_management_extensions.enabled)
"live_logs"
(dict "enabled" .investigations.live_logs.enabled)
"local_forwarder"
Expand All @@ -86,11 +86,11 @@ true
"network_topology"
(dict "enabled" .investigations.network_security.enabled)
"prometheus"
(dict "enabled" .monitoring.prometheus.enabled)
(dict "enabled" .monitor.prometheus.enabled)
"secure_audit_streams"
(dict "enabled" .investigations.activity_audit.enabled)
"statsd"
(dict "enabled" .monitoring.statsd.enabled)
(dict "enabled" .monitor.statsd.enabled)
"sysdig_capture_enabled" .investigations.captures.enabled }}
{{- $config | toYaml }}
{{- end }}
Expand All @@ -113,7 +113,7 @@ true
{{- if (include "common.proxy.enabled" . ) }}
{{- $config := merge $config (dict "http_proxy" (include "host.proxy_config" . | fromYaml)) }}
{{- end }}
{{- if .Values.features.responding.rapid_response.enabled }}
{{- if .Values.features.respond.rapid_response.enabled }}
{{- $config = merge $config (dict "rapid_response" (dict "enabled" true)) }}
{{- end }}
{{- $config = merge $config (include "host.parse_features" . | fromYaml) }}
Expand Down
4 changes: 2 additions & 2 deletions charts/shield/templates/host/configmap.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ data:
integrations:
{{- toYaml .Values.features.investigations.event_forwarder.integrations | nindent 6 }}
{{- end }}
{{- if .Values.features.monitoring.prometheus.enabled }}
{{- if .Values.features.monitor.prometheus.enabled }}
prometheus.yaml: |
{{- toYaml .Values.features.monitoring.prometheus.prometheus_yaml | nindent 4 }}
{{- toYaml .Values.features.monitor.prometheus.prometheus_yaml | nindent 4 }}
{{- end }}
2 changes: 1 addition & 1 deletion charts/shield/templates/host/daemonset.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -145,7 +145,7 @@ spec:
{{- include "common.proxy.envs" . | nindent 12 }}
{{- end }}
{{- include "common.custom_ca.envs" (merge (dict) . (dict "CACertsPath" "/opt/draios/certificates/")) | nindent 12 }}
{{- if .Values.features.responding.rapid_response.enabled }}
{{- if .Values.features.respond.rapid_response.enabled }}
- name: PASSWORD
valueFrom:
secretKeyRef:
Expand Down
2 changes: 1 addition & 1 deletion charts/shield/templates/host/secrets.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
{{- if .Values.features.responding.rapid_response.enabled }}
{{- if .Values.features.respond.rapid_response.enabled }}
---
apiVersion: v1
kind: Secret
Expand Down
Loading

0 comments on commit 52ecd88

Please sign in to comment.