diff --git a/charts/cloud-security/kubernetes-cluster/templates/admission-controller/deployment.yaml b/charts/cloud-security/kubernetes-cluster/templates/admission-controller/deployment.yaml index 099d3ff..21220b3 100644 --- a/charts/cloud-security/kubernetes-cluster/templates/admission-controller/deployment.yaml +++ b/charts/cloud-security/kubernetes-cluster/templates/admission-controller/deployment.yaml @@ -19,17 +19,17 @@ spec: template: metadata: annotations: - {{- with .Values.pod.annotations }} + {{- with .Values.admissionController.pod.annotations }} {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "labels" . | nindent 8 }} {{- include "admissionController.labels" . | nindent 8 }} - {{- with .Values.pod.labels }} + {{- with .Values.admissionController.pod.labels }} {{- toYaml . | nindent 8 }} {{- end }} spec: - {{- with .Values.pod.affinity }} + {{- with .Values.admissionController.pod.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} @@ -80,7 +80,7 @@ spec: periodSeconds: 10 successThreshold: 1 timeoutSeconds: 3 - {{- with .Values.pod.resources }} + {{- with .Values.admissionController.pod.resources }} resources: {{- toYaml . | nindent 10 }} {{- end }} @@ -110,7 +110,7 @@ spec: type: RuntimeDefault serviceAccountName: {{ include "admissionController.resourceNamePrefix" . }}-service-account terminationGracePeriodSeconds: 60 - {{- with .Values.pod.tolerations }} + {{- with .Values.admissionController.pod.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/cloud-security/kubernetes-cluster/templates/sensor/daemonset.yaml b/charts/cloud-security/kubernetes-cluster/templates/sensor/daemonset.yaml index e6eb221..5b93ad3 100644 --- a/charts/cloud-security/kubernetes-cluster/templates/sensor/daemonset.yaml +++ b/charts/cloud-security/kubernetes-cluster/templates/sensor/daemonset.yaml @@ -16,17 +16,17 @@ spec: template: metadata: annotations: - {{- with .Values.pod.annotations }} + {{- with .Values.sensor.pod.annotations }} {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "labels" . | nindent 8 }} {{- include "sensor.labels" . | nindent 8 }} - {{- with .Values.pod.labels }} + {{- with .Values.sensor.pod.labels }} {{- toYaml . | nindent 8 }} {{- end }} spec: - {{- with .Values.pod.affinity }} + {{- with .Values.sensor.pod.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} @@ -48,7 +48,7 @@ spec: image: {{ .Values.sensor.containerImagePath }} imagePullPolicy: Always name: {{ include "sensor.resourceNamePrefix" . }}-container - {{- with .Values.pod.resources }} + {{- with .Values.sensor.pod.resources }} resources: {{- toYaml . | nindent 12 }} {{- end }} @@ -73,7 +73,7 @@ spec: seccompProfile: type: RuntimeDefault serviceAccountName: {{ include "sensor.resourceNamePrefix" . }}-service-account - {{- with .Values.pod.tolerations }} + {{- with .Values.sensor.pod.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} diff --git a/charts/cloud-security/kubernetes-cluster/values.schema.json b/charts/cloud-security/kubernetes-cluster/values.schema.json index 31950bf..27a1720 100644 --- a/charts/cloud-security/kubernetes-cluster/values.schema.json +++ b/charts/cloud-security/kubernetes-cluster/values.schema.json @@ -23,6 +23,9 @@ "healthPort": { "type": "integer" }, + "logLevel": { + "type": "string" + }, "networkPolicy": { "enabled": { "type": "boolean" @@ -32,8 +35,41 @@ }, "type": "object" }, - "logLevel": { - "type": "string" + "pod": { + "properties": { + "affinity": { + "properties": {}, + "type": [ + "object" + ] + }, + "annotations": { + "properties": {}, + "type": [ + "object" + ] + }, + "labels": { + "properties": {}, + "type": [ + "object" + ] + }, + "resources": { + "properties": {}, + "type": [ + "object" + ] + }, + "tolerations": { + "type": [ + "array" + ] + } + }, + "type": [ + "object" + ] }, "replicas": { "type": "integer" @@ -190,6 +226,42 @@ "type": [ "boolean" ] + }, + "pod": { + "properties": { + "affinity": { + "properties": {}, + "type": [ + "object" + ] + }, + "annotations": { + "properties": {}, + "type": [ + "object" + ] + }, + "labels": { + "properties": {}, + "type": [ + "object" + ] + }, + "resources": { + "properties": {}, + "type": [ + "object" + ] + }, + "tolerations": { + "type": [ + "array" + ] + } + }, + "type": [ + "object" + ] } }, "required": [ diff --git a/charts/cloud-security/kubernetes-cluster/values.yaml b/charts/cloud-security/kubernetes-cluster/values.yaml index f70a3e9..ebabd43 100644 --- a/charts/cloud-security/kubernetes-cluster/values.yaml +++ b/charts/cloud-security/kubernetes-cluster/values.yaml @@ -4,10 +4,16 @@ admissionController: containerImagePullSecrets: [] enabled: false healthPort: 9090 + logLevel: "information" networkPolicy: enabled: false ingress: {} - logLevel: "information" + pod: + affinity: {} + annotations: {} + labels: {} + resources: {} + tolerations: [] replicas: 3 webhook: failurePolicy: Ignore @@ -25,7 +31,12 @@ pod: affinity: {} annotations: {} labels: {} - resources: {} + resources: + limits: + cpu: "100m" + memory: "256Mi" + requests: + memory: "150Mi" tolerations: [] resourceNamePrefix: kubernetes-cluster sensor: @@ -33,3 +44,16 @@ sensor: containerImagePullSecrets: [] dataPath: "/var/lib/tenable" enabled: false + pod: + affinity: {} + annotations: {} + labels: {} + resources: + limits: + cpu: "1" + memory: "1Gi" + requests: + cpu: "300m" + memory: "256Mi" + tolerations: [] + diff --git a/index.yaml b/index.yaml index 9b8a8b6..ddab58e 100644 --- a/index.yaml +++ b/index.yaml @@ -3,7 +3,7 @@ entries: cloud-security-endpoint-connector: - apiVersion: v2 appVersion: 1.0.0 - created: "2025-01-12T11:19:24.41653+02:00" + created: "2025-01-12T12:50:28.999508+02:00" description: Tenable Cloud Security endpoint connector digest: 8764bd4436e59994aae1ddb8bd17074cf3dc86cbb228fe5f87d92013c280f01e name: cloud-security-endpoint-connector @@ -13,7 +13,7 @@ entries: version: 1.0.1 - apiVersion: v2 appVersion: 1.0.0 - created: "2025-01-12T11:19:24.416384+02:00" + created: "2025-01-12T12:50:28.999112+02:00" description: Tenable Cloud Security endpoint connector digest: f76126432c5b731ba2c740261fa68df2cb76a0ec165d92ac63422069faba482d name: cloud-security-endpoint-connector @@ -24,9 +24,9 @@ entries: cloud-security-kubernetes-cluster: - apiVersion: v2 appVersion: 1.0.0 - created: "2025-01-12T11:19:24.418323+02:00" + created: "2025-01-12T12:50:29.001302+02:00" description: Tenable Cloud Security Kubernetes cluster - digest: ad464f2d0e0ddbe4357305e0f7cf4bf4ee94ddb52c11b110756add74785ec359 + digest: ce49659bbf8178e5e243eae6b3caff9ca11e6b5e0b49b6e48e5d11d6042634a8 name: cloud-security-kubernetes-cluster type: application urls: @@ -34,7 +34,7 @@ entries: version: 1.0.3 - apiVersion: v2 appVersion: 1.0.0 - created: "2025-01-12T11:19:24.417898+02:00" + created: "2025-01-12T12:50:29.00089+02:00" description: Tenable Cloud Security Kubernetes cluster digest: eb6fc6d9fa739850b620807081f41a4021c5027ee8fd4d6a78575441333bba50 name: cloud-security-kubernetes-cluster @@ -44,7 +44,7 @@ entries: version: 1.0.2 - apiVersion: v2 appVersion: 1.0.0 - created: "2025-01-12T11:19:24.4171+02:00" + created: "2025-01-12T12:50:29.00041+02:00" description: Tenable Cloud Security Kubernetes cluster digest: d0a8ef90891e1c3819cbb6ff61ffc4877a1960f13efb5d07b1694af88bd082da name: cloud-security-kubernetes-cluster @@ -54,7 +54,7 @@ entries: version: 1.0.1 - apiVersion: v2 appVersion: 1.0.0 - created: "2025-01-12T11:19:24.416816+02:00" + created: "2025-01-12T12:50:28.999962+02:00" description: Tenable Cloud Security Kubernetes cluster digest: d3a10afef3c6ad775f3cf9ad1b6f23ee22adcf806f4d22ce7cfea08866cb02c7 name: cloud-security-kubernetes-cluster @@ -65,7 +65,7 @@ entries: cloud-security-kubernetes-cluster-connector: - apiVersion: v2 appVersion: 1.4.0 - created: "2025-01-12T11:19:24.418755+02:00" + created: "2025-01-12T12:50:29.002831+02:00" description: Tenable Cloud Security Kubernetes cluster connector digest: 0ab0f542e3e3571cee1f432683fa046e35ac7928beaa1e67da8c7a604b7f0acb name: cloud-security-kubernetes-cluster-connector @@ -75,7 +75,7 @@ entries: version: 1.4.1 - apiVersion: v2 appVersion: 1.4.0 - created: "2025-01-12T11:19:24.418535+02:00" + created: "2025-01-12T12:50:29.001533+02:00" description: Tenable Cloud Security Kubernetes cluster connector digest: 35536b2a177aa01db6a7b505b7f23a0047bc7c73fa74d57e4e8cc763717a40f6 name: cloud-security-kubernetes-cluster-connector @@ -86,7 +86,7 @@ entries: securitycenter: - apiVersion: v2 appVersion: 6.5.1 - created: "2025-01-12T11:19:24.419491+02:00" + created: "2025-01-12T12:50:29.004001+02:00" description: A Helm chart to deploy Tenable Security Center into Kubernetes clusters digest: c68220daa321e7a8c761cda09484de8828beead03f78030651332ea53b67495b home: https://www.tenable.com @@ -102,7 +102,7 @@ entries: version: 1.4.0 - apiVersion: v2 appVersion: 6.4.5 - created: "2025-01-12T11:19:24.419309+02:00" + created: "2025-01-12T12:50:29.003815+02:00" description: A Helm chart to deploy Tenable Security Center into Kubernetes clusters digest: 28a6a2c258203ee3838661cc169013de8dd743fd28b24ce52e2ef9801139ca9c home: https://www.tenable.com @@ -118,7 +118,7 @@ entries: version: 1.3.0 - apiVersion: v2 appVersion: 6.4.0 - created: "2025-01-12T11:19:24.419138+02:00" + created: "2025-01-12T12:50:29.00344+02:00" description: A Helm chart to deploy Tenable Security Center into Kubernetes clusters digest: 977a598f7464c7cf4db5eb1e54bd977d7ae0998f014bdb4d215f6d9ac9e618c8 home: https://www.tenable.com @@ -134,7 +134,7 @@ entries: version: 1.2.0 - apiVersion: v2 appVersion: 6.3.0 - created: "2025-01-12T11:19:24.418958+02:00" + created: "2025-01-12T12:50:29.003188+02:00" description: A Helm chart to deploy Tenable Security Center into Kubernetes clusters digest: 416c00aca31dc6505e6e9d6bc9791436bb3791077c06ea5d83b7f42b047b2947 home: https://www.tenable.com @@ -151,7 +151,7 @@ entries: tenable-endpoint-connector: - apiVersion: v2 appVersion: 1.0.0 - created: "2025-01-12T11:19:24.419622+02:00" + created: "2025-01-12T12:50:29.004152+02:00" description: Tenable Cloud Security endpoint connector digest: 287c70490e944b4ab916afa430d3068dd41632f8e82f0a581ae32f423cdef5e2 name: tenable-endpoint-connector @@ -162,7 +162,7 @@ entries: tenable-kubernetes-cluster-connector: - apiVersion: v2 appVersion: 1.3.0 - created: "2025-01-12T11:19:24.419824+02:00" + created: "2025-01-12T12:50:29.004364+02:00" description: Tenable Cloud Security Kubernetes cluster connector digest: 29b57f0eaf7e0532cc773bd00466665672ad9992d37680bcfe94bb36c125ced2 name: tenable-kubernetes-cluster-connector @@ -173,7 +173,7 @@ entries: tes-operator: - apiVersion: v2 appVersion: 1.2.0 - created: "2025-01-12T11:19:24.421675+02:00" + created: "2025-01-12T12:50:29.006735+02:00" description: Tenable Enclave Security operator digest: 0fef0ed4cc3de4b4b5c5c7dfd619fe4ca0b0efef05414843d0a4c890d3aaed98 name: tes-operator @@ -183,7 +183,7 @@ entries: version: 1.2.0 - apiVersion: v2 appVersion: 1.0.4 - created: "2025-01-12T11:19:24.421375+02:00" + created: "2025-01-12T12:50:29.006348+02:00" description: Tenable Enclave Security operator digest: 468a943407a9ba38d615426be86d233f3ff6f51dbe01ca9d44d5e0473fd7f6e4 name: tes-operator @@ -193,7 +193,7 @@ entries: version: 1.0.4 - apiVersion: v2 appVersion: 1.0.3 - created: "2025-01-12T11:19:24.421062+02:00" + created: "2025-01-12T12:50:29.006064+02:00" description: Tenable Enclave Security operator digest: 3462f7c615c33b6425e18b02c64aa5d7ff86858ff14216e858bfad946eafa1b0 name: tes-operator @@ -203,7 +203,7 @@ entries: version: 1.0.3 - apiVersion: v2 appVersion: 1.0.2 - created: "2025-01-12T11:19:24.420755+02:00" + created: "2025-01-12T12:50:29.005649+02:00" description: Tenable Enclave Security operator digest: 34eae1d86fb86480d53ee7927b86b1027e101cff82806e7772beab9bb3372d7d name: tes-operator @@ -213,7 +213,7 @@ entries: version: 1.0.2 - apiVersion: v2 appVersion: 1.0.1 - created: "2025-01-12T11:19:24.42045+02:00" + created: "2025-01-12T12:50:29.005238+02:00" description: Tenable Enclave Security operator digest: 05920b8d204c40af3f5c51c039f146099a9117532cf3a3b3d091c839837b4bbd name: tes-operator @@ -223,7 +223,7 @@ entries: version: 1.0.1 - apiVersion: v2 appVersion: 1.0.0 - created: "2025-01-12T11:19:24.420144+02:00" + created: "2025-01-12T12:50:29.004795+02:00" description: Tenable Enclave Security operator digest: 4281f28edc8c9e1224bb467365eb724ebe2a92266168be6c7e4c5b0fe9dfac20 name: tes-operator @@ -231,4 +231,4 @@ entries: urls: - releases/tes-operator-1.0.0.tgz version: 1.0.0 -generated: "2025-01-12T11:19:24.41616+02:00" +generated: "2025-01-12T12:50:28.998659+02:00" diff --git a/releases/cloud-security-kubernetes-cluster-1.0.3.tgz b/releases/cloud-security-kubernetes-cluster-1.0.3.tgz index 4084651..3b2f83e 100644 Binary files a/releases/cloud-security-kubernetes-cluster-1.0.3.tgz and b/releases/cloud-security-kubernetes-cluster-1.0.3.tgz differ