diff --git a/charts/kubescape-operator/Chart.yaml b/charts/kubescape-operator/Chart.yaml index cd6a8d9b..d55af7bc 100644 --- a/charts/kubescape-operator/Chart.yaml +++ b/charts/kubescape-operator/Chart.yaml @@ -9,14 +9,14 @@ type: application # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.20.4 +version: 1.20.5 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: 1.20.4 +appVersion: 1.20.5 maintainers: - name: Ben Hirschberg diff --git a/charts/kubescape-operator/templates/node-agent/default-rule-binding-namespaced.yaml b/charts/kubescape-operator/templates/node-agent/default-rule-binding-namespaced.yaml index 1cc821fd..47daddda 100644 --- a/charts/kubescape-operator/templates/node-agent/default-rule-binding-namespaced.yaml +++ b/charts/kubescape-operator/templates/node-agent/default-rule-binding-namespaced.yaml @@ -29,7 +29,6 @@ spec: - ruleName: "eBPF Program Load" - ruleName: "Symlink Created Over Sensitive File" - ruleName: "Unexpected Sensitive File Access" - - ruleName: "LD_PRELOAD Hook" - ruleName: "Hardlink Created Over Sensitive File" - ruleName: "Exec to pod" - ruleName: "Port forward" diff --git a/charts/kubescape-operator/templates/node-agent/default-rule-binding.yaml b/charts/kubescape-operator/templates/node-agent/default-rule-binding.yaml index f9fd2664..c107d404 100644 --- a/charts/kubescape-operator/templates/node-agent/default-rule-binding.yaml +++ b/charts/kubescape-operator/templates/node-agent/default-rule-binding.yaml @@ -47,7 +47,6 @@ spec: - ruleName: "eBPF Program Load" - ruleName: "Symlink Created Over Sensitive File" - ruleName: "Unexpected Sensitive File Access" - - ruleName: "LD_PRELOAD Hook" - ruleName: "Hardlink Created Over Sensitive File" - ruleName: "Exec to pod" - ruleName: "Port forward" diff --git a/charts/kubescape-operator/tests/__snapshot__/snapshot_test.yaml.snap b/charts/kubescape-operator/tests/__snapshot__/snapshot_test.yaml.snap index 8624a079..1511e934 100644 --- a/charts/kubescape-operator/tests/__snapshot__/snapshot_test.yaml.snap +++ b/charts/kubescape-operator/tests/__snapshot__/snapshot_test.yaml.snap @@ -1,6 +1,6 @@ all capabilities: 1: | - raw: "Thank you for installing kubescape-operator version 1.20.4.\nView your cluster's configuration scanning schedule: \n> kubectl -n kubescape get cj kubescape-scheduler -o=jsonpath='{.metadata.name}{\"\\t\"}{.spec.schedule}{\"\\n\"}'\n\nTo change the schedule, set `.spec.schedule`: \n> kubectl -n kubescape edit cj kubescape-scheduler\nView your cluster's image scanning schedule: \n> kubectl -n kubescape get cj kubevuln-scheduler -o=jsonpath='{.metadata.name}{\"\\t\"}{.spec.schedule}{\"\\n\"}' \n\nTo change the schedule, edit `.spec.schedule`: \n> kubectl -n kubescape edit cj kubevuln-scheduler\nView your configuration scan summaries:\n> kubectl get workloadconfigurationscansummaries -A\n\nDetailed reports are also available:\n> kubectl get workloadconfigurationscans -A\n\nView your image vulnerabilities scan summaries:\n> kubectl get vulnerabilitymanifestsummaries -A\n\nDetailed reports are also available:\n> kubectl get vulnerabilitymanifests -A\n\nkubescape-operator generates suggested network policies. To view them: \n> kubectl get generatednetworkpolicies -n \n\n" + raw: "Thank you for installing kubescape-operator version 1.20.5.\nView your cluster's configuration scanning schedule: \n> kubectl -n kubescape get cj kubescape-scheduler -o=jsonpath='{.metadata.name}{\"\\t\"}{.spec.schedule}{\"\\n\"}'\n\nTo change the schedule, set `.spec.schedule`: \n> kubectl -n kubescape edit cj kubescape-scheduler\nView your cluster's image scanning schedule: \n> kubectl -n kubescape get cj kubevuln-scheduler -o=jsonpath='{.metadata.name}{\"\\t\"}{.spec.schedule}{\"\\n\"}' \n\nTo change the schedule, edit `.spec.schedule`: \n> kubectl -n kubescape edit cj kubevuln-scheduler\nView your configuration scan summaries:\n> kubectl get workloadconfigurationscansummaries -A\n\nDetailed reports are also available:\n> kubectl get workloadconfigurationscans -A\n\nView your image vulnerabilities scan summaries:\n> kubectl get vulnerabilitymanifestsummaries -A\n\nDetailed reports are also available:\n> kubectl get vulnerabilitymanifests -A\n\nkubescape-operator generates suggested network policies. To view them: \n> kubectl get generatednetworkpolicies -n \n\n" 2: | apiVersion: batch/v1 kind: CronJob @@ -60,7 +60,7 @@ all capabilities: metadata: labels: app: helm-release-upgrader - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 tier: ks-control-plane name: helm-release-upgrader namespace: kubescape @@ -263,7 +263,7 @@ all capabilities: app: gateway app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: gateway - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/ignore: "true" kubescape.io/tier: core tier: ks-control-plane @@ -404,7 +404,7 @@ all capabilities: metadata: labels: app: gateway - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 tier: ks-control-plane name: gateway namespace: kubescape @@ -508,7 +508,7 @@ all capabilities: app: grype-offline-db app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: grype-offline-db - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/tier: core tier: ks-control-plane spec: @@ -641,7 +641,7 @@ all capabilities: metadata: labels: app: kollector - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 tier: ks-control-plane name: kollector namespace: kubescape @@ -727,7 +727,7 @@ all capabilities: app: kollector app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kollector - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -917,7 +917,7 @@ all capabilities: metadata: labels: app: kubescape-scheduler - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 tier: ks-control-plane name: kubescape-scheduler namespace: kubescape @@ -1177,7 +1177,7 @@ all capabilities: app: kubescape app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubescape - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/ignore: "true" kubescape.io/tier: core tier: ks-control-plane @@ -1207,7 +1207,7 @@ all capabilities: app: kubescape app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubescape - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -1455,7 +1455,7 @@ all capabilities: metadata: labels: app: kubescape - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 tier: ks-control-plane name: kubescape namespace: kubescape @@ -1693,7 +1693,7 @@ all capabilities: metadata: labels: app: kubevuln-scheduler - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 tier: ks-control-plane name: kubevuln-scheduler namespace: kubescape @@ -1807,7 +1807,7 @@ all capabilities: app: kubevuln app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubevuln - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -1927,7 +1927,7 @@ all capabilities: metadata: labels: app: kubevuln - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 tier: ks-control-plane name: kubevuln namespace: kubescape @@ -2198,7 +2198,7 @@ all capabilities: app: node-agent app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: node-agent - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -2271,7 +2271,7 @@ all capabilities: fieldRef: fieldPath: metadata.namespace - name: NodeName - image: quay.io/kubescape/node-agent:v0.2.109 + image: quay.io/kubescape/node-agent:v0.2.114 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -2446,7 +2446,6 @@ all capabilities: - ruleName: eBPF Program Load - ruleName: Symlink Created Over Sensitive File - ruleName: Unexpected Sensitive File Access - - ruleName: LD_PRELOAD Hook - ruleName: Hardlink Created Over Sensitive File - ruleName: Exec to pod - ruleName: Port forward @@ -2456,7 +2455,7 @@ all capabilities: metadata: labels: app: node-agent - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 tier: ks-control-plane name: node-agent namespace: kubescape @@ -2727,7 +2726,7 @@ all capabilities: app: operator app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: operator - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -2741,7 +2740,7 @@ all capabilities: - 2>&1 env: - name: HELM_RELEASE - value: kubescape-operator-1.20.4 + value: kubescape-operator-1.20.5 - name: GOMEMLIMIT value: 100MiB - name: KS_LOGGER_LEVEL @@ -2906,7 +2905,7 @@ all capabilities: metadata: labels: app: operator - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 tier: ks-control-plane name: operator namespace: kubescape @@ -3101,7 +3100,7 @@ all capabilities: app: otel-collector app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: otel-collector - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/ignore: "true" kubescape.io/tier: core tier: ks-control-plane @@ -3202,7 +3201,7 @@ all capabilities: metadata: labels: app: otel-collector - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 tier: ks-control-plane name: otel-collector namespace: kubescape @@ -3397,7 +3396,7 @@ all capabilities: metadata: labels: app: prometheus-exporter - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 tier: ks-control-plane name: prometheus-exporter namespace: kubescape @@ -3495,7 +3494,7 @@ all capabilities: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: service-discovery - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 otel: enabled tier: ks-control-plane name: RELEASE-NAME @@ -3857,7 +3856,7 @@ all capabilities: metadata: labels: app: storage - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 tier: ks-control-plane name: storage namespace: kubescape @@ -4352,7 +4351,7 @@ all capabilities: app: synchronizer app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: synchronizer - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -4364,7 +4363,7 @@ all capabilities: - /usr/bin/client env: - name: HELM_RELEASE - value: kubescape-operator-1.20.4 + value: kubescape-operator-1.20.5 - name: GOMEMLIMIT value: 250MiB - name: KS_LOGGER_LEVEL @@ -4463,7 +4462,7 @@ all capabilities: metadata: labels: app: synchronizer - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 tier: ks-control-plane name: synchronizer namespace: kubescape @@ -4542,7 +4541,7 @@ all capabilities: namespace: kubescape default capabilities: 1: | - raw: "Thank you for installing kubescape-operator version 1.20.4.\nView your cluster's configuration scanning schedule: \n> kubectl -n kubescape get cj kubescape-scheduler -o=jsonpath='{.metadata.name}{\"\\t\"}{.spec.schedule}{\"\\n\"}'\n\nTo change the schedule, set `.spec.schedule`: \n> kubectl -n kubescape edit cj kubescape-scheduler\nView your cluster's image scanning schedule: \n> kubectl -n kubescape get cj kubevuln-scheduler -o=jsonpath='{.metadata.name}{\"\\t\"}{.spec.schedule}{\"\\n\"}' \n\nTo change the schedule, edit `.spec.schedule`: \n> kubectl -n kubescape edit cj kubevuln-scheduler\n\n\nView your image vulnerabilities scan summaries:\n> kubectl get vulnerabilitymanifestsummaries -A\n\nDetailed reports are also available:\n> kubectl get vulnerabilitymanifests -A\n\nkubescape-operator generates suggested network policies. To view them: \n> kubectl get generatednetworkpolicies -n \n\n" + raw: "Thank you for installing kubescape-operator version 1.20.5.\nView your cluster's configuration scanning schedule: \n> kubectl -n kubescape get cj kubescape-scheduler -o=jsonpath='{.metadata.name}{\"\\t\"}{.spec.schedule}{\"\\n\"}'\n\nTo change the schedule, set `.spec.schedule`: \n> kubectl -n kubescape edit cj kubescape-scheduler\nView your cluster's image scanning schedule: \n> kubectl -n kubescape get cj kubevuln-scheduler -o=jsonpath='{.metadata.name}{\"\\t\"}{.spec.schedule}{\"\\n\"}' \n\nTo change the schedule, edit `.spec.schedule`: \n> kubectl -n kubescape edit cj kubevuln-scheduler\n\n\nView your image vulnerabilities scan summaries:\n> kubectl get vulnerabilitymanifestsummaries -A\n\nDetailed reports are also available:\n> kubectl get vulnerabilitymanifests -A\n\nkubescape-operator generates suggested network policies. To view them: \n> kubectl get generatednetworkpolicies -n \n\n" 2: | apiVersion: v1 data: @@ -4653,7 +4652,7 @@ default capabilities: app: gateway app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: gateway - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/ignore: "true" kubescape.io/tier: core tier: ks-control-plane @@ -4782,7 +4781,7 @@ default capabilities: metadata: labels: app: gateway - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 tier: ks-control-plane name: gateway namespace: kubescape @@ -4880,7 +4879,7 @@ default capabilities: app: grype-offline-db app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: grype-offline-db - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/tier: core tier: ks-control-plane spec: @@ -5011,7 +5010,7 @@ default capabilities: metadata: labels: app: kollector - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 tier: ks-control-plane name: kollector namespace: kubescape @@ -5091,7 +5090,7 @@ default capabilities: app: kollector app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kollector - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -5267,7 +5266,7 @@ default capabilities: metadata: labels: app: kubescape-scheduler - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 tier: ks-control-plane name: kubescape-scheduler namespace: kubescape @@ -5521,7 +5520,7 @@ default capabilities: app: kubescape app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubescape - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/ignore: "true" kubescape.io/tier: core tier: ks-control-plane @@ -5551,7 +5550,7 @@ default capabilities: app: kubescape app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubescape - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -5785,7 +5784,7 @@ default capabilities: metadata: labels: app: kubescape - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 tier: ks-control-plane name: kubescape namespace: kubescape @@ -6010,7 +6009,7 @@ default capabilities: metadata: labels: app: kubevuln-scheduler - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 tier: ks-control-plane name: kubevuln-scheduler namespace: kubescape @@ -6118,7 +6117,7 @@ default capabilities: app: kubevuln app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubevuln - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -6226,7 +6225,7 @@ default capabilities: metadata: labels: app: kubevuln - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 tier: ks-control-plane name: kubevuln namespace: kubescape @@ -6455,7 +6454,7 @@ default capabilities: app: node-agent app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: node-agent - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -6495,7 +6494,7 @@ default capabilities: fieldRef: fieldPath: metadata.namespace - name: NodeName - image: quay.io/kubescape/node-agent:v0.2.109 + image: quay.io/kubescape/node-agent:v0.2.114 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -6668,7 +6667,6 @@ default capabilities: - ruleName: eBPF Program Load - ruleName: Symlink Created Over Sensitive File - ruleName: Unexpected Sensitive File Access - - ruleName: LD_PRELOAD Hook - ruleName: Hardlink Created Over Sensitive File - ruleName: Exec to pod - ruleName: Port forward @@ -6678,7 +6676,7 @@ default capabilities: metadata: labels: app: node-agent - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 tier: ks-control-plane name: node-agent namespace: kubescape @@ -6881,7 +6879,7 @@ default capabilities: app: operator app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: operator - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -6895,7 +6893,7 @@ default capabilities: - 2>&1 env: - name: HELM_RELEASE - value: kubescape-operator-1.20.4 + value: kubescape-operator-1.20.5 - name: GOMEMLIMIT value: 100MiB - name: KS_LOGGER_LEVEL @@ -7039,7 +7037,7 @@ default capabilities: metadata: labels: app: operator - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 tier: ks-control-plane name: operator namespace: kubescape @@ -7228,7 +7226,7 @@ default capabilities: app: otel-collector app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: otel-collector - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/ignore: "true" kubescape.io/tier: core tier: ks-control-plane @@ -7323,7 +7321,7 @@ default capabilities: metadata: labels: app: otel-collector - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 tier: ks-control-plane name: otel-collector namespace: kubescape @@ -7429,7 +7427,7 @@ default capabilities: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: service-discovery - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 otel: enabled tier: ks-control-plane name: RELEASE-NAME @@ -7783,7 +7781,7 @@ default capabilities: metadata: labels: app: storage - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 tier: ks-control-plane name: storage namespace: kubescape @@ -8267,7 +8265,7 @@ default capabilities: app: synchronizer app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: synchronizer - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -8279,7 +8277,7 @@ default capabilities: - /usr/bin/client env: - name: HELM_RELEASE - value: kubescape-operator-1.20.4 + value: kubescape-operator-1.20.5 - name: GOMEMLIMIT value: 250MiB - name: KS_LOGGER_LEVEL @@ -8366,7 +8364,7 @@ default capabilities: metadata: labels: app: synchronizer - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 tier: ks-control-plane name: synchronizer namespace: kubescape @@ -8439,7 +8437,7 @@ default capabilities: namespace: kubescape disable otel: 1: | - raw: "Thank you for installing kubescape-operator version 1.20.4.\nView your cluster's configuration scanning schedule: \n> kubectl -n kubescape get cj kubescape-scheduler -o=jsonpath='{.metadata.name}{\"\\t\"}{.spec.schedule}{\"\\n\"}'\n\nTo change the schedule, set `.spec.schedule`: \n> kubectl -n kubescape edit cj kubescape-scheduler\nView your cluster's image scanning schedule: \n> kubectl -n kubescape get cj kubevuln-scheduler -o=jsonpath='{.metadata.name}{\"\\t\"}{.spec.schedule}{\"\\n\"}' \n\nTo change the schedule, edit `.spec.schedule`: \n> kubectl -n kubescape edit cj kubevuln-scheduler\n\n\nView your image vulnerabilities scan summaries:\n> kubectl get vulnerabilitymanifestsummaries -A\n\nDetailed reports are also available:\n> kubectl get vulnerabilitymanifests -A\n\nkubescape-operator generates suggested network policies. To view them: \n> kubectl get generatednetworkpolicies -n \n\n" + raw: "Thank you for installing kubescape-operator version 1.20.5.\nView your cluster's configuration scanning schedule: \n> kubectl -n kubescape get cj kubescape-scheduler -o=jsonpath='{.metadata.name}{\"\\t\"}{.spec.schedule}{\"\\n\"}'\n\nTo change the schedule, set `.spec.schedule`: \n> kubectl -n kubescape edit cj kubescape-scheduler\nView your cluster's image scanning schedule: \n> kubectl -n kubescape get cj kubevuln-scheduler -o=jsonpath='{.metadata.name}{\"\\t\"}{.spec.schedule}{\"\\n\"}' \n\nTo change the schedule, edit `.spec.schedule`: \n> kubectl -n kubescape edit cj kubevuln-scheduler\n\n\nView your image vulnerabilities scan summaries:\n> kubectl get vulnerabilitymanifestsummaries -A\n\nDetailed reports are also available:\n> kubectl get vulnerabilitymanifests -A\n\nkubescape-operator generates suggested network policies. To view them: \n> kubectl get generatednetworkpolicies -n \n\n" 2: | apiVersion: v1 data: @@ -8549,7 +8547,7 @@ disable otel: app: gateway app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: gateway - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/ignore: "true" kubescape.io/tier: core tier: ks-control-plane @@ -8784,7 +8782,7 @@ disable otel: app: kollector app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kollector - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -9172,7 +9170,7 @@ disable otel: app: kubescape app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubescape - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/ignore: "true" kubescape.io/tier: core tier: ks-control-plane @@ -9201,7 +9199,7 @@ disable otel: app: kubescape app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubescape - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -9642,7 +9640,7 @@ disable otel: app: kubevuln app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubevuln - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -9922,7 +9920,7 @@ disable otel: app: node-agent app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: node-agent - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -9962,7 +9960,7 @@ disable otel: fieldRef: fieldPath: metadata.namespace - name: NodeName - image: quay.io/kubescape/node-agent:v0.2.109 + image: quay.io/kubescape/node-agent:v0.2.114 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -10255,7 +10253,7 @@ disable otel: app: operator app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: operator - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -10269,7 +10267,7 @@ disable otel: - 2>&1 env: - name: HELM_RELEASE - value: kubescape-operator-1.20.4 + value: kubescape-operator-1.20.5 - name: GOMEMLIMIT value: 100MiB - name: KS_LOGGER_LEVEL @@ -10571,7 +10569,7 @@ disable otel: app: otel-collector app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: otel-collector - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/ignore: "true" kubescape.io/tier: core tier: ks-control-plane @@ -10700,7 +10698,7 @@ disable otel: app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: service-discovery - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 otel: enabled tier: ks-control-plane name: RELEASE-NAME @@ -11489,7 +11487,7 @@ disable otel: app: synchronizer app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: synchronizer - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -11501,7 +11499,7 @@ disable otel: - /usr/bin/client env: - name: HELM_RELEASE - value: kubescape-operator-1.20.4 + value: kubescape-operator-1.20.5 - name: GOMEMLIMIT value: 250MiB - name: KS_LOGGER_LEVEL @@ -11605,7 +11603,7 @@ disable otel: namespace: kubescape minimal capabilities: 1: | - raw: "Thank you for installing kubescape-operator version 1.20.4.\n\n\n\n\nView your image vulnerabilities scan summaries:\n> kubectl get vulnerabilitymanifestsummaries -A\n\nDetailed reports are also available:\n> kubectl get vulnerabilitymanifests -A\n\nkubescape-operator generates suggested network policies. To view them: \n> kubectl get generatednetworkpolicies -n \n\n" + raw: "Thank you for installing kubescape-operator version 1.20.5.\n\n\n\n\nView your image vulnerabilities scan summaries:\n> kubectl get vulnerabilitymanifestsummaries -A\n\nDetailed reports are also available:\n> kubectl get vulnerabilitymanifests -A\n\nkubescape-operator generates suggested network policies. To view them: \n> kubectl get generatednetworkpolicies -n \n\n" 2: | apiVersion: v1 data: @@ -11923,7 +11921,7 @@ minimal capabilities: app: kubescape app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubescape - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/ignore: "true" kubescape.io/tier: core tier: ks-control-plane @@ -11952,7 +11950,7 @@ minimal capabilities: app: kubescape app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubescape - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -12312,7 +12310,7 @@ minimal capabilities: app: kubevuln app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: kubevuln - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -12589,7 +12587,7 @@ minimal capabilities: app: node-agent app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: node-agent - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -12629,7 +12627,7 @@ minimal capabilities: fieldRef: fieldPath: metadata.namespace - name: NodeName - image: quay.io/kubescape/node-agent:v0.2.109 + image: quay.io/kubescape/node-agent:v0.2.114 imagePullPolicy: IfNotPresent livenessProbe: httpGet: @@ -12919,7 +12917,7 @@ minimal capabilities: app: operator app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: operator - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/tier: core otel: enabled tier: ks-control-plane @@ -12933,7 +12931,7 @@ minimal capabilities: - 2>&1 env: - name: HELM_RELEASE - value: kubescape-operator-1.20.4 + value: kubescape-operator-1.20.5 - name: GOMEMLIMIT value: 100MiB - name: KS_LOGGER_LEVEL @@ -13170,7 +13168,7 @@ minimal capabilities: app: otel-collector app.kubernetes.io/instance: RELEASE-NAME app.kubernetes.io/name: otel-collector - helm.sh/chart: kubescape-operator-1.20.4 + helm.sh/chart: kubescape-operator-1.20.5 kubescape.io/ignore: "true" kubescape.io/tier: core tier: ks-control-plane diff --git a/charts/kubescape-operator/values.yaml b/charts/kubescape-operator/values.yaml index e3bf81e8..cc1658ce 100644 --- a/charts/kubescape-operator/values.yaml +++ b/charts/kubescape-operator/values.yaml @@ -491,7 +491,7 @@ nodeAgent: image: # -- source code: https://github.com/kubescape/node-agent repository: quay.io/kubescape/node-agent - tag: v0.2.109 + tag: v0.2.114 pullPolicy: IfNotPresent config: