Skip to content

Commit

Permalink
Merge branch 'main' into bump-benchmark-runner-1.1.1.5
Browse files Browse the repository at this point in the history
  • Loading branch information
@chen-shmilovich-sysdig
chen-shmilovich-sysdig authored Jan 19, 2025
2 parents 76db7f0 + e92807f commit eaca870
Show file tree
Hide file tree
Showing 144 changed files with 4,749 additions and 535 deletions.
2 changes: 2 additions & 0 deletions .github/CODEOWNERS
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,3 +10,5 @@
/charts/cloud-connector @sysdiglabs/cloud-native
/charts/cloud-scanning @sysdiglabs/cloud-native
/charts/registry-scanner @sysdiglabs/cloud-native @sysdiglabs/vm-scanners

/rh-shield-operator/ @sysdiglabs/team-tools-agent
8 changes: 8 additions & 0 deletions .github/dependabot.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,3 +8,11 @@ updates:
- "draios/team-tools-agent"
labels:
- "dependencies"
- package-ecosystem: docker
directory: "/rh-shield-operator"
schedule:
interval: "daily"
reviewers:
- "draios/team-tools-agent"
labels:
- "dependencies"
31 changes: 16 additions & 15 deletions .github/updatecli.d/config-agent-release.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
name: update sysdig and agent charts for new agent release
name: update shield and agent charts for new host-shield release

scms:
github:
Expand All @@ -18,11 +18,11 @@ actions:
scmid: "github"
spec:
automerge: true
description: 'bump agent image tags for `agent` and `sysdig` charts to {{ requiredEnv "AGENT_RELEASE" }}'
description: 'bump agent image tags for `agent` and `shield` charts to {{ requiredEnv "AGENT_RELEASE" }}'
labels:
- "automated PR"
mergemethod: squash
title: 'feat: release agent {{ requiredEnv "AGENT_RELEASE" }}'
title: 'feat(agent,shield): release agent {{ requiredEnv "AGENT_RELEASE" }}'

sources:
agentRelease:
Expand All @@ -35,22 +35,23 @@ sources:
pattern: '[0-9]+\.[0-9]+\.[0-9]+$'

targets:
updateAgentChartValues:
name: "update agent tag in agent chart"
kind: yaml
updateAgentChart:
name: "update the agent chart"
kind: helmchart
scmid: github
spec:
file: "charts/agent/values.yaml"
name: "charts/agent"
file: values.yaml
key: "$.image.tag"
appVersion: true
versionincrement: auto

bumpAgentChart:
name: "bump the chart version of the agent chart"
updateShieldChart:
name: "update the the shield chart"
kind: helmchart
scmid: github
dependson:
- updateAgentChartValues
spec:
name: "charts/agent"
file: Chart.yaml
key: "$.appVersion"
versionincrement: patch
name: "charts/shield"
file: values.yaml
key: "$.host.image.tag"
versionincrement: auto
2 changes: 1 addition & 1 deletion .github/workflows/agent-release.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ jobs:
uses: actions/checkout@v4

- name: Install Updatecli in the runner
uses: updatecli/updatecli-action@v2.68.0
uses: updatecli/updatecli-action@v2.76.0

- name: Run Updatecli in apply mode
run: "updatecli apply --config .github/updatecli.d/config-agent-release.yaml"
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/k8s-apis-deprecation.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ jobs:

- name: "🛠️ Setup Pluto"
# Pluto in the docs suggest to use master but would be better to tag a release version
uses: FairwindsOps/pluto/github-action@v5.20.3
uses: FairwindsOps/pluto/github-action@v5.21.1

- name: "🔍 Inspecting ${{ matrix.charts_name }} against k8s ${{ matrix.k8s_version }}"
id: inspecting
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/kubectl-update.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ jobs:
uses: actions/checkout@v4

- name: Install Updatecli in the runner
uses: updatecli/updatecli-action@v2.68.0
uses: updatecli/updatecli-action@v2.76.0

- name: Run Updatecli
run: "updatecli apply --config .github/updatecli.d/config-update-bitnami-kubectl-image.yaml"
Expand Down
33 changes: 33 additions & 0 deletions .github/workflows/release-rh-shield-operator.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
name: Release the Shield Operator

on:
workflow_dispatch:
inputs:
release_version:
description: 'The version of the operator to release'
required: true
type: string
jobs:
build-and-push:
name: Build and Push the Operator Images
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: '1'

- name: Login to Docker registry
uses: docker/login-action@v3
with:
registry: quay.io
username: ${{ secrets.QUAY_RH_SHIELD_OPERATOR_USERNAME }}
password: ${{ secrets.QUAY_RH_SHIELD_OPERATOR_PASSWORD }}

- name: Build and Push Operator and Bundle Images
env:
IMAGE_TAG_BASE: ${{ secrets.QUAY_RH_SHIELD_OPERATOR_IMAGE_TAG_BASE }}
VERSION: ${{ github.event.inputs.release_version }}
run: |
make docker-build docker-push bundle-build bundle-push
working-directory: rh-shield-operator
4 changes: 2 additions & 2 deletions .github/workflows/update-sysdig-deploy-chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ jobs:
- name: Install YQ
if: steps.dependent_files.outputs.any_changed == 'true'
uses: dcarbone/install-yq-action@v1.1.1
uses: dcarbone/install-yq-action@v1.3.1

- name: run the script
if: steps.dependent_files.outputs.any_changed == 'true'
Expand All @@ -43,7 +43,7 @@ jobs:
- name: Create Pull Request
if: steps.dependent_files.outputs.any_changed == 'true'
uses: peter-evans/[email protected].5
uses: peter-evans/[email protected].6
with:
title: "chore(sysdig-deploy): Automatic version bump due to updated dependencies"
base: main
Expand Down
2 changes: 1 addition & 1 deletion .pre-commit-config.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ repos:
entry: make unittest
language: system
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.2.0
rev: v5.0.0
hooks:
- id: trailing-whitespace
- id: end-of-file-fixer
Expand Down
3 changes: 3 additions & 0 deletions charts/admission-controller/CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used
exclusively to fix incorrect entries and not to add new ones.

## Change Log
# v0.16.7
### Chores
* **admission-controller** [d1267cf6](https://github.com/sysdiglabs/charts/commit/d1267cf668829b16a91d66fcb05be9dedbb70df0): Bump Admission-controller to 0.16.7 ([#2105](https://github.com/sysdiglabs/charts/issues/2105))
# v0.16.6
### Chores
* **admission-controller** [cb767c33](https://github.com/sysdiglabs/charts/commit/cb767c33699478121191eb221fe3a451706f41c1): Update to v3.9.47 ([#1866](https://github.com/sysdiglabs/charts/issues/1866))
Expand Down
2 changes: 1 addition & 1 deletion charts/admission-controller/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v2
name: admission-controller
description: Sysdig Admission Controller using Sysdig Secure inline image scanner
type: application
version: 0.16.6
version: 0.16.7
appVersion: 3.9.47
home: https://sysdiglabs.github.io/admission-controller/
icon: https://avatars.githubusercontent.com/u/5068817?s=200&v=4
Expand Down
6 changes: 3 additions & 3 deletions charts/admission-controller/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@ For example:

```bash
helm upgrade --install admission-controller sysdig/admission-controller \
--create-namespace -n sysdig-admission-controller --version=0.16.6 \
--create-namespace -n sysdig-admission-controller --version=0.16.7 \
--set sysdig.secureAPIToken=YOUR-KEY-HERE,clusterName=YOUR-CLUSTER-NAME
```

Expand All @@ -80,7 +80,7 @@ For example:

```bash
helm upgrade --install admission-controller sysdig/admission-controller \
--create-namespace -n sysdig-admission-controller --version=0.16.6 \
--create-namespace -n sysdig-admission-controller --version=0.16.7 \
--values values.yaml

```
Expand Down Expand Up @@ -141,7 +141,7 @@ The following table lists the configurable parameters of the `admission-controll
| webhook.v2.http.port | HTTP serve port where the requests will be served from | <code>6443</code> |
| webhook.v2.image.registry | The KSPM Admission Controller image registry | <code>quay.io</code> |
| webhook.v2.image.repository | The KSPM Admission Controller image repository | <code>sysdig/secure-admission-controller</code> |
| webhook.v2.image.tag | The KSPM Admission Controller image tag | <code>1.27.4</code> |
| webhook.v2.image.tag | The KSPM Admission Controller image tag | <code>1.27.5</code> |
| webhook.v2.image.digest | Specifies the image digest value. If set, this value is used instead of the tag value | <code></code> |
| webhook.v2.image.pullPolicy | The PullPolicy for KSPM Admission Controller image | <code></code> |
| webhook.name | The service name for Webhook deployment | <code>webhook</code> |
Expand Down
4 changes: 2 additions & 2 deletions charts/admission-controller/RELEASE-NOTES.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# What's Changed

### Chores
- **admission-controller** [cb767c33](https://github.com/sysdiglabs/charts/commit/cb767c33699478121191eb221fe3a451706f41c1): Update to v3.9.47 ([#1866](https://github.com/sysdiglabs/charts/issues/1866))
#### Full diff: https://github.com/sysdiglabs/charts/compare/admission-controller-0.16.5...admission-controller-0.16.6
- **admission-controller** [d1267cf6](https://github.com/sysdiglabs/charts/commit/d1267cf668829b16a91d66fcb05be9dedbb70df0): Bump Admission-controller to 0.16.7 ([#2105](https://github.com/sysdiglabs/charts/issues/2105))
#### Full diff: https://github.com/sysdiglabs/charts/compare/admission-controller-0.16.6...admission-controller-0.16.7
1 change: 1 addition & 0 deletions charts/admission-controller/templates/webhook/configmap.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ data:
CERT_LOCATION: /cert
EXTERNAL_NATS_URL: {{ include "admissionController.natsUrl" . }}
NATS_INSECURE: "{{.Values.webhook.v2.nats.insecure}}"
BACKEND_URL: "{{ .Values.sysdig.url | default (printf "https://%s" (include "admissionController.apiEndpoint" .)) }}"
{{- end}}
{{- if .Values.webhook.acConfig }}
CACHE_FLUSH_PERIOD: "{{ .Values.webhook.cacheFlushPeriod | default "24h" }}"
Expand Down
2 changes: 1 addition & 1 deletion charts/admission-controller/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -188,7 +188,7 @@ webhook:
# The KSPM Admission Controller image repository
repository: sysdig/secure-admission-controller
# The KSPM Admission Controller image tag
tag: 1.27.4
tag: 1.27.5
# Specifies the image digest value. If set, this value is used instead of the tag value
digest:
# The PullPolicy for KSPM Admission Controller image
Expand Down
39 changes: 39 additions & 0 deletions charts/agent/CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,45 @@ Manual edits are supported only below '## Change Log' and should be used
exclusively to fix incorrect entries and not to add new ones.

## Change Log
# v1.34.8
### New Features
* **agent,shield** [58350609](https://github.com/sysdiglabs/charts/commit/5835060974d9e807f59a59845ec5228ce98bfe15): release agent 13.7.2 ([#2119](https://github.com/sysdiglabs/charts/issues/2119))
# v1.34.7
### Chores
* **ci** [ca48817c](https://github.com/sysdiglabs/charts/commit/ca48817ca3532f8367509f1a9582923ff8020d29): bump bitnami/kubectl image references ([#2115](https://github.com/sysdiglabs/charts/issues/2115))
# v1.34.6
### New Features
* **agent** [3dfcf311](https://github.com/sysdiglabs/charts/commit/3dfcf311d7585421ab0f6ad8f3ea36b9912f34c3): [SMAGENT-8138][SMAGENT-8501] add full securityContext to agent charts ([#2102](https://github.com/sysdiglabs/charts/issues/2102))
# v1.34.5
### New Features
* **agent,shield** [d8414740](https://github.com/sysdiglabs/charts/commit/d8414740491a7fc39ba85b72ad08d4792e94b734): release agent 13.7.1 ([#2094](https://github.com/sysdiglabs/charts/issues/2094))
# v1.34.4
### Chores
* **ci** [e3167692](https://github.com/sysdiglabs/charts/commit/e316769250d0ab94519de59436be0d16fb5df3e1): bump bitnami/kubectl image references ([#2053](https://github.com/sysdiglabs/charts/issues/2053))
# v1.34.3
### Chores
* **agent** [ed886c9a](https://github.com/sysdiglabs/charts/commit/ed886c9a60c57fa10c90b9dd90fa1ee3433e70d0): Bump Windows Agent release to 1.3.1 ([#2085](https://github.com/sysdiglabs/charts/issues/2085))
# v1.34.2
### New Features
* **agent** [a65d52c3](https://github.com/sysdiglabs/charts/commit/a65d52c363277573f7c6b70dab172e065c38f59f): REVERT [SMAGENT-8138] add full securityContext to agent charts ([#2084](https://github.com/sysdiglabs/charts/issues/2084))
# v1.34.1
### New Features
* **agent** [550c06fa](https://github.com/sysdiglabs/charts/commit/550c06fad7140b7e98d6063ba61337be4341498a): [SMAGENT-8138] add full securityContext to agent charts ([#2017](https://github.com/sysdiglabs/charts/issues/2017))
# v1.34.0
### New Features
* **agent** [2f61bf41](https://github.com/sysdiglabs/charts/commit/2f61bf415127e76a6f628d962916d74cb1870997): [SMAGENT-8424] Allow for custom security context ([#2062](https://github.com/sysdiglabs/charts/issues/2062))
# v1.33.0
### New Features
* **agent,shield** [e48080ae](https://github.com/sysdiglabs/charts/commit/e48080aee167e1a324e09ff092676378abb4c3f1): release agent 13.7.0 ([#2069](https://github.com/sysdiglabs/charts/issues/2069))
# v1.32.0
### New Features
* **agent** [3453bc7d](https://github.com/sysdiglabs/charts/commit/3453bc7dccad55c9c8f2cd67948e132d6b4eb120): Support single healthProbe port for Windows version with tag greater than 1.2.0 ([#1990](https://github.com/sysdiglabs/charts/issues/1990))
# v1.31.0
### New Features
* **agent,sysdig-deploy** [9304b56c](https://github.com/sysdiglabs/charts/commit/9304b56c81553823b8457c4d031f29a83fb9a932): release agent 13.6.1 ([#2031](https://github.com/sysdiglabs/charts/issues/2031))
# v1.30.0
### New Features
* **agent,sysdg-deploy,shield** [aa507cd5](https://github.com/sysdiglabs/charts/commit/aa507cd50bde037ec9c407dd7282677641beafaa): release agent 13.5.0 ([#2000](https://github.com/sysdiglabs/charts/issues/2000))
# v1.29.9
### Chores
* **ci** [24341099](https://github.com/sysdiglabs/charts/commit/2434109978fc1b1703fcac72ec225f8c0823f50b): bump bitnami/kubectl image references ([#1992](https://github.com/sysdiglabs/charts/issues/1992))
Expand Down
4 changes: 2 additions & 2 deletions charts/agent/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
apiVersion: v2
appVersion: 13.4.1
appVersion: 13.7.2
dependencies:
- name: common
repository: file://../common
Expand Down Expand Up @@ -30,4 +30,4 @@ sources:
- https://app.sysdigcloud.com/#/settings/user
- https://github.com/draios/sysdig
type: application
version: 1.29.9
version: 1.34.8
Loading

0 comments on commit eaca870

Please sign in to comment.