fix values

sysdiglabs · Jan 16, 2025 · 603b487 · 603b487
1 parent 4cc0d26
commit 603b487
Show file tree

Hide file tree

Showing 3 changed files with 118 additions and 80 deletions.
diff --git a/charts/kspm-collector/values.yaml b/charts/kspm-collector/values.yaml
@@ -1,20 +1,21 @@
 # Can be set to true to show debug logging, useful for troubleshooting.
 debug: false
 
-httpProxy: null
-httpsProxy: null
-noProxy: null
-sslVerifyCertificate: null
+httpProxy:
+httpsProxy:
+noProxy:
+sslVerifyCertificate:
 natsMaxReconnect: 0
 natsMaxReconnectFailures: 60
 # Namespace to deploy to (Optional: Will default to release namespace)
-namespace: null
+namespace:
+
 # Default values for Sysdig KSPM Collector
 global:
   clusterConfig: {}
   sysdig:
     region: "us1"
-  sslVerifyCertificate: null
+  sslVerifyCertificate:
   proxy: {}
   kspm:
     deploy: true
@@ -44,15 +45,18 @@ global:
       #       -----END CERTIFICATE-----
 
       # Filename that is used when creating the secret.  Required if cert is provided.
-      keyName: null
+      keyName:
+
       # Provide the name of an existing Secret that contains the CA required
-      existingCaSecret: null
+      existingCaSecret:
       # Provide the filename that is defined inside the existing Secret.  Required if existingCaSecret is set.
-      existingCaSecretKeyName: null
+      existingCaSecretKeyName:
+
       # Provide the name of an existing ConfigMap that contains the CA required
-      existingCaConfigMap: null
+      existingCaConfigMap:
       # Provide the filename that is defined inside the existing ConfigMap.  Required if existingCaConfigMap is set.
-      existingCaConfigMapKeyName: null
+      existingCaConfigMapKeyName:
+
 sysdig:
   # Required: You need your Sysdig access key before running agents, either specifying 'accessKey' here, or using 'existingAccessKeySecret'
   accessKey: ""
@@ -75,9 +79,10 @@ clusterName: ""
 image:
   repository: sysdig/kspm-collector
   tag: 1.39.7
-  digest: null
+  digest:
   registry: quay.io
-  pullPolicy: null
+  pullPolicy:
+
 # Set image pull secret name
 # Example
 # imagePullSecrets:
@@ -153,7 +158,8 @@ tolerations:
     value: arm64
     effect: NoSchedule
 
-priorityClassName: null
+priorityClassName:
+
 # arch and os will be used to template out a node affinity block matching everything in each list. If affinity is
 # defined, these fields will be ignored
 arch:
@@ -194,15 +200,18 @@ ssl:
     #       -----END CERTIFICATE-----
 
     # Filename that is used when creating the secret.  Required if cert is provided.
-    keyName: null
+    keyName:
+
     # Provide the name of an existing Secret that contains the CA required
-    existingCaSecret: null
+    existingCaSecret:
     # Provide the filename that is defined inside the existing Secret.  Required if existingCaSecret is set.
-    existingCaSecretKeyName: null
+    existingCaSecretKeyName:
+
     # Provide the name of an existing ConfigMap that contains the CA required
-    existingCaConfigMap: null
+    existingCaConfigMap:
     # Provide the filename that is defined inside the existing ConfigMap.  Required if existingCaConfigMap is set.
-    existingCaConfigMapKeyName: null
+    existingCaConfigMapKeyName:
+
 tests:
   skip: false
   timeout: 300s

diff --git a/charts/node-analyzer/values.yaml b/charts/node-analyzer/values.yaml
@@ -36,21 +36,25 @@ global:
       #       -----END CERTIFICATE-----
 
       # Filename that is used when creating the secret.  Required if cert is provided.
-      keyName: null
+      keyName:
+
       # Provide the name of an existing Secret that contains the CA required
-      existingCaSecret: null
+      existingCaSecret:
       # Provide the filename that is defined inside the existing Secret.  Required if existingCaSecret is set.
-      existingCaSecretKeyName: null
+      existingCaSecretKeyName:
+
       # Provide the name of an existing ConfigMap that contains the CA required
-      existingCaConfigMap: null
+      existingCaConfigMap:
       # Provide the filename that is defined inside the existing ConfigMap.  Required if existingCaConfigMap is set.
-      existingCaConfigMapKeyName: null
+      existingCaConfigMapKeyName:
+
 image:
   # This is a hack to support RELATED_IMAGE_<identifier> feature in Helm based
   # Operators
   #
   # As long as I don't want to people to use this, I will keep it undocumented
-  overrideValue: null
+  overrideValue:
+
   registry: quay.io
 
 gke:
@@ -70,7 +74,8 @@ daemonset:
     # You can also customize maxUnavailable
     rollingUpdate:
       maxUnavailable: 1
-      maxSurge: null
+      maxSurge:
+
 rbac:
   # true here enables creation of rbac resources
   create: true
@@ -129,9 +134,9 @@ nodeAnalyzer:
   debug: false
 
   # Proxy configuration variables
-  httpProxy: null
-  httpsProxy: null
-  noProxy: null
+  httpProxy:
+  httpsProxy:
+  noProxy:
   # NATS max reconnect attempts
   natsMaxReconnect: 0
   natsMaxReconnectFailures: 60
@@ -159,9 +164,11 @@ nodeAnalyzer:
   createPriorityClass: false
 
   # Set nodeAnalyzer daemonset priorityClassName
-  priorityClassName: null
+  priorityClassName:
+
   # Set the value for the Priority Class (if it is to be created)
-  priorityClassValue: null
+  priorityClassValue:
+
   # Allow the DaemonSet to set labels
   labels: {}
   # Use this pullSecret to pull images from a private registry
@@ -183,12 +190,14 @@ nodeAnalyzer:
     image:
       repository: sysdig/node-image-analyzer
       tag: 0.1.36
-      digest: null
-      pullPolicy: null
+      digest:
+      pullPolicy:
+
     # Proxy configuration variables
-    httpProxy: null
-    httpsProxy: null
-    noProxy: null
+    httpProxy:
+    httpsProxy:
+    noProxy:
+
     # The Docker socket path.
     # If a custom path is specified, ensure it is correctly mounted from the host inside the container.
     # dockerSocketPath: unix:///var/run/docker.sock
@@ -239,12 +248,14 @@ nodeAnalyzer:
     image:
       repository: sysdig/host-analyzer
       tag: 0.1.23
-      digest: null
-      pullPolicy: null
+      digest:
+      pullPolicy:
+
     # Proxy configuration variables
-    httpProxy: null
-    httpsProxy: null
-    noProxy: null
+    httpProxy:
+    httpsProxy:
+    noProxy:
+
     # The scanning schedule specification for the host analyzer expressed as a crontab string such as “5 4 * * *”.
     # The default value of @dailydefault instructs the analyzer to automatically pick a schedule that will start
     # shortly after it is deployed and will perform a scan every 24 hours.
@@ -273,12 +284,14 @@ nodeAnalyzer:
     image:
       repository: sysdig/compliance-benchmark-runner
       tag: 1.1.1.4
-      digest: null
-      pullPolicy: null
+      digest:
+      pullPolicy:
+
     # Proxy configuration variables
-    httpProxy: null
-    httpsProxy: null
-    noProxy: null
+    httpProxy:
+    httpsProxy:
+    noProxy:
+
     resources:
       requests:
         cpu: 150m
@@ -301,13 +314,15 @@ nodeAnalyzer:
     image:
       repository: sysdig/vuln-runtime-scanner
       tag: "1.8.1"
-      digest: null
-      pullPolicy: null
+      digest:
+      pullPolicy:
+
     # Proxy configuration variables
-    httpProxy: null
-    httpsProxy: null
-    noProxy: null
-    storageClassName: null
+    httpProxy:
+    httpsProxy:
+    noProxy:
+
+    storageClassName:
     extraMounts: []
     # example for bottlerocket
     # extraMounts:
@@ -351,9 +366,11 @@ nodeAnalyzer:
       image:
         repository: sysdig/eveclient-api
         tag: 1.1.4
-        digest: null
-        pullPolicy: null
-      priorityClassName: null
+        digest:
+        pullPolicy:
+
+      priorityClassName:
+
       resources:
         requests:
           cpu: 100m
@@ -390,12 +407,14 @@ nodeAnalyzer:
     image:
       repository: sysdig/vuln-host-scanner
       tag: "0.12.3"
-      digest: null
-      pullPolicy: null
+      digest:
+      pullPolicy:
+
     # Proxy configuration variables
-    httpProxy: null
-    httpsProxy: null
-    noProxy: null
+    httpProxy:
+    httpsProxy:
+    noProxy:
+
     # Prometheus configuration
     prometheus:
       enabled: false
@@ -436,15 +455,17 @@ nodeAnalyzer:
     image:
       repository: sysdig/kspm-analyzer
       tag: 1.44.20
-      digest: null
-      pullPolicy: null
+      digest:
+      pullPolicy:
+
     # Permissions for OCP4, previously only added for benchmarkrunner
     includeSensitivePermissions: false
 
     # Proxy configuration variables
-    httpProxy: null
-    httpsProxy: null
-    noProxy: null
+    httpProxy:
+    httpsProxy:
+    noProxy:
+
     resources:
       requests:
         cpu: 150m
@@ -490,15 +511,18 @@ nodeAnalyzer:
       #       -----END CERTIFICATE-----
 
       # Filename that is used when creating the secret.  Required if cert is provided.
-      keyName: null
+      keyName:
+
       # Provide the name of an existing Secret that contains the CA required
-      existingCaSecret: null
+      existingCaSecret:
       # Provide the filename that is defined inside the existing Secret.  Required if existingCaSecret is set.
-      existingCaSecretKeyName: null
+      existingCaSecretKeyName:
+
       # Provide the name of an existing ConfigMap that contains the CA required
-      existingCaConfigMap: null
+      existingCaConfigMap:
       # Provide the filename that is defined inside the existing ConfigMap.  Required if existingCaConfigMap is set.
-      existingCaConfigMapKeyName: null
+      existingCaConfigMapKeyName:
+
       # If Bottlerocket is enabled then the apiclient and api socket will be mounted
   bottlerocket:
     enabled: false

diff --git a/charts/rapid-response/values.yaml b/charts/rapid-response/values.yaml
@@ -33,13 +33,15 @@ global:
       keyName: root_ca_file.crt
 
       # Provide the name of an existing Secret that contains the CA required
-      existingCaSecret: null
+      existingCaSecret:
       # Provide the filename that is defined inside the existing Secret.  Required if existingCaSecret is set.
-      existingCaSecretKeyName: null
+      existingCaSecretKeyName:
+
       # Provide the name of an existing ConfigMap that contains the CA required
-      existingCaConfigMap: null
+      existingCaConfigMap:
       # Provide the filename that is defined inside the existing ConfigMap.  Required if existingCaConfigMap is set.
-      existingCaConfigMapKeyName: null
+      existingCaConfigMapKeyName:
+
 sysdig:
   # Required: You need your Sysdig access key before running agents, either specifying 'accessKey' here, or using 'existingAccessKeySecret'
   accessKey: ""
@@ -60,7 +62,7 @@ rapidResponse:
 
   image:
     registry: quay.io
-    pullPolicy: null
+    pullPolicy:
     repository: sysdig/rapid-response-host-component
     # If unset, .Chart.AppVersion is used to create tag
     # Note: Image tag must be a string specified in double-quotes
@@ -128,15 +130,18 @@ rapidResponse:
       #       -----END CERTIFICATE-----
 
       # Filename that is used when creating the secret.  Required if cert is provided.
-      keyName: null
+      keyName:
+
       # Provide the name of an existing Secret that contains the CA required
-      existingCaSecret: null
+      existingCaSecret:
       # Provide the filename that is defined inside the existing Secret.  Required if existingCaSecret is set.
-      existingCaSecretKeyName: null
+      existingCaSecretKeyName:
+
       # Provide the name of an existing ConfigMap that contains the CA required
-      existingCaConfigMap: null
+      existingCaConfigMap:
       # Provide the filename that is defined inside the existing ConfigMap.  Required if existingCaConfigMap is set.
-      existingCaConfigMapKeyName: null
+      existingCaConfigMapKeyName:
+
   # The privileged flag is necessary for OCP 4.x and other Kubernetes setups that deny host filesystem access to
   # running containers by default regardless of volume mounts. In those cases, access to the CRI socket would fail.
   # securityContext: