A Helm chart for deploying audito-maldito in Kubernetes. This chart is provided and maintained by your friends at Equinix Metal.
audito-maldito is deployed as a daemonset. This includes several containers:
audito-maldito- The containerized audito-maldito process. It reads from data sources using named pipes provided via a shared volumersyslog- A containerized rsyslog process that reads log messages from OpenSSH daemon and other sources and writes them to named pipes. The named pipes are shared with audito-maldito via a shared volumeaudittail- A containerized Go program that reads audito-maldito's audit events and writes them to stdout
| Key | Type | Default | Description |
|---|---|---|---|
| health.readiness.initialDelaySeconds | int | 30 |
|
| health.readiness.periodSeconds | int | 10 |
|
| image.pullPolicy | string | "IfNotPresent" |
|
| image.repository | string | "ghcr.io/metal-toolbox/audito-maldito/audito-maldito" |
|
| image.tag | string | "v0.5.1" |
|
| metrics.enabled | bool | true |
|
| priorityClassName | string | "" |
|
| resources.limits.cpu | string | "500m" |
|
| resources.limits.memory | string | "512Mi" |
|
| resources.requests.cpu | string | "250m" |
|
| resources.requests.memory | string | "256Mi" |
|
| rsyslog.resources.limits.cpu | string | "500m" |
|
| rsyslog.resources.limits.memory | string | "512Mi" |
|
| rsyslog.resources.requests.cpu | string | "250m" |
|
| rsyslog.resources.requests.memory | string | "256Mi" |
Ensure that the documentation is up to date before pushing a pull request:
helm-docsThere is a useful Makefile target that's useful to cut a release. So, simply do:
TAG=$RELEASE_VERSION make releaseAnd the release will happen.
Note that this project follows the Semantic Versioning scheme, so make sure to follow it when cutting releases.
The TAG Makefile variable takes a release version without the v prefix. For example,
if you want to cut a release with version v1.2.3, you'd do:
TAG=1.2.3 make release