Skip to content

Commit c719a45

Browse files
mavimotherealbobodraios-jenkinsupdatecli
authored
feat(agent,shield): release agent 14.3.0 with FIM (#2461)
Signed-off-by: Roberto Scolaro <[email protected]> Co-authored-by: Roberto Scolaro <[email protected]> Co-authored-by: draios-jenkins <[email protected]> Co-authored-by: updatecli <[email protected]>
1 parent 0fec56b commit c719a45

File tree

9 files changed

+80
-9
lines changed

9 files changed

+80
-9
lines changed

charts/agent/Chart.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
apiVersion: v2
2-
appVersion: 14.2.5
2+
appVersion: 14.3.0
33
dependencies:
44
- name: common
55
repository: file://../common
@@ -30,4 +30,4 @@ sources:
3030
- https://app.sysdigcloud.com/#/settings/user
3131
- https://github.com/draios/sysdig
3232
type: application
33-
version: 2.3.7
33+
version: 2.4.0

charts/agent/values.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -51,7 +51,7 @@ image:
5151
overrideValue: null
5252
registry: quay.io
5353
repository: sysdig/agent
54-
tag: 14.2.5
54+
tag: 14.3.0
5555
# Specify a imagePullPolicy
5656
# Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
5757
# ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images

charts/shield/Chart.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,5 +13,5 @@ maintainers:
1313
- name: mavimo
1414
email: [email protected]
1515
type: application
16-
version: 1.24.1
16+
version: 1.25.0
1717
appVersion: "1.0.0"

charts/shield/README.md

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -105,6 +105,7 @@ The following table lists the configurable parameters of the `shield` chart and
105105
| features.detections.kubernetes_audit.http_port | The port that will be used to expose the audit endpoints | <code>6443</code> |
106106
| features.detections.kubernetes_audit.excluded_namespaces | The list of namespaces that will be excluded from the audit feature | <code>[]</code> |
107107
| features.detections.kubernetes_audit.webhook_rules | List of rules used to determine if a request should be audited | <code>[{"apiGroups":["","apps","autoscaling","batch","networking.k8s.io","rbac.authorization.k8s.io","extensions"],"apiVersions":["*"],"operations":["*"],"resources":["*/*"],"scope":"*"}]</code> |
108+
| features.detections.file_integrity_monitoring.enabled | | <code>false</code> |
108109
| features.investigations.activity_audit.enabled | | <code>false</code> |
109110
| features.investigations.live_logs.enabled | | <code>false</code> |
110111
| features.investigations.network_security.enabled | Enable the network security feature | <code>false</code> |
@@ -158,7 +159,7 @@ The following table lists the configurable parameters of the `shield` chart and
158159
| host.image.repository | The repository where the host shield images are stored | <code>sysdig</code> |
159160
| host.image.kmodule_name | The image name for the host shield kmodule drive | <code>agent-kmodule</code> |
160161
| host.image.shield_name | The image name for the host shield | <code>agent-slim</code> |
161-
| host.image.tag | The tag for the host shield images | <code>14.2.5</code> |
162+
| host.image.tag | The tag for the host shield images | <code>14.3.0</code> |
162163
| host.image.pull_policy | The pull policy for the host shield images | <code>IfNotPresent</code> |
163164
| host.image.pull_secrets | The pull secrets for the host shield images | <code>[]</code> |
164165
| host.priority_class.create | Create a priority class for the host shield | <code>false</code> |

charts/shield/templates/host/_configmap_helpers.tpl

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,7 @@
4040
{{- end }}
4141
4242
{{- define "host.configmap.detections" }}
43-
{{- dict "detections" (pick . "ml_policies") | toYaml }}
43+
{{- dict "detections" (pick . "ml_policies" "file_integrity_monitoring") | toYaml }}
4444
{{- end }}
4545
4646
{{/* Generate the 'host_shield_config.yaml' content */}}

charts/shield/tests/host/configmap-host-shield-config_test.yaml

Lines changed: 55 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,8 @@ tests:
2121
pattern: |
2222
features:
2323
detections:
24+
file_integrity_monitoring:
25+
enabled: false
2426
ml_policies:
2527
enabled: false
2628
posture:
@@ -50,6 +52,8 @@ tests:
5052
pattern: |
5153
features:
5254
detections:
55+
file_integrity_monitoring:
56+
enabled: false
5357
ml_policies:
5458
enabled: false
5559
posture:
@@ -79,6 +83,8 @@ tests:
7983
pattern: |
8084
features:
8185
detections:
86+
file_integrity_monitoring:
87+
enabled: false
8288
ml_policies:
8389
enabled: false
8490
posture:
@@ -108,6 +114,8 @@ tests:
108114
pattern: |
109115
features:
110116
detections:
117+
file_integrity_monitoring:
118+
enabled: false
111119
ml_policies:
112120
enabled: false
113121
posture:
@@ -137,6 +145,8 @@ tests:
137145
pattern: |
138146
features:
139147
detections:
148+
file_integrity_monitoring:
149+
enabled: false
140150
ml_policies:
141151
enabled: false
142152
posture:
@@ -161,6 +171,8 @@ tests:
161171
pattern: |
162172
features:
163173
detections:
174+
file_integrity_monitoring:
175+
enabled: false
164176
ml_policies:
165177
enabled: false
166178
posture:
@@ -193,6 +205,8 @@ tests:
193205
pattern: |-
194206
features:
195207
detections:
208+
file_integrity_monitoring:
209+
enabled: false
196210
ml_policies:
197211
enabled: false
198212
posture:
@@ -224,6 +238,8 @@ tests:
224238
pattern: |-
225239
features:
226240
detections:
241+
file_integrity_monitoring:
242+
enabled: false
227243
ml_policies:
228244
enabled: false
229245
posture:
@@ -271,6 +287,8 @@ tests:
271287
pattern: |-
272288
features:
273289
detections:
290+
file_integrity_monitoring:
291+
enabled: false
274292
ml_policies:
275293
enabled: false
276294
posture:
@@ -339,6 +357,8 @@ tests:
339357
pattern: |-
340358
features:
341359
detections:
360+
file_integrity_monitoring:
361+
enabled: false
342362
ml_policies:
343363
enabled: false
344364
posture:
@@ -427,6 +447,8 @@ tests:
427447
pattern: |-
428448
features:
429449
detections:
450+
file_integrity_monitoring:
451+
enabled: false
430452
ml_policies:
431453
enabled: false
432454
posture:
@@ -457,6 +479,8 @@ tests:
457479
pattern: |-
458480
features:
459481
detections:
482+
file_integrity_monitoring:
483+
enabled: false
460484
ml_policies:
461485
enabled: true
462486
posture:
@@ -474,6 +498,37 @@ tests:
474498
enabled: false
475499
integration_enabled: false
476500
501+
- it: Enable File Integrity Monitoring
502+
set:
503+
features:
504+
detections:
505+
file_integrity_monitoring:
506+
enabled: true
507+
asserts:
508+
- matchRegex:
509+
path: data['host-shield.yaml']
510+
pattern: |-
511+
features:
512+
detections:
513+
file_integrity_monitoring:
514+
enabled: true
515+
ml_policies:
516+
enabled: false
517+
posture:
518+
host_posture:
519+
enabled: false
520+
respond:
521+
rapid_response:
522+
enabled: false
523+
response_actions:
524+
enabled: false
525+
vulnerability_management:
526+
host_vulnerability_management:
527+
enabled: false
528+
in_use:
529+
enabled: false
530+
integration_enabled: false
531+
477532
- it: Ensure Local Forwarder
478533
set:
479534
features:

charts/shield/values.schema.json

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -883,6 +883,9 @@
883883
},
884884
"kubernetes_audit": {
885885
"$ref": "#/$defs/FeatureGroupDetections/$defs/KubernetesAudit"
886+
},
887+
"file_integrity_monitoring": {
888+
"$ref": "#/$defs/FeatureGroupDetections/$defs/FileIntegrityMonitoring"
886889
}
887890
},
888891
"$defs": {
@@ -972,6 +975,16 @@
972975
]
973976
}
974977
}
978+
},
979+
"FileIntegrityMonitoring": {
980+
"type": "object",
981+
"additionalProperties": true,
982+
"properties": {
983+
"enabled": {
984+
"type": "boolean",
985+
"description": "Specify if the File Integrity Monitoring feature is enabled"
986+
}
987+
}
975988
}
976989
}
977990
},

charts/shield/values.yaml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -128,6 +128,8 @@ features:
128128
resources:
129129
- '*/*'
130130
scope: '*'
131+
file_integrity_monitoring:
132+
enabled: false
131133

132134
investigations:
133135
activity_audit:
@@ -270,7 +272,7 @@ host:
270272
# The image name for the host shield
271273
shield_name: agent-slim
272274
# The tag for the host shield images
273-
tag: 14.2.5
275+
tag: 14.3.0
274276
# The pull policy for the host shield images
275277
pull_policy: IfNotPresent
276278
# The pull secrets for the host shield images

charts/sysdig-deploy/Chart.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@ apiVersion: v2
22
name: sysdig-deploy
33
description: A chart with various Sysdig components for Kubernetes
44
type: application
5-
version: 1.98.1
5+
version: 1.99.0
66
maintainers:
77
- name: AlbertoBarba
88
email: [email protected]
@@ -26,7 +26,7 @@ dependencies:
2626
- name: agent
2727
# repository: https://charts.sysdig.com
2828
repository: file://../agent
29-
version: ~2.3.7
29+
version: ~2.4.0
3030
alias: agent
3131
condition: agent.enabled
3232
- name: common

0 commit comments

Comments
 (0)