diff --git a/charts/kubescape-operator/Chart.yaml b/charts/kubescape-operator/Chart.yaml index 2ce4cfab..f3e1620f 100644 --- a/charts/kubescape-operator/Chart.yaml +++ b/charts/kubescape-operator/Chart.yaml @@ -9,14 +9,14 @@ type: application # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.18.16 +version: 1.18.17 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: 1.18.16 +appVersion: 1.18.17 maintainers: - name: Ben Hirschberg diff --git a/charts/kubescape-operator/templates/synchronizer/clusterrole.yaml b/charts/kubescape-operator/templates/synchronizer/clusterrole.yaml index 109a84ac..0dd421b7 100644 --- a/charts/kubescape-operator/templates/synchronizer/clusterrole.yaml +++ b/charts/kubescape-operator/templates/synchronizer/clusterrole.yaml @@ -37,6 +37,9 @@ rules: - apiGroups: ["projectcalico.org"] resources: ["networkpolicies"] verbs: ["get", "list", "watch"] + - apiGroups: ["security.istio.io"] + resources: ["authorizationpolicies"] + verbs: ["get", "list", "watch"] - apiGroups: ["gateway.networking.k8s.io"] resources: ["httproutes", "tcproutes","udproutes"] verbs: ["get", "list", "watch"] diff --git a/charts/kubescape-operator/templates/synchronizer/configmap.yaml b/charts/kubescape-operator/templates/synchronizer/configmap.yaml index af6c1934..8e84a9d3 100644 --- a/charts/kubescape-operator/templates/synchronizer/configmap.yaml +++ b/charts/kubescape-operator/templates/synchronizer/configmap.yaml @@ -176,6 +176,12 @@ data: "resource": "networkpolicies", "strategy": "patch" }, + { + "group": "security.istio.io", + "version": "v1", + "resource": "authorizationpolicies", + "strategy": "patch" + }, { "group": "kubescape.io", "version": "v1", @@ -202,4 +208,4 @@ data: ] } } -{{- end }} \ No newline at end of file +{{- end }} diff --git a/charts/kubescape-operator/tests/__snapshot__/snapshot_test.yaml.snap b/charts/kubescape-operator/tests/__snapshot__/snapshot_test.yaml.snap index 5b0d395d..38f02394 100644 --- a/charts/kubescape-operator/tests/__snapshot__/snapshot_test.yaml.snap +++ b/charts/kubescape-operator/tests/__snapshot__/snapshot_test.yaml.snap @@ -1,6 +1,6 @@ all capabilities: 1: | - raw: "Thank you for installing kubescape-operator version 1.18.16.\nView your cluster's configuration scanning schedule: \n> kubectl -n kubescape get cj kubescape-scheduler -o=jsonpath='{.metadata.name}{\"\\t\"}{.spec.schedule}{\"\\n\"}'\n\nTo change the schedule, set `.spec.schedule`: \n> kubectl -n kubescape edit cj kubescape-scheduler\nView your cluster's image scanning schedule: \n> kubectl -n kubescape get cj kubevuln-scheduler -o=jsonpath='{.metadata.name}{\"\\t\"}{.spec.schedule}{\"\\n\"}' \n\nTo change the schedule, edit `.spec.schedule`: \n> kubectl -n kubescape edit cj kubevuln-scheduler\nView your configuration scan summaries:\n> kubectl get workloadconfigurationscansummaries -A\n\nDetailed reports are also available:\n> kubectl get workloadconfigurationscans -A\n\nView your image vulnerabilities scan summaries:\n> kubectl get vulnerabilitymanifestsummaries -A\n\nDetailed reports are also available:\n> kubectl get vulnerabilitymanifests -A\n\nkubescape-operator generates suggested network policies. To view them: \n> kubectl get generatednetworkpolicies -n \n\n" + raw: "Thank you for installing kubescape-operator version 1.18.17.\nView your cluster's configuration scanning schedule: \n> kubectl -n kubescape get cj kubescape-scheduler -o=jsonpath='{.metadata.name}{\"\\t\"}{.spec.schedule}{\"\\n\"}'\n\nTo change the schedule, set `.spec.schedule`: \n> kubectl -n kubescape edit cj kubescape-scheduler\nView your cluster's image scanning schedule: \n> kubectl -n kubescape get cj kubevuln-scheduler -o=jsonpath='{.metadata.name}{\"\\t\"}{.spec.schedule}{\"\\n\"}' \n\nTo change the schedule, edit `.spec.schedule`: \n> kubectl -n kubescape edit cj kubevuln-scheduler\nView your configuration scan summaries:\n> kubectl get workloadconfigurationscansummaries -A\n\nDetailed reports are also available:\n> kubectl get workloadconfigurationscans -A\n\nView your image vulnerabilities scan summaries:\n> kubectl get vulnerabilitymanifestsummaries -A\n\nDetailed reports are also available:\n> kubectl get vulnerabilitymanifests -A\n\nkubescape-operator generates suggested network policies. To view them: \n> kubectl get generatednetworkpolicies -n \n\n" 2: | apiVersion: batch/v1 kind: CronJob @@ -220,7 +220,7 @@ all capabilities: app: gateway app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: gateway - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 kubescape.io/ignore: "true" kubescape.io/tier: core tier: ks-control-plane @@ -355,7 +355,7 @@ all capabilities: metadata: labels: app: gateway - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 tier: ks-control-plane name: gateway namespace: kubescape @@ -436,7 +436,7 @@ all capabilities: app: grype-offline-db app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: grype-offline-db - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 kubescape.io/tier: core tier: ks-control-plane spec: @@ -628,7 +628,7 @@ all capabilities: app: kollector app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kollector - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 kubescape.io/tier: core tier: ks-control-plane spec: @@ -1027,7 +1027,7 @@ all capabilities: app: kubescape app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubescape - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 kubescape.io/ignore: "true" kubescape.io/tier: core tier: ks-control-plane @@ -1057,7 +1057,7 @@ all capabilities: app: kubescape app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubescape - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -1295,7 +1295,7 @@ all capabilities: metadata: labels: app: kubescape - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 tier: ks-control-plane name: kubescape namespace: kubescape @@ -1563,7 +1563,7 @@ all capabilities: app: kubevuln app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubevuln - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -1921,7 +1921,7 @@ all capabilities: app: node-agent app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: node-agent - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -1988,7 +1988,7 @@ all capabilities: fieldRef: fieldPath: metadata.namespace - name: NodeName - image: quay.io/kubescape/node-agent:v0.2.81 + image: quay.io/kubescape/node-agent:v0.2.85 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -2283,7 +2283,7 @@ all capabilities: app: operator app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: operator - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -2297,7 +2297,7 @@ all capabilities: - 2>&1 env: - name: HELM_RELEASE - value: kubescape-operator-1.18.16 + value: kubescape-operator-1.18.17 - name: GOMEMLIMIT value: 100MiB - name: KS_LOGGER_LEVEL @@ -2591,7 +2591,7 @@ all capabilities: app: otel-collector app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: otel-collector - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 kubescape.io/ignore: "true" kubescape.io/tier: core tier: ks-control-plane @@ -2686,7 +2686,7 @@ all capabilities: metadata: labels: app: otel-collector - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 tier: ks-control-plane name: otel-collector namespace: kubescape @@ -2953,7 +2953,7 @@ all capabilities: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: service-discovery - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 otel: enabled tier: ks-control-plane name: RELEASE-NAME @@ -3258,7 +3258,7 @@ all capabilities: name: cloud-secret - name: OTEL_COLLECTOR_SVC value: otel-collector:4317 - image: quay.io/kubescape/storage:v0.0.85 + image: quay.io/kubescape/storage:v0.0.89 imagePullPolicy: IfNotPresent livenessProbe: tcpSocket: @@ -3465,6 +3465,14 @@ all capabilities: - get - list - watch + - apiGroups: + - security.istio.io + resources: + - authorizationpolicies + verbs: + - get + - list + - watch - apiGroups: - gateway.networking.k8s.io resources: @@ -3501,7 +3509,7 @@ all capabilities: 89: | apiVersion: v1 data: - config.json: |- + config.json: | { "inCluster": { "resources": [ @@ -3667,6 +3675,12 @@ all capabilities: "resource": "networkpolicies", "strategy": "patch" }, + { + "group": "security.istio.io", + "version": "v1", + "resource": "authorizationpolicies", + "strategy": "patch" + }, { "group": "kubescape.io", "version": "v1", @@ -3729,12 +3743,12 @@ all capabilities: checksum/cloud-config: c4dc912bbe62b0d5fd4734206c3cae52f56d766cbc20024182a2bcef09c0ae8e checksum/cloud-secret: 8665d3f0f7282091716b5fbf7356972eb83a5a9e86eb064218d24e9f66612b99 checksum/proxy-config: 30e81a4193016803b4b7985b92028c4797c1e84d317a4b6b3e3a5406139f8847 - checksum/synchronizer-configmap: 737f16e4477c76d1da6e50bea7340999fd7607a74e2121cd9b98e27155f6880f + checksum/synchronizer-configmap: 7994b77dd8208c231ed88a17aaa48d580663b06e17d2138ed8b4ba1d210ca007 labels: app: synchronizer app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: synchronizer - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -3746,7 +3760,7 @@ all capabilities: - /usr/bin/client env: - name: HELM_RELEASE - value: kubescape-operator-1.18.16 + value: kubescape-operator-1.18.17 - name: GOMEMLIMIT value: 250MiB - name: KS_LOGGER_LEVEL @@ -3760,7 +3774,7 @@ all capabilities: name: cloud-secret - name: OTEL_COLLECTOR_SVC value: otel-collector:4317 - image: quay.io/kubescape/synchronizer:v0.0.72 + image: quay.io/kubescape/synchronizer:v0.0.74 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -3892,7 +3906,7 @@ all capabilities: namespace: kubescape default capabilities: 1: | - raw: "Thank you for installing kubescape-operator version 1.18.16.\nView your cluster's configuration scanning schedule: \n> kubectl -n kubescape get cj kubescape-scheduler -o=jsonpath='{.metadata.name}{\"\\t\"}{.spec.schedule}{\"\\n\"}'\n\nTo change the schedule, set `.spec.schedule`: \n> kubectl -n kubescape edit cj kubescape-scheduler\nView your cluster's image scanning schedule: \n> kubectl -n kubescape get cj kubevuln-scheduler -o=jsonpath='{.metadata.name}{\"\\t\"}{.spec.schedule}{\"\\n\"}' \n\nTo change the schedule, edit `.spec.schedule`: \n> kubectl -n kubescape edit cj kubevuln-scheduler\n\n\nView your image vulnerabilities scan summaries:\n> kubectl get vulnerabilitymanifestsummaries -A\n\nDetailed reports are also available:\n> kubectl get vulnerabilitymanifests -A\n\nkubescape-operator generates suggested network policies. To view them: \n> kubectl get generatednetworkpolicies -n \n\n" + raw: "Thank you for installing kubescape-operator version 1.18.17.\nView your cluster's configuration scanning schedule: \n> kubectl -n kubescape get cj kubescape-scheduler -o=jsonpath='{.metadata.name}{\"\\t\"}{.spec.schedule}{\"\\n\"}'\n\nTo change the schedule, set `.spec.schedule`: \n> kubectl -n kubescape edit cj kubescape-scheduler\nView your cluster's image scanning schedule: \n> kubectl -n kubescape get cj kubevuln-scheduler -o=jsonpath='{.metadata.name}{\"\\t\"}{.spec.schedule}{\"\\n\"}' \n\nTo change the schedule, edit `.spec.schedule`: \n> kubectl -n kubescape edit cj kubevuln-scheduler\n\n\nView your image vulnerabilities scan summaries:\n> kubectl get vulnerabilitymanifestsummaries -A\n\nDetailed reports are also available:\n> kubectl get vulnerabilitymanifests -A\n\nkubescape-operator generates suggested network policies. To view them: \n> kubectl get generatednetworkpolicies -n \n\n" 2: | apiVersion: v1 data: @@ -4002,7 +4016,7 @@ default capabilities: app: gateway app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: gateway - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 kubescape.io/ignore: "true" kubescape.io/tier: core tier: ks-control-plane @@ -4131,7 +4145,7 @@ default capabilities: metadata: labels: app: gateway - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 tier: ks-control-plane name: gateway namespace: kubescape @@ -4212,7 +4226,7 @@ default capabilities: app: grype-offline-db app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: grype-offline-db - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 kubescape.io/tier: core tier: ks-control-plane spec: @@ -4404,7 +4418,7 @@ default capabilities: app: kollector app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kollector - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 kubescape.io/tier: core tier: ks-control-plane spec: @@ -4797,7 +4811,7 @@ default capabilities: app: kubescape app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubescape - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 kubescape.io/ignore: "true" kubescape.io/tier: core tier: ks-control-plane @@ -4827,7 +4841,7 @@ default capabilities: app: kubescape app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubescape - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -5059,7 +5073,7 @@ default capabilities: metadata: labels: app: kubescape - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 tier: ks-control-plane name: kubescape namespace: kubescape @@ -5327,7 +5341,7 @@ default capabilities: app: kubevuln app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubevuln - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -5643,7 +5657,7 @@ default capabilities: app: node-agent app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: node-agent - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -5683,7 +5697,7 @@ default capabilities: fieldRef: fieldPath: metadata.namespace - name: NodeName - image: quay.io/kubescape/node-agent:v0.2.81 + image: quay.io/kubescape/node-agent:v0.2.85 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -5972,7 +5986,7 @@ default capabilities: app: operator app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: operator - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -5986,7 +6000,7 @@ default capabilities: - 2>&1 env: - name: HELM_RELEASE - value: kubescape-operator-1.18.16 + value: kubescape-operator-1.18.17 - name: GOMEMLIMIT value: 100MiB - name: KS_LOGGER_LEVEL @@ -6274,7 +6288,7 @@ default capabilities: app: otel-collector app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: otel-collector - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 kubescape.io/ignore: "true" kubescape.io/tier: core tier: ks-control-plane @@ -6369,7 +6383,7 @@ default capabilities: metadata: labels: app: otel-collector - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 tier: ks-control-plane name: otel-collector namespace: kubescape @@ -6458,7 +6472,7 @@ default capabilities: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: service-discovery - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 otel: enabled tier: ks-control-plane name: RELEASE-NAME @@ -6763,7 +6777,7 @@ default capabilities: name: cloud-secret - name: OTEL_COLLECTOR_SVC value: otel-collector:4317 - image: quay.io/kubescape/storage:v0.0.85 + image: quay.io/kubescape/storage:v0.0.89 imagePullPolicy: IfNotPresent livenessProbe: tcpSocket: @@ -6970,6 +6984,14 @@ default capabilities: - get - list - watch + - apiGroups: + - security.istio.io + resources: + - authorizationpolicies + verbs: + - get + - list + - watch - apiGroups: - gateway.networking.k8s.io resources: @@ -7006,7 +7028,7 @@ default capabilities: 76: | apiVersion: v1 data: - config.json: |- + config.json: | { "inCluster": { "resources": [ @@ -7172,6 +7194,12 @@ default capabilities: "resource": "networkpolicies", "strategy": "patch" }, + { + "group": "security.istio.io", + "version": "v1", + "resource": "authorizationpolicies", + "strategy": "patch" + }, { "group": "kubescape.io", "version": "v1", @@ -7234,12 +7262,12 @@ default capabilities: checksum/cloud-config: 98e72a3a1a24264d2cdebc86b61829ee5b941fb590d6ca717ebaa880922046c6 checksum/cloud-secret: 8665d3f0f7282091716b5fbf7356972eb83a5a9e86eb064218d24e9f66612b99 checksum/proxy-config: 30e81a4193016803b4b7985b92028c4797c1e84d317a4b6b3e3a5406139f8847 - checksum/synchronizer-configmap: 737f16e4477c76d1da6e50bea7340999fd7607a74e2121cd9b98e27155f6880f + checksum/synchronizer-configmap: 7994b77dd8208c231ed88a17aaa48d580663b06e17d2138ed8b4ba1d210ca007 labels: app: synchronizer app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: synchronizer - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -7251,7 +7279,7 @@ default capabilities: - /usr/bin/client env: - name: HELM_RELEASE - value: kubescape-operator-1.18.16 + value: kubescape-operator-1.18.17 - name: GOMEMLIMIT value: 250MiB - name: KS_LOGGER_LEVEL @@ -7265,7 +7293,7 @@ default capabilities: name: cloud-secret - name: OTEL_COLLECTOR_SVC value: otel-collector:4317 - image: quay.io/kubescape/synchronizer:v0.0.72 + image: quay.io/kubescape/synchronizer:v0.0.74 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -7391,7 +7419,7 @@ default capabilities: namespace: kubescape minimal capabilities: 1: | - raw: "Thank you for installing kubescape-operator version 1.18.16.\n\n\n\n\nView your image vulnerabilities scan summaries:\n> kubectl get vulnerabilitymanifestsummaries -A\n\nDetailed reports are also available:\n> kubectl get vulnerabilitymanifests -A\n\nkubescape-operator generates suggested network policies. To view them: \n> kubectl get generatednetworkpolicies -n \n\n" + raw: "Thank you for installing kubescape-operator version 1.18.17.\n\n\n\n\nView your image vulnerabilities scan summaries:\n> kubectl get vulnerabilitymanifestsummaries -A\n\nDetailed reports are also available:\n> kubectl get vulnerabilitymanifests -A\n\nkubescape-operator generates suggested network policies. To view them: \n> kubectl get generatednetworkpolicies -n \n\n" 2: | apiVersion: v1 data: @@ -7708,7 +7736,7 @@ minimal capabilities: app: kubescape app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubescape - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 kubescape.io/ignore: "true" kubescape.io/tier: core tier: ks-control-plane @@ -7737,7 +7765,7 @@ minimal capabilities: app: kubescape app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubescape - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -8097,7 +8125,7 @@ minimal capabilities: app: kubevuln app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubevuln - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -8372,7 +8400,7 @@ minimal capabilities: app: node-agent app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: node-agent - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -8412,7 +8440,7 @@ minimal capabilities: fieldRef: fieldPath: metadata.namespace - name: NodeName - image: quay.io/kubescape/node-agent:v0.2.81 + image: quay.io/kubescape/node-agent:v0.2.85 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -8692,7 +8720,7 @@ minimal capabilities: app: operator app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: operator - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -8706,7 +8734,7 @@ minimal capabilities: - 2>&1 env: - name: HELM_RELEASE - value: kubescape-operator-1.18.16 + value: kubescape-operator-1.18.17 - name: GOMEMLIMIT value: 100MiB - name: KS_LOGGER_LEVEL @@ -8943,7 +8971,7 @@ minimal capabilities: app: otel-collector app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: otel-collector - helm.sh/chart: kubescape-operator-1.18.16 + helm.sh/chart: kubescape-operator-1.18.17 kubescape.io/ignore: "true" kubescape.io/tier: core tier: ks-control-plane @@ -9238,7 +9266,7 @@ minimal capabilities: name: cloud-secret - name: OTEL_COLLECTOR_SVC value: otel-collector:4317 - image: quay.io/kubescape/storage:v0.0.85 + image: quay.io/kubescape/storage:v0.0.89 imagePullPolicy: IfNotPresent livenessProbe: tcpSocket: diff --git a/charts/kubescape-operator/values.yaml b/charts/kubescape-operator/values.yaml index d8dc7794..75142b3e 100644 --- a/charts/kubescape-operator/values.yaml +++ b/charts/kubescape-operator/values.yaml @@ -444,7 +444,7 @@ storage: image: # -- source code: https://github.com/kubescape/storage repository: quay.io/kubescape/storage - tag: v0.0.85 + tag: v0.0.89 pullPolicy: IfNotPresent # cleanup interval is a duration string @@ -473,7 +473,7 @@ nodeAgent: image: # -- source code: https://github.com/kubescape/node-agent repository: quay.io/kubescape/node-agent - tag: v0.2.81 + tag: v0.2.85 pullPolicy: IfNotPresent config: @@ -634,7 +634,7 @@ synchronizer: image: # -- source code: https://github.com/kubescape/synchronizer repository: quay.io/kubescape/synchronizer - tag: v0.0.72 + tag: v0.0.74 pullPolicy: IfNotPresent resources: requests: