diff --git a/charts/kspm-collector/Chart.yaml b/charts/kspm-collector/Chart.yaml index f20b1f60e..9e99de2fd 100644 --- a/charts/kspm-collector/Chart.yaml +++ b/charts/kspm-collector/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: kspm-collector description: Sysdig KSPM collector -version: 0.13.0 +version: 0.14.0 appVersion: 1.38.0 keywords: diff --git a/charts/kspm-collector/README.md b/charts/kspm-collector/README.md index 42f149bbc..83c175c83 100644 --- a/charts/kspm-collector/README.md +++ b/charts/kspm-collector/README.md @@ -71,6 +71,7 @@ The following table lists the configurable parameters of the Sysdig KSPM Collect | `os` | Specifies the allowed operating systems for scheduling. | `[ linux ]` | | `affinity` | Specifies the node affinities. Overrides `arch` and `os` values. | `{}` | | `labels` | Specifies the KSPM collector specific labels as a multi-line templated string map or as YAML. | `{}` | +| `annotations` | Specifies the deployment annotations as a multi-line templated string map or as YAML. | `{}` | | `podAnnotations` | Specifies the pod annotations as a multi-line templated string map or as YAML. | `{}` | | `port` | Specifies the KSPM collector port for health checks. | `8080` | | `psp.create` | Creates Pod Security Policy to allow the KSPM collector running in PSP-enabled clusters. | `true` | diff --git a/charts/kspm-collector/templates/deployment.yaml b/charts/kspm-collector/templates/deployment.yaml index 461c5ff1c..568f8811f 100644 --- a/charts/kspm-collector/templates/deployment.yaml +++ b/charts/kspm-collector/templates/deployment.yaml @@ -6,6 +6,10 @@ metadata: labels: app.kubernetes.io/name: {{ include "kspmCollector.name" . }} {{ include "kspmCollector.labels" . | indent 4 }} + {{- with .Values.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} spec: replicas: {{ .Values.replicas }} selector: @@ -16,11 +20,11 @@ spec: metadata: labels: app.kubernetes.io/name: {{ include "kspmCollector.name" . }} + {{- include "kspmCollector.labels" . | nindent 8 }} {{- with .Values.podAnnotations }} annotations: {{- toYaml . | nindent 8 }} {{- end }} -{{ include "kspmCollector.labels" . | indent 8 }} spec: serviceAccountName: {{ template "kspmCollector.serviceAccountName" .}} securityContext: diff --git a/charts/kspm-collector/tests/deployment_annotation_test.yaml b/charts/kspm-collector/tests/deployment_annotation_test.yaml new file mode 100644 index 000000000..dba5093b7 --- /dev/null +++ b/charts/kspm-collector/tests/deployment_annotation_test.yaml @@ -0,0 +1,37 @@ +suite: Deployment annotation test +templates: + - deployment.yaml +tests: + - it: check that the deployment do not have any custom annotation if not specified + set: + sysdig: + accessKey: AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE + asserts: + - isNull: + path: metadata.annotations + + - it: check that the deployment include the annotation + set: + sysdig: + accessKey: AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE + annotations: + my-annotation: my-value + asserts: + - exists: + path: metadata.annotations + + - it: check that the deployment include the annotation match the value we specified + set: + sysdig: + accessKey: AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE + annotations: + my-annotation-1: my-value-1 + my-annotation-2: my-value-2 + asserts: + - equal: + path: metadata.annotations['my-annotation-1'] + value: my-value-1 + + - equal: + path: metadata.annotations['my-annotation-2'] + value: my-value-2 diff --git a/charts/kspm-collector/tests/deployment_labels_test.yaml b/charts/kspm-collector/tests/deployment_labels_test.yaml new file mode 100644 index 000000000..813daa20c --- /dev/null +++ b/charts/kspm-collector/tests/deployment_labels_test.yaml @@ -0,0 +1,44 @@ +suite: Deployment label test +templates: + - deployment.yaml +tests: + - it: check that the deployment do not have any custom labels if not specified + set: + sysdig: + accessKey: AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE + asserts: + - isNotNull: + path: spec.template.metadata.labels['app.kubernetes.io/name'] + - isNotNull: + path: spec.template.metadata.labels['helm.sh/chart'] + - isNotNull: + path: spec.template.metadata.labels['app.kubernetes.io/instance'] + - isNotNull: + path: spec.template.metadata.labels['app.kubernetes.io/version'] + - isNotNull: + path: spec.template.metadata.labels['app.kubernetes.io/managed-by'] + + - it: check that the deployment do not have custom labels when specified + set: + sysdig: + accessKey: AAAAAAAA-BBBB-CCCC-DDDD-EEEEEEEEEEEE + labels: + mylabel1: test1 + mylabel2: test2 + asserts: + - isNotNull: + path: spec.template.metadata.labels['app.kubernetes.io/name'] + - isNotNull: + path: spec.template.metadata.labels['helm.sh/chart'] + - isNotNull: + path: spec.template.metadata.labels['app.kubernetes.io/instance'] + - isNotNull: + path: spec.template.metadata.labels['app.kubernetes.io/version'] + - isNotNull: + path: spec.template.metadata.labels['app.kubernetes.io/managed-by'] + - equal: + path: spec.template.metadata.labels.mylabel1 + value: test1 + - equal: + path: spec.template.metadata.labels.mylabel2 + value: test2 diff --git a/charts/kspm-collector/values.yaml b/charts/kspm-collector/values.yaml index 314640ebd..8af8aba12 100644 --- a/charts/kspm-collector/values.yaml +++ b/charts/kspm-collector/values.yaml @@ -172,6 +172,8 @@ affinity: {} labels: {} +annotations: {} + podAnnotations: {} ssl: diff --git a/charts/sysdig-deploy/Chart.yaml b/charts/sysdig-deploy/Chart.yaml index 4aa684c78..a8cd4a617 100644 --- a/charts/sysdig-deploy/Chart.yaml +++ b/charts/sysdig-deploy/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: sysdig-deploy description: A chart with various Sysdig components for Kubernetes type: application -version: 1.42.3 +version: 1.43.0 maintainers: - name: AlbertoBarba email: alberto.barba@sysdig.com @@ -48,7 +48,7 @@ dependencies: - name: kspm-collector # repository: https://charts.sysdig.com repository: file://../kspm-collector - version: ~0.13.0 + version: ~0.14.0 alias: kspmCollector condition: global.kspm.deploy - name: rapid-response