Merge branch 'master' into ddl-na-debug-flag

charts/cluster-scanner/CHANGELOG.md

@@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used
 exclusively to fix incorrect entries and not to add new ones.
 
 ## Change Log
+# v0.7.2
+### Bug Fixes
+* **cluster-scanner** [9b3864ff](https://github.com/sysdiglabs/charts/commit/9b3864fffdc9e8b7e8fdc96f8ed4902f945c34c7): removed unneeded version compatibility checks ([#1404](https://github.com/sysdiglabs/charts/issues/1404))
 # v0.7.1
 ### Bug Fixes
 * **common,agent,admission-controller,cluster-scanner,kspm-collector,node-analyzer,rapid-response** [e76f1c17](https://github.com/sysdiglabs/charts/commit/e76f1c17e48491dd8ea21293ec1fed2619eed204): Update Sysdig CA ([#1393](https://github.com/sysdiglabs/charts/issues/1393))

charts/cluster-scanner/Chart.yaml

@@ -4,7 +4,7 @@ description: Sysdig Cluster Scanner
 
 type: application
 
-version: 0.7.1
+version: 0.7.2
 
 appVersion: "0.1.0"
 home: https://www.sysdig.com/

charts/cluster-scanner/README.md

@@ -25,7 +25,7 @@ $ pre-commit run -a
 $ helm repo add sysdig https://charts.sysdig.com
 $ helm repo update
 $ helm upgrade --install sysdig-cluster-scanner sysdig/cluster-scanner \
-      --create-namespace -n sysdig --version=0.7.1  \
+      --create-namespace -n sysdig --version=0.7.2  \
       --set global.clusterConfig.name=CLUSTER_NAME \
       --set global.sysdig.region=SYSDIG_REGION \
       --set global.sysdig.accessKey=YOUR-KEY-HERE
@@ -55,7 +55,7 @@ To install the chart with the release name `cluster-scanner`, run:
 
 ```console
 $ helm upgrade --install sysdig-cluster-scanner sysdig/cluster-scanner \
-       --create-namespace -n sysdig --version=0.7.1 \
+       --create-namespace -n sysdig --version=0.7.2 \
        --set global.clusterConfig.name=CLUSTER_NAME \
        --set global.sysdig.region=SYSDIG_REGION \
        --set global.sysdig.accessKey=YOUR-KEY-HERE
@@ -161,7 +161,7 @@ Specify each parameter using the **`--set key=value[,key=value]`** argument to `
 
 ```console
 $ helm upgrade --install sysdig-cluster-scanner sysdig/cluster-scanner \
-    --create-namespace -n sysdig --version=0.7.1 \
+    --create-namespace -n sysdig --version=0.7.2 \
     --set global.sysdig.region="us1"
 ```
 
@@ -170,7 +170,7 @@ installing the chart. For example:
 
 ```console
 $ helm upgrade --install sysdig-cluster-scanner sysdig/cluster-scanner \
-    --create-namespace -n sysdig --version=0.7.1 \
+    --create-namespace -n sysdig --version=0.7.2 \
     --values values.yaml
 ```
 

charts/cluster-scanner/RELEASE-NOTES.md

@@ -1,5 +1,5 @@
 # What's Changed
 
 ### Bug Fixes
-- **common,agent,admission-controller,cluster-scanner,kspm-collector,node-analyzer,rapid-response** [e76f1c17](https://github.com/sysdiglabs/charts/commit/e76f1c17e48491dd8ea21293ec1fed2619eed204): Update Sysdig CA ([#1393](https://github.com/sysdiglabs/charts/issues/1393))
-#### Full diff: https://github.com/sysdiglabs/charts/compare/cluster-scanner-0.7.0...cluster-scanner-0.7.1
+- **cluster-scanner** [9b3864ff](https://github.com/sysdiglabs/charts/commit/9b3864fffdc9e8b7e8fdc96f8ed4902f945c34c7): removed unneeded version compatibility checks ([#1404](https://github.com/sysdiglabs/charts/issues/1404))
+#### Full diff: https://github.com/sysdiglabs/charts/compare/cluster-scanner-0.7.1...cluster-scanner-0.7.2

charts/cluster-scanner/templates/_helpers.tpl

@@ -205,31 +205,6 @@ Define the proper imageRegistry to use for imageSbomExtractor
 {{- end -}}
 {{- end -}}
 
-{{/*
-Cluster scanner version compatibility check.
-
-If .Values.onPremCompatibilityVersion is set to a version below 6.6.0, it checks whether
-the provided tag is < 0.5.0 .
-
-Otherwise, it checks if the provided tag is >= 0.5.0 .
-
-Version tags must be semver2-compatible otherwise no check will be performed.
-*/}}
-{{- define "cluster-scanner.checkVersionCompatibility" -}}
-{{- if regexMatch "^[0-9]+\\.[0-9]+\\.[0-9]+.*" .Tag -}}
-    {{- $version := .Tag -}}
-    {{- if ( semverCompare "< 6.6.0" ( .Values.onPremCompatibilityVersion | default "6.6.0" )) -}}
-        {{- if not ( semverCompare "< 0.5.0" $version ) -}}
-            {{- fail (printf "incompatible version for %s, set %s expected < 0.5.0" .Component .Tag) -}}
-        {{- end -}}
-    {{- else -}}
-        {{- if not ( semverCompare ">= 0.5.0" $version ) -}}
-            {{- fail (printf "incompatible version for %s, set %s expected >= 0.5.0" .Component .Tag) -}}
-        {{- end -}}
-    {{- end -}}
-{{- end -}}
-{{- end -}}
-
 {{/*
 Generates configmap data to enable platform services if onPremCompatibility version is not set, or it is greater than 6.6.0
 */}}
@@ -244,7 +219,6 @@ Return the proper image name for the Runtime Status Integrator
 */}}
 {{- define "cluster-scanner.runtimeStatusIntegrator.image" -}}
     {{- $data := dict "Values" .Values "Tag" .Values.runtimeStatusIntegrator.image.tag "Component" "runtimeStatusIntegrator.image.tag" -}}
-    {{- include "cluster-scanner.checkVersionCompatibility" $data -}}
     {{- include "cluster-scanner.runtimeStatusIntegrator.imageRegistry" . -}} / {{- .Values.runtimeStatusIntegrator.image.repository -}} : {{- .Values.runtimeStatusIntegrator.image.tag -}}
 {{- end -}}
 
@@ -254,7 +228,6 @@ Return the proper image name for the Image Sbom Extractor
 {{- define "cluster-scanner.imageSbomExtractor.image" -}}
     {{- $data := dict "Values" .Values "Tag" .Values.imageSbomExtractor.image.tag -}}
     {{- $data := dict "Values" .Values "Tag" .Values.imageSbomExtractor.image.tag "Component" "imageSbomExtractor.image.tag" -}}
-    {{- include "cluster-scanner.checkVersionCompatibility" $data -}}
     {{- include "cluster-scanner.imageSbomExtractor.imageRegistry" . -}} / {{- .Values.imageSbomExtractor.image.repository -}} : {{- .Values.imageSbomExtractor.image.tag -}}
 {{- end -}}
 

charts/cluster-scanner/tests/configmap_test.yaml

@@ -358,6 +358,14 @@ tests:
       - isNull:
           path: data.enable_platform_services
 
+  - it: "has correct platform services value when onPremCompatibilityVersion is = 6.5"
+    set:
+      global.sysdig.apiHost: "http://test.com"
+      onPremCompatibilityVersion: "6.5"
+    asserts:
+      - isNull:
+          path: data.enable_platform_services
+
   - it: "has correct platform services value when onPremCompatibilityVersion is = 6.6.0"
     set:
       global.sysdig.apiHost: "http://test.com"
@@ -367,6 +375,15 @@ tests:
           path: data.enable_platform_services
           value: "true"
 
+  - it: "has correct platform services value when onPremCompatibilityVersion is just a major.minor version"
+    set:
+      global.sysdig.apiHost: "http://test.com"
+      onPremCompatibilityVersion: "6.6"
+    asserts:
+      - equal:
+          path: data.enable_platform_services
+          value: "true"
+
   - it: "has correct platform services value when onPremCompatibilityVersion is > 6.6.0"
     set:
       global.sysdig.apiHost: "http://test.com"
@@ -375,3 +392,12 @@ tests:
       - equal:
           path: data.enable_platform_services
           value: "true"
+
+
+  - it: "fails if onPremCompatibilityVersion is not a valid semver"
+    set:
+      global.sysdig.apiHost: "http://test.com"
+      onPremCompatibilityVersion: "gigimarzullo"
+    asserts:
+      - failedTemplate:
+          errorMessage: "Invalid Semantic Version"

charts/cluster-scanner/tests/deployment_test.yaml

@@ -181,218 +181,6 @@ tests:
                 name: test-release-cluster-scanner
                 optional: true
 
-  - it: "fails if the onPremCompatibilityVersion is not set and the runtimeStatusIntegrator version is incorrect"
-    templates:
-      - ../templates/deployment.yaml
-    set:
-      runtimeStatusIntegrator.image.tag: "0.3.4"
-      imageSbomExtractor.image.tag: "1.3.4"
-    asserts:
-      - failedTemplate:
-          errorMessage: "incompatible version for runtimeStatusIntegrator.image.tag, set 0.3.4 expected >= 0.5.0"
-
-  - it: "fails if the onPremCompatibilityVersion is not set and the imageSbomExtractor version is incorrect"
-    templates:
-      - ../templates/deployment.yaml
-    set:
-      runtimeStatusIntegrator.image.tag: "1.3.4"
-      imageSbomExtractor.image.tag: "0.1.0"
-    asserts:
-      - failedTemplate:
-          errorMessage: "incompatible version for imageSbomExtractor.image.tag, set 0.1.0 expected >= 0.5.0"
-
-  - it: "fails if the onPremCompatibilityVersion is set to 6.2 and the runtimeStatusIntegrator version is incorrect"
-    templates:
-      - ../templates/deployment.yaml
-    set:
-      onPremCompatibilityVersion: "6.2"
-      runtimeStatusIntegrator.image.tag: "4.3.4"
-      imageSbomExtractor.image.tag: "0.3.4"
-    asserts:
-      - failedTemplate:
-          errorMessage: "incompatible version for runtimeStatusIntegrator.image.tag, set 4.3.4 expected < 0.5.0"
-
-  - it: "fails if the onPremCompatibilityVersion is set to 6.2 and the imageSbomExtractor version is incorrect"
-    templates:
-      - ../templates/deployment.yaml
-    set:
-      onPremCompatibilityVersion: "6.2"
-      runtimeStatusIntegrator.image.tag: "0.0.1"
-      imageSbomExtractor.image.tag: "6.1.0"
-    asserts:
-      - failedTemplate:
-          errorMessage: "incompatible version for imageSbomExtractor.image.tag, set 6.1.0 expected < 0.5.0"
-
-  - it: "fails if the onPremCompatibilityVersion is set to 6.3 and the runtimeStatusIntegrator version is incorrect"
-    templates:
-      - ../templates/deployment.yaml
-    set:
-      onPremCompatibilityVersion: "6.3"
-      runtimeStatusIntegrator.image.tag: "4.3.4"
-      imageSbomExtractor.image.tag: "0.3.4"
-    asserts:
-      - failedTemplate:
-          errorMessage: "incompatible version for runtimeStatusIntegrator.image.tag, set 4.3.4 expected < 0.5.0"
-
-  - it: "fails if the onPremCompatibilityVersion is set to 6.3 and the imageSbomExtractor version is incorrect"
-    templates:
-      - ../templates/deployment.yaml
-    set:
-      onPremCompatibilityVersion: "6.3"
-      runtimeStatusIntegrator.image.tag: "0.0.1"
-      imageSbomExtractor.image.tag: "6.1.0"
-    asserts:
-      - failedTemplate:
-          errorMessage: "incompatible version for imageSbomExtractor.image.tag, set 6.1.0 expected < 0.5.0"
-
-  - it: "fails if the onPremCompatibilityVersion is set to 6.6 and the runtimeStatusIntegrator version is incorrect"
-    templates:
-      - ../templates/deployment.yaml
-    set:
-      onPremCompatibilityVersion: "6.6"
-      runtimeStatusIntegrator.image.tag: "0.3.4"
-      imageSbomExtractor.image.tag: "1.3.4"
-    asserts:
-      - failedTemplate:
-          errorMessage: "incompatible version for runtimeStatusIntegrator.image.tag, set 0.3.4 expected >= 0.5.0"
-
-  - it: "fails if the onPremCompatibilityVersion is set to 6.6 and the imageSbomExtractor version is incorrect"
-    templates:
-      - ../templates/deployment.yaml
-    set:
-      onPremCompatibilityVersion: "6.6"
-      runtimeStatusIntegrator.image.tag: "1.3.4"
-      imageSbomExtractor.image.tag: "0.1.0"
-    asserts:
-      - failedTemplate:
-          errorMessage: "incompatible version for imageSbomExtractor.image.tag, set 0.1.0 expected >= 0.5.0"
-
-  - it: "fails if the onPremCompatibilityVersion is set to 6.7 and the runtimeStatusIntegrator version is incorrect"
-    templates:
-      - ../templates/deployment.yaml
-    set:
-      onPremCompatibilityVersion: "6.7"
-      runtimeStatusIntegrator.image.tag: "0.3.4"
-      imageSbomExtractor.image.tag: "1.3.4"
-    asserts:
-      - failedTemplate:
-          errorMessage: "incompatible version for runtimeStatusIntegrator.image.tag, set 0.3.4 expected >= 0.5.0"
-
-  - it: "fails if the onPremCompatibilityVersion is set to 6.7 and the imageSbomExtractor version is incorrect"
-    templates:
-      - ../templates/deployment.yaml
-    set:
-      onPremCompatibilityVersion: "6.7"
-      runtimeStatusIntegrator.image.tag: "1.3.4"
-      imageSbomExtractor.image.tag: "0.1.0"
-    asserts:
-      - failedTemplate:
-          errorMessage: "incompatible version for imageSbomExtractor.image.tag, set 0.1.0 expected >= 0.5.0"
-
-  - it: "succeeds if the onPremCompatibilityVersion is not set and the runtimeStatusIntegrator and imageSbomExtractor versions are correct"
-    templates:
-      - ../templates/deployment.yaml
-    set:
-      runtimeStatusIntegrator.image.tag: "2.3.4"
-      imageSbomExtractor.image.tag: "0.5.0"
-    asserts:
-      - equal:
-          path: spec.template.spec.containers[0].image
-          value: quay.io/sysdig/runtime-status-integrator:2.3.4
-      - equal:
-          path: spec.template.spec.containers[1].image
-          value: quay.io/sysdig/image-sbom-extractor:0.5.0
-
-  - it: "succeeds if the onPremCompatibilityVersion is set to 6.2 and the runtimeStatusIntegrator and imageSbomExtractor versions are correct"
-    templates:
-      - ../templates/deployment.yaml
-    set:
-      onPremCompatibilityVersion: "6.2"
-      runtimeStatusIntegrator.image.tag: "0.3.4"
-      imageSbomExtractor.image.tag: "0.4.10"
-    asserts:
-      - equal:
-          path: spec.template.spec.containers[0].image
-          value: quay.io/sysdig/runtime-status-integrator:0.3.4
-      - equal:
-          path: spec.template.spec.containers[1].image
-          value: quay.io/sysdig/image-sbom-extractor:0.4.10
-
-  - it: "succeeds if the onPremCompatibilityVersion is set to 6.3 and the runtimeStatusIntegrator and imageSbomExtractor versions are correct"
-    templates:
-      - ../templates/deployment.yaml
-    set:
-      onPremCompatibilityVersion: "6.3"
-      runtimeStatusIntegrator.image.tag: "0.3.4"
-      imageSbomExtractor.image.tag: "0.4.10"
-    asserts:
-      - equal:
-          path: spec.template.spec.containers[0].image
-          value: quay.io/sysdig/runtime-status-integrator:0.3.4
-      - equal:
-          path: spec.template.spec.containers[1].image
-          value: quay.io/sysdig/image-sbom-extractor:0.4.10
-
-  - it: "succeeds if the onPremCompatibilityVersion is set to 6.6 and the runtimeStatusIntegrator and imageSbomExtractor versions are correct"
-    templates:
-      - ../templates/deployment.yaml
-    set:
-      onPremCompatibilityVersion: "6.6"
-      runtimeStatusIntegrator.image.tag: "2.3.4"
-      imageSbomExtractor.image.tag: "0.5.0"
-    asserts:
-      - equal:
-          path: spec.template.spec.containers[0].image
-          value: quay.io/sysdig/runtime-status-integrator:2.3.4
-      - equal:
-          path: spec.template.spec.containers[1].image
-          value: quay.io/sysdig/image-sbom-extractor:0.5.0
-
-  - it: "succeeds if the onPremCompatibilityVersion is set to 6.7 and the runtimeStatusIntegrator and imageSbomExtractor versions are correct"
-    templates:
-      - ../templates/deployment.yaml
-    set:
-      onPremCompatibilityVersion: "6.7"
-      runtimeStatusIntegrator.image.tag: "2.3.4"
-      imageSbomExtractor.image.tag: "0.5.0"
-    asserts:
-      - equal:
-          path: spec.template.spec.containers[0].image
-          value: quay.io/sysdig/runtime-status-integrator:2.3.4
-      - equal:
-          path: spec.template.spec.containers[1].image
-          value: quay.io/sysdig/image-sbom-extractor:0.5.0
-
-  - it: "succeeds if the runtimeStatusIntegrator version is not a semver and the onPremCompatibilityVersion is 6.4"
-    templates:
-      - ../templates/deployment.yaml
-    set:
-      onPremCompatibilityVersion: "6.4"
-      runtimeStatusIntegrator.image.tag: "unstable-rc"
-      imageSbomExtractor.image.tag: "0.4.9"
-    asserts:
-      - equal:
-          path: spec.template.spec.containers[0].image
-          value: quay.io/sysdig/runtime-status-integrator:unstable-rc
-      - equal:
-          path: spec.template.spec.containers[1].image
-          value: quay.io/sysdig/image-sbom-extractor:0.4.9
-
-  - it: "succeeds if the imageSbomExtractor version is not a semver and the onPremCompatibilityVersion is 6.6"
-    templates:
-      - ../templates/deployment.yaml
-    set:
-      onPremCompatibilityVersion: "6.6"
-      runtimeStatusIntegrator.image.tag: "1.3.5"
-      imageSbomExtractor.image.tag: "3bc59a4958d15dfa6afed20dfd2459e268b4cda8"
-    asserts:
-      - equal:
-          path: spec.template.spec.containers[0].image
-          value: quay.io/sysdig/runtime-status-integrator:1.3.5
-      - equal:
-          path: spec.template.spec.containers[1].image
-          value: quay.io/sysdig/image-sbom-extractor:3bc59a4958d15dfa6afed20dfd2459e268b4cda8
-
   - it: "correctly sets the CLUSTERSCANNER_PLATFORM_ENABLED env var"
     templates:
       - ../templates/deployment.yaml

charts/kspm-collector/CHANGELOG.md

@@ -10,6 +10,9 @@ Manual edits are supported only below '## Change Log' and should be used
 exclusively to fix incorrect entries and not to add new ones.
 
 ## Change Log
+# v0.8.4
+### New Features
+* **kspm-collector,node-analyzer** [660e610d](https://github.com/sysdiglabs/charts/commit/660e610d475cdac3b9d2c51da4af0a01abce31f6): add support for NATS_MAX_RECONNECT variable ([#1400](https://github.com/sysdiglabs/charts/issues/1400))
 # v0.8.3
 ### Bug Fixes
 * **kspm-collector,node-analyzer** [67f042fd](https://github.com/sysdiglabs/charts/commit/67f042fd9ebb72cd121751d46fb96f7c3ad539ba): add debug logs to cloud platform metadata loading ([#1398](https://github.com/sysdiglabs/charts/issues/1398))
@@ -105,7 +108,7 @@ exclusively to fix incorrect entries and not to add new ones.
 # v0.1.35
 ### New Features
 * **kspm-collector** [d1328c0](https://github.com/sysdiglabs/charts/commit/d1328c02976901a64d91f4e86a2a26035045496c): bumped KSPM Collector to latest version ([#921](https://github.com/sysdiglabs/charts/issues/921))
-# v0.1.34
+# v0.1.33
 ### Bug Fixes
 * **node-analyzer,kspm-collector** [59543e8](https://github.com/sysdiglabs/charts/commit/59543e8da45e1e61f21b2489500fe5452906bca0): Fix security context permission for KSPM components ([#907](https://github.com/sysdiglabs/charts/issues/907))
 # v0.1.33