Skip to content

Commit

Permalink
revert merge mess (#377)
Browse files Browse the repository at this point in the history 
Signed-off-by: David Wertenteil <[email protected]>
  • Loading branch information
David Wertenteil authored Jan 11, 2024
1 parent 86adaef commit ef226b2
Show file tree
Hide file tree
Showing 2 changed files with 71 additions and 199 deletions.
225 changes: 27 additions & 198 deletions charts/kubescape-operator/tests/__snapshot__/snapshot_test.yaml.snap
View file
Original file line number Diff line number Diff line change
Expand Up @@ -152,8 +152,8 @@ all capabilities:
data:
capabilities: |
{
"capabilities":{"autoUpgrading":"enable","configurationScan":"enable","continuousScan":"enable","networkPolicyService":"enable","nodeScan":"enable","relevancy":"enable","runtimeObservability":"enable","vexGeneration":"enable","vulnerabilityScan":"enable"},
"components":{"cloudSecret":{"create":true,"name":"cloud-secret"},"gateway":{"enabled":true},"hostScanner":{"enabled":true},"kollector":{"enabled":true},"kubescape":{"enabled":true},"kubescapeScheduler":{"enabled":true},"kubevuln":{"enabled":true},"kubevulnScheduler":{"enabled":true},"nodeAgent":{"enabled":true},"operator":{"enabled":true},"otelCollector":{"enabled":true},"serviceDiscovery":{"enabled":true},"storage":{"enabled":true},"synchronizer":{"enabled":true}},
"capabilities":{"autoUpgrading":"enable","configurationScan":"enable","continuousScan":"enable","networkPolicyService":"enable","nodeScan":"enable","prometheusExporter":"disable","relevancy":"enable","runtimeObservability":"enable","vexGeneration":"enable","vulnerabilityScan":"enable"},
"components":{"cloudSecret":{"create":true,"name":"cloud-secret"},"gateway":{"enabled":true},"hostScanner":{"enabled":true},"kollector":{"enabled":true},"kubescape":{"enabled":true},"kubescapeScheduler":{"enabled":true},"kubevuln":{"enabled":true},"kubevulnScheduler":{"enabled":true},"nodeAgent":{"enabled":true},"operator":{"enabled":true},"otelCollector":{"enabled":true},"prometheusExporter":{"enabled":false},"serviceDiscovery":{"enabled":true},"storage":{"enabled":true},"synchronizer":{"enabled":true}},
"configurations":{"otelUrl":"otelCollector:4317","persistence":"enable"}
}
kind: ConfigMap
Expand Down Expand Up @@ -1974,7 +1974,7 @@ all capabilities:
template:
metadata:
annotations:
checksum/capabilities-config: 1805053085011dffd5ad88e6a8be1aaa7416d06688e1244b3cdfb857325cf957
checksum/capabilities-config: 058141489d9220a4ece9fe4cef607bdbb201518834a470815c24667b9b1f68bc
checksum/cloud-config: 253f0c05e8d2915ab3627479c2f810d8cf3d40b03c0807ec6af34da0e1d1e049
checksum/cloud-secret: 093281e88f6ece2531917b0c620b783a589c4a118521d94e375905522f55b523
checksum/matching-rules-config: 0fe866ff165ca62399198397c07ab2d49af3181c569b3d0cce4a4cb310796824
Expand Down Expand Up @@ -2397,177 +2397,6 @@ all capabilities:
app: otel-collector
type: ClusterIP
62: |
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: prometheus-exporter
rules:
- apiGroups:
- spdx.softwarecomposition.kubescape.io
resources:
- configurationscansummaries
- vulnerabilitysummaries
verbs:
- get
- watch
- list
63: |
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: prometheus-exporter
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: prometheus-exporter
subjects:
- kind: ServiceAccount
name: prometheus-exporter
namespace: kubescape
64: |
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: prometheus-exporter
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/name: prometheus-exporter
tier: ks-control-plane
name: prometheus-exporter
namespace: kubescape
spec:
replicas: null
revisionHistoryLimit: 2
selector:
matchLabels:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/name: prometheus-exporter
tier: ks-control-plane
strategy:
type: Recreate
template:
metadata:
labels:
app: prometheus-exporter
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/name: prometheus-exporter
tier: ks-control-plane
spec:
affinity: null
automountServiceAccountToken: true
containers:
- env:
- name: GOMEMLIMIT
value: 10MiB
- name: KS_LOGGER_LEVEL
value: info
- name: KS_LOGGER_NAME
value: zap
image: quay.io/kubescape/prometheus-exporter:v0.0.6
imagePullPolicy: Always
livenessProbe:
initialDelaySeconds: 3
periodSeconds: 3
tcpSocket:
port: 8080
name: prometheus-exporter
ports:
- containerPort: 8080
name: metrics
protocol: TCP
readinessProbe:
tcpSocket:
port: 8080
resources:
limits:
cpu: 50m
memory: 100Mi
requests:
cpu: 10m
memory: 10Mi
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
runAsNonRoot: true
volumeMounts:
- mountPath: /etc/config
name: ks-cloud-config
readOnly: true
nodeSelector: null
securityContext:
fsGroup: 65532
runAsUser: 65532
serviceAccountName: prometheus-exporter
tolerations: null
volumes:
- configMap:
items:
- key: clusterData
path: clusterData.json
name: ks-cloud-config
name: ks-cloud-config
65: |
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
labels:
app: prometheus-exporter
tier: ks-control-plane
name: prometheus-exporter
namespace: kubescape
spec:
ingress:
- ports:
- port: 8080
protocol: TCP
podSelector:
matchLabels:
app.kubernetes.io/instance: RELEASE-NAME
app.kubernetes.io/name: prometheus-exporter
tier: ks-control-plane
policyTypes:
- Ingress
66: |
apiVersion: v1
kind: Service
metadata:
labels:
app: prometheus-exporter
name: prometheus-exporter
namespace: kubescape
spec:
ports:
- port: 8080
protocol: TCP
targetPort: 8080
selector:
app: prometheus-exporter
type: null
67: |
apiVersion: v1
automountServiceAccountToken: false
kind: ServiceAccount
metadata:
labels:
app: prometheus-exporter
name: prometheus-exporter
namespace: kubescape
68: |
apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
labels:
app: prometheus-exporter
name: prometheus-exporter
namespace: kubescape
spec:
namespaceSelector:
matchNames:
- kubescape
selector:
matchLabels:
app: prometheus-exporter
69: |
apiVersion: v1
data:
proxy.crt: foo
Expand All @@ -2576,7 +2405,7 @@ all capabilities:
name: kubescape-proxy-certificate
namespace: kubescape
type: Opaque
70: |
63: |
apiVersion: batch/v1
kind: Job
metadata:
Expand Down Expand Up @@ -2653,7 +2482,7 @@ all capabilities:
volumes:
- emptyDir: {}
name: shared-data
71: |
64: |
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
Expand All @@ -2674,7 +2503,7 @@ all capabilities:
- patch
- get
- list
72: |
65: |
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
Expand All @@ -2691,7 +2520,7 @@ all capabilities:
- kind: ServiceAccount
name: service-discovery
namespace: kubescape
73: |
66: |
apiVersion: v1
kind: ServiceAccount
metadata:
Expand All @@ -2701,7 +2530,7 @@ all capabilities:
helm.sh/hook-weight: "0"
name: service-discovery
namespace: kubescape
74: |
67: |
apiVersion: apiregistration.k8s.io/v1
kind: APIService
metadata:
Expand All @@ -2715,7 +2544,7 @@ all capabilities:
namespace: kubescape
version: v1beta1
versionPriority: 15
75: |
68: |
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
Expand Down Expand Up @@ -2824,7 +2653,7 @@ all capabilities:
- kind: ServiceAccount
name: storage
namespace: kubescape
77: |
70: |
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
Expand All @@ -2837,7 +2666,7 @@ all capabilities:
- kind: ServiceAccount
name: storage
namespace: kubescape
78: |
71: |
apiVersion: apps/v1
kind: Deployment
metadata:
Expand Down Expand Up @@ -2920,7 +2749,7 @@ all capabilities:
path: services.json
name: ks-cloud-config
name: ks-cloud-config
79: |
72: |
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
Expand All @@ -2936,7 +2765,7 @@ all capabilities:
resources:
requests:
storage: 5Gi
80: |
73: |
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
Expand All @@ -2950,7 +2779,7 @@ all capabilities:
- kind: ServiceAccount
name: storage
namespace: kubescape
81: |
74: |
apiVersion: v1
kind: Service
metadata:
Expand All @@ -2965,13 +2794,13 @@ all capabilities:
app.kubernetes.io/component: apiserver
app.kubernetes.io/name: storage
app.kubernetes.io/part-of: kubescape-storage
82: |
75: |
apiVersion: v1
kind: ServiceAccount
metadata:
name: storage
namespace: kubescape
83: |
76: |
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
Expand Down Expand Up @@ -3035,7 +2864,7 @@ all capabilities:
- update
- patch
- delete
84: |
77: |
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
Expand All @@ -3048,7 +2877,7 @@ all capabilities:
- kind: ServiceAccount
name: synchronizer
namespace: kubescape
85: |
78: |
apiVersion: v1
data:
config.json: |
Expand Down Expand Up @@ -3134,7 +2963,7 @@ all capabilities:
metadata:
name: synchronizer
namespace: kubescape
86: |
79: |
apiVersion: apps/v1
kind: Deployment
metadata:
Expand Down Expand Up @@ -3255,7 +3084,7 @@ all capabilities:
path: config.json
name: synchronizer
name: config
87: |
80: |
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
Expand All @@ -3277,7 +3106,7 @@ all capabilities:
policyTypes:
- Ingress
- Egress
88: |
81: |
apiVersion: v1
automountServiceAccountToken: false
kind: ServiceAccount
Expand Down Expand Up @@ -3352,8 +3181,8 @@ default capabilities:
data:
capabilities: |
{
"capabilities":{"autoUpgrading":"disable","configurationScan":"enable","continuousScan":"disable","networkPolicyService":"enable","nodeScan":"enable","relevancy":"enable","runtimeObservability":"enable","vexGeneration":"disable","vulnerabilityScan":"enable"},
"components":{"cloudSecret":{"create":true,"name":"cloud-secret"},"gateway":{"enabled":true},"hostScanner":{"enabled":true},"kollector":{"enabled":true},"kubescape":{"enabled":true},"kubescapeScheduler":{"enabled":true},"kubevuln":{"enabled":true},"kubevulnScheduler":{"enabled":true},"nodeAgent":{"enabled":true},"operator":{"enabled":true},"otelCollector":{"enabled":true},"serviceDiscovery":{"enabled":true},"storage":{"enabled":true},"synchronizer":{"enabled":true}},
"capabilities":{"autoUpgrading":"disable","configurationScan":"enable","continuousScan":"disable","networkPolicyService":"enable","nodeScan":"enable","prometheusExporter":"disable","relevancy":"enable","runtimeObservability":"enable","vexGeneration":"disable","vulnerabilityScan":"enable"},
"components":{"cloudSecret":{"create":true,"name":"cloud-secret"},"gateway":{"enabled":true},"hostScanner":{"enabled":true},"kollector":{"enabled":true},"kubescape":{"enabled":true},"kubescapeScheduler":{"enabled":true},"kubevuln":{"enabled":true},"kubevulnScheduler":{"enabled":true},"nodeAgent":{"enabled":true},"operator":{"enabled":true},"otelCollector":{"enabled":true},"prometheusExporter":{"enabled":false},"serviceDiscovery":{"enabled":true},"storage":{"enabled":true},"synchronizer":{"enabled":true}},
"configurations":{"otelUrl":"otelCollector:4317","persistence":"enable"}
}
kind: ConfigMap
Expand Down Expand Up @@ -5174,7 +5003,7 @@ default capabilities:
template:
metadata:
annotations:
checksum/capabilities-config: bbb5ef64298b555653ccfba6f72882a866f6108952db91250471993045ee7d74
checksum/capabilities-config: c5ce8d3e19bb269915b259a78c796881abf315ff19b3f38fdc7d3b1ebe95b969
checksum/cloud-config: bc11c557570531f1993ebd8a8d6ee8174a1dd9f35c00e7640181b82eab213945
checksum/cloud-secret: 093281e88f6ece2531917b0c620b783a589c4a118521d94e375905522f55b523
checksum/matching-rules-config: 0fe866ff165ca62399198397c07ab2d49af3181c569b3d0cce4a4cb310796824
Expand Down Expand Up @@ -6372,8 +6201,8 @@ minimal capabilities:
data:
capabilities: |
{
"capabilities":{"autoUpgrading":"disable","configurationScan":"enable","continuousScan":"disable","networkPolicyService":"enable","nodeScan":"enable","relevancy":"enable","runtimeObservability":"enable","vexGeneration":"disable","vulnerabilityScan":"enable"},
"components":{"cloudSecret":{"create":true,"name":"cloud-secret"},"gateway":{"enabled":false},"hostScanner":{"enabled":true},"kollector":{"enabled":false},"kubescape":{"enabled":true},"kubescapeScheduler":{"enabled":false},"kubevuln":{"enabled":true},"kubevulnScheduler":{"enabled":false},"nodeAgent":{"enabled":true},"operator":{"enabled":true},"otelCollector":{"enabled":true},"serviceDiscovery":{"enabled":false},"storage":{"enabled":true},"synchronizer":{"enabled":false}},
"capabilities":{"autoUpgrading":"disable","configurationScan":"enable","continuousScan":"disable","networkPolicyService":"enable","nodeScan":"enable","prometheusExporter":"disable","relevancy":"enable","runtimeObservability":"enable","vexGeneration":"disable","vulnerabilityScan":"enable"},
"components":{"cloudSecret":{"create":true,"name":"cloud-secret"},"gateway":{"enabled":false},"hostScanner":{"enabled":true},"kollector":{"enabled":false},"kubescape":{"enabled":true},"kubescapeScheduler":{"enabled":false},"kubevuln":{"enabled":true},"kubevulnScheduler":{"enabled":false},"nodeAgent":{"enabled":true},"operator":{"enabled":true},"otelCollector":{"enabled":true},"prometheusExporter":{"enabled":false},"serviceDiscovery":{"enabled":false},"storage":{"enabled":true},"synchronizer":{"enabled":false}},
"configurations":{"otelUrl":"otelCollector:4317","persistence":"enable"}
}
kind: ConfigMap
Expand Down Expand Up @@ -7448,7 +7277,7 @@ minimal capabilities:
template:
metadata:
annotations:
checksum/capabilities-config: f0ce88839916da46001275e246af6ca1290eb2c2a8a0d687e5ea947219deda76
checksum/capabilities-config: 0c442325975e8630c7b6cae4e4e570e4ab5721c1603f79f51bc77567f1384039
checksum/cloud-config: 95260ac6946b5771081a57105074148c915f2c581ad49cb97889ac0206e238f8
checksum/cloud-secret: 436faa29a74a6ab2b6ee2ae0faaa0576d663745a9780780fa53afa02a945dddb
checksum/matching-rules-config: 0fe866ff165ca62399198397c07ab2d49af3181c569b3d0cce4a4cb310796824
Expand Down
Loading

0 comments on commit ef226b2

Please sign in to comment.