Skip to content

Commit

Permalink
feat(shield): restore legacy monitoring and responding key names (#2111)
Browse files Browse the repository at this point in the history
  • Loading branch information
@aroberts87
aroberts87 authored Jan 15, 2025
1 parent 94c3429 commit 78198a3
Show file tree
Hide file tree
Showing 13 changed files with 109 additions and 59 deletions.
2 changes: 1 addition & 1 deletion charts/shield/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,5 +13,5 @@ maintainers:
- name: mavimo
email: [email protected]
type: application
version: 0.6.1
version: 0.6.2
appVersion: "1.0.0"
12 changes: 6 additions & 6 deletions charts/shield/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -118,12 +118,12 @@ The following table lists the configurable parameters of the `shield` chart and
| features.investigations.event_forwarder.enabled | | <code>false</code> |
| features.investigations.event_forwarder.integrations | | <code>[]</code> |
| features.investigations.event_forwarder.transmit_message_types | | <code>[]</code> |
| features.respond.rapid_response.enabled | | <code>false</code> |
| features.monitor.app_checks.enabled | | <code>false</code> |
| features.monitor.java_management_extensions.enabled | | <code>false</code> |
| features.monitor.prometheus.enabled | | <code>false</code> |
| features.monitor.prometheus.prometheus_yaml | The content of the prometheus.yaml file | <code>{}</code> |
| features.monitor.statsd.enabled | | <code>false</code> |
| features.responding.rapid_response.enabled | | <code>false</code> |
| features.monitoring.app_checks.enabled | | <code>false</code> |
| features.monitoring.java_management_extensions.enabled | | <code>false</code> |
| features.monitoring.prometheus.enabled | | <code>false</code> |
| features.monitoring.prometheus.prometheus_yaml | The content of the prometheus.yaml file | <code>{}</code> |
| features.monitoring.statsd.enabled | | <code>false</code> |
| host.driver | The driver to use for the host agent (Accepted Values: kmod, legacy_ebpf, universal_ebpf) | <code>kmod</code> |
| host.additional_settings | Additional settings to be passed to the host shield (overrides the helm generated settings) | <code>{}</code> |
| host.custom_security_context | Allows overriding the Security Context of the Agent pod(s). Primarily intended resolving targeted incidents and debugging | <code>{}</code> |
Expand Down
26 changes: 13 additions & 13 deletions charts/shield/templates/host/_configmap_helpers.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,8 @@
{{- dict "vulnerability_management" (pick . "host_vulnerability_management" "in_use") | toYaml }}
{{- end }}
{{- define "host.configmap.respond" }}
{{- dict "respond" (pick . "rapid_response") | toYaml }}
{{- define "host.configmap.responding" }}
{{- dict "responding" (pick . "rapid_response") | toYaml }}
{{- end }}
{{- define "host.configmap.detections" }}
Expand All @@ -25,8 +25,8 @@
{{- with .Values.features.vulnerability_management }}
{{- $config = merge $config ((include "host.configmap.vm" .) | fromYaml) }}
{{- end }}
{{- with .Values.features.respond }}
{{- $config = merge $config ((include "host.configmap.respond" .) | fromYaml) }}
{{- with .Values.features.responding }}
{{- $config = merge $config ((include "host.configmap.responding" .) | fromYaml) }}
{{- end }}
{{- with .Values.features.detections }}
{{- $config = merge $config ((include "host.configmap.detections" .) | fromYaml)}}
Expand All @@ -42,10 +42,10 @@ true
{{- end }}
{{- define "host.features.monitor_enabled" }}
{{- if or .Values.features.monitor.app_checks.enabled
.Values.features.monitor.java_management_extensions.enabled
.Values.features.monitor.prometheus.enabled
.Values.features.monitor.statsd.enabled
{{- if or (dig (include "host.monitor_key" .) "app_checks" "enabled" false .Values.features)
(dig (include "host.monitor_key" .) "java_management_extensions" "enabled" false .Values.features)
(dig (include "host.monitor_key" .) "prometheus" "enabled" false .Values.features)
(dig (include "host.monitor_key" .) "statsd" "enabled" false .Values.features)
(dig "app_checks_enabled" false .Values.host.additional_settings)
(dig "jmx" "enabled" false .Values.host.additional_settings)
(dig "prometheus" "enabled" false .Values.host.additional_settings)
Expand All @@ -70,13 +70,13 @@ true
{{/* TODO: Kubernetes metadata */}}
{{- with .Values.features }}
{{- $config := dict
"app_checks_enabled" .monitor.app_checks.enabled
"app_checks_enabled" ((dig (include "host.monitor_key" .) "app_checks" "enabled" false .))
"audit_tap"
(dict "enabled" .investigations.audit_tap.enabled)
"drift_control"
(dict "enabled" .detections.drift_control.enabled)
"jmx"
(dict "enabled" .monitor.java_management_extensions.enabled)
(dict "enabled" (dig (include "host.monitor_key" .) "java_management_extensions" "enabled" false .))
"live_logs"
(dict "enabled" .investigations.live_logs.enabled)
"local_forwarder"
Expand All @@ -86,11 +86,11 @@ true
"network_topology"
(dict "enabled" .investigations.network_security.enabled)
"prometheus"
(dict "enabled" .monitor.prometheus.enabled)
(dict "enabled" (dig (include "host.monitor_key" .) "prometheus" "enabled" false .))
"secure_audit_streams"
(dict "enabled" .investigations.activity_audit.enabled)
"statsd"
(dict "enabled" .monitor.statsd.enabled)
(dict "enabled" (dig (include "host.monitor_key" .) "statsd" "enabled" false .))
"sysdig_capture_enabled" .investigations.captures.enabled }}
{{- $config | toYaml }}
{{- end }}
Expand All @@ -113,7 +113,7 @@ true
{{- if (include "common.proxy.enabled" . ) }}
{{- $config := merge $config (dict "http_proxy" (include "host.proxy_config" . | fromYaml)) }}
{{- end }}
{{- if .Values.features.respond.rapid_response.enabled }}
{{- if (include "host.rapid_response_enabled" .) }}
{{- $config = merge $config (dict "rapid_response" (dict "enabled" true)) }}
{{- end }}
{{- $config = merge $config (include "host.parse_features" . | fromYaml) }}
Expand Down
48 changes: 48 additions & 0 deletions charts/shield/templates/host/_helpers.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -169,3 +169,51 @@ capabilities:
{{- include "host.capabilities" . | nindent 4 }}
{{- end }}
{{- end -}}

{{- define "host.respond_key" }}
{{- if hasKey . "respond" }}
{{- print "respond" }}
{{- else }}
{{- print "responding" }}
{{- end }}
{{- end }}

{{- define "host.rapid_response_enabled" }}
{{- with .Values.features }}
{{- if (dig (include "host.respond_key" .) "rapid_response" "enabled" false .) }}
true
{{- end }}
{{- end }}
{{- end }}

{{- define "host.monitor_key" }}
{{- if hasKey . "monitor" }}
{{- print "monitor" }}
{{- else }}
{{- print "monitoring" }}
{{- end }}
{{- end }}

{{- define "host.app_checks_enabled" }}
{{- if dig (include "host.monitor_key" .) "app_checks" "enabled" false . }}
true
{{- end }}
{{- end }}

{{- define "host.jmx_enabled" }}
{{- if dig (include "host.monitor_key" .) "java_mangement_extensions" "enabled" false . }}
true
{{- end }}
{{- end }}

{{- define "host.prometheus_enabled" }}
{{- if dig (include "host.monitor_key" .) "prometheus" "enabled" false . }}
true
{{- end }}
{{- end }}

{{- define "host.statsd_enabled" }}
{{- if dig (include "host.monitor_key" .) "statsd" "enabled" false . }}
true
{{- end }}
{{- end }}
Loading

0 comments on commit 78198a3

Please sign in to comment.