From 8cf2f584b8a956eb1fcea6f6c875702f490d048b Mon Sep 17 00:00:00 2001 From: Fanny Jiang Date: Wed, 11 Sep 2024 12:22:36 -0400 Subject: [PATCH] add providers.gke.gdc option to datadog chart --- charts/datadog/Chart.yaml | 2 +- charts/datadog/README.md | 3 +- charts/datadog/templates/NOTES.txt | 2 +- .../datadog/templates/_container-agent.yaml | 11 +- .../templates/_containers-common-env.yaml | 6 + .../templates/_containers-init-linux.yaml | 4 +- .../templates/_daemonset-volumes-linux.yaml | 19 +- charts/datadog/templates/_helpers.tpl | 10 +- .../templates/_processes-common-env.yaml | 4 +- charts/datadog/templates/daemonset.yaml | 4 +- .../baseline/DatadogAgent_CRD_default.yaml | 3804 ----------------- ...gent-clusterchecks-deployment_default.yaml | 12 +- .../cluster-agent-deployment_default.yaml | 16 +- ...loyment_default_advanced_AC_injection.yaml | 16 +- ...ployment_default_minimal_AC_injection.yaml | 18 +- test/datadog/baseline/daemonset_default.yaml | 52 +- test/datadog/baseline/other_default.yaml | 142 +- test/datadog/gdc_test.go | 94 + 18 files changed, 264 insertions(+), 3955 deletions(-) create mode 100644 test/datadog/gdc_test.go diff --git a/charts/datadog/Chart.yaml b/charts/datadog/Chart.yaml index 9f0b0f3a0..ffcab874d 100644 --- a/charts/datadog/Chart.yaml +++ b/charts/datadog/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v1 name: datadog -version: 3.70.7 +version: 3.71.0 appVersion: "7" description: Datadog Agent keywords: diff --git a/charts/datadog/README.md b/charts/datadog/README.md index 0edef6a9e..fc773bf14 100644 --- a/charts/datadog/README.md +++ b/charts/datadog/README.md @@ -1,6 +1,6 @@ # Datadog -![Version: 3.70.7](https://img.shields.io/badge/Version-3.70.7-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square) +![Version: 3.71.0](https://img.shields.io/badge/Version-3.71.0-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square) [Datadog](https://www.datadoghq.com/) is a hosted infrastructure monitoring platform. This chart adds the Datadog Agent to all nodes in your cluster via a DaemonSet. It also optionally depends on the [kube-state-metrics chart](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics). For more information about monitoring Kubernetes with Datadog, please refer to the [Datadog documentation website](https://docs.datadoghq.com/agent/basic_agent_usage/kubernetes/). @@ -871,6 +871,7 @@ helm install \ | providers.eks.ec2.useHostnameFromFile | bool | `false` | Use hostname from EC2 filesystem instead of fetching from metadata endpoint. | | providers.gke.autopilot | bool | `false` | Enables Datadog Agent deployment on GKE Autopilot | | providers.gke.cos | bool | `false` | Enables Datadog Agent deployment on GKE with Container-Optimized OS (COS) | +| providers.gke.gdc | bool | `false` | Enables Datadog Agent deployment on GKE on Google Distributed Cloud (GDC) | | registry | string | `nil` | Registry to use for all Agent images (default to [gcr.io | eu.gcr.io | asia.gcr.io | public.ecr.aws/datadog] depending on datadog.site value) | | remoteConfiguration.enabled | bool | `true` | Set to true to enable remote configuration on the Cluster Agent (if set) and the node agent. Can be overridden if `datadog.remoteConfiguration.enabled` Preferred way to enable Remote Configuration. | | targetSystem | string | `"linux"` | Target OS for this deployment (possible values: linux, windows) | diff --git a/charts/datadog/templates/NOTES.txt b/charts/datadog/templates/NOTES.txt index fb14226e5..1e2ac127a 100644 --- a/charts/datadog/templates/NOTES.txt +++ b/charts/datadog/templates/NOTES.txt @@ -337,7 +337,7 @@ On GKE Autopilot, only one "datadog" Helm chart release is allowed by Kubernetes {{- end }} -{{- if and (not .Values.providers.gke.autopilot) (not .Values.datadog.clusterName)}} +{{- if and (not .Values.providers.gke.gdc) (not .Values.datadog.clusterName)}} ########################################################################### #### WARNING: Cluster name must be set on Google Distributed Cloud #### diff --git a/charts/datadog/templates/_container-agent.yaml b/charts/datadog/templates/_container-agent.yaml index 4bc77add8..348f3efdf 100644 --- a/charts/datadog/templates/_container-agent.yaml +++ b/charts/datadog/templates/_container-agent.yaml @@ -57,9 +57,8 @@ {{- end }} env: {{- include "containers-common-env" . | nindent 4 }} - {{- include "fips-envvar" . | nindent 4 }} - {{- include "processes-common-envs" . | nindent 4 }} - + {{- include "fips-envvar" . | indent 4 }} + {{- include "processes-common-envs" . | indent 4 }} {{- if .Values.datadog.logLevel }} - name: DD_LOG_LEVEL value: {{ .Values.agents.containers.agent.logLevel | default .Values.datadog.logLevel | quote }} @@ -121,7 +120,7 @@ - name: DD_HEALTH_PORT {{- $healthPort := .Values.agents.containers.agent.healthPort }} value: {{ $healthPort | quote }} - {{- if eq .Values.targetSystem "linux" }} + {{- if and (eq .Values.targetSystem "linux") (not .Values.providers.gke.gdc) }} - name: DD_DOGSTATSD_SOCKET value: {{ .Values.datadog.dogstatsd.socketPath | quote }} {{- end }} @@ -208,7 +207,7 @@ subPath: install_info mountPath: /etc/datadog-agent/install_info readOnly: true - {{- include "linux-container-host-release-volumemounts" . | nindent 4 }} + {{- include "linux-container-host-release-volumemounts" . | indent 4 }} {{- if eq (include "should-mount-fips-configmap" .) "true" }} {{- include "linux-container-fips-proxy-cfg-volumemount" . | nindent 4 }} {{- end }} @@ -220,7 +219,7 @@ - name: auth-token mountPath: {{ template "datadog.confPath" . }}/auth readOnly: false # Need RW to write auth token - {{- end }} + {{- end -}} {{- if not .Values.providers.gke.gdc }} - name: tmpdir mountPath: /tmp diff --git a/charts/datadog/templates/_containers-common-env.yaml b/charts/datadog/templates/_containers-common-env.yaml index dfb27ea2d..11dc763e1 100644 --- a/charts/datadog/templates/_containers-common-env.yaml +++ b/charts/datadog/templates/_containers-common-env.yaml @@ -29,6 +29,12 @@ - name: DD_KUBERNETES_HTTPS_KUBELET_PORT value: "0" {{- end }} +{{- if .Values.providers.gke.gdc }} +- name: DD_HOSTNAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName +{{- end }} {{- if eq .Values.targetSystem "linux" }} {{- if .Values.providers.eks.ec2.useHostnameFromFile }} - name: DD_HOSTNAME_FILE diff --git a/charts/datadog/templates/_containers-init-linux.yaml b/charts/datadog/templates/_containers-init-linux.yaml index 04ab2e39b..fd0636250 100644 --- a/charts/datadog/templates/_containers-init-linux.yaml +++ b/charts/datadog/templates/_containers-init-linux.yaml @@ -1,7 +1,7 @@ {{- define "containers-init-linux" -}} - name: init-volume {{- if not .Values.providers.gke.autopilot }} -{{ include "generate-security-context" (dict "securityContext" .Values.agents.containers.initContainers.securityContext "targetSystem" .Values.targetSystem "seccomp" "" "kubeversion" .Capabilities.KubeVersion.Version) | indent 2 }} +{{- include "generate-security-context" (dict "securityContext" .Values.agents.containers.initContainers.securityContext "targetSystem" .Values.targetSystem "seccomp" "" "kubeversion" .Capabilities.KubeVersion.Version) | indent 2 }} {{- end }} image: "{{ include "image-path" (dict "root" .Values "image" .Values.agents.image) }}" imagePullPolicy: {{ .Values.agents.image.pullPolicy }} @@ -16,7 +16,7 @@ {{ toYaml .Values.agents.containers.initContainers.resources | indent 4 }} - name: init-config {{- if not .Values.providers.gke.autopilot }} -{{ include "generate-security-context" (dict "securityContext" .Values.agents.containers.initContainers.securityContext "targetSystem" .Values.targetSystem "seccomp" "" "kubeversion" .Capabilities.KubeVersion.Version) | indent 2 }} +{{- include "generate-security-context" (dict "securityContext" .Values.agents.containers.initContainers.securityContext "targetSystem" .Values.targetSystem "seccomp" "" "kubeversion" .Capabilities.KubeVersion.Version) | indent 2 }} {{- end }} image: "{{ include "image-path" (dict "root" .Values "image" .Values.agents.image) }}" imagePullPolicy: {{ .Values.agents.image.pullPolicy }} diff --git a/charts/datadog/templates/_daemonset-volumes-linux.yaml b/charts/datadog/templates/_daemonset-volumes-linux.yaml index 39ce80f63..f088eb837 100644 --- a/charts/datadog/templates/_daemonset-volumes-linux.yaml +++ b/charts/datadog/templates/_daemonset-volumes-linux.yaml @@ -3,13 +3,15 @@ emptyDir: {} - name: tmpdir emptyDir: {} +{{- if not .Values.providers.gke.gdc }} - hostPath: path: /proc name: procdir - hostPath: path: /sys/fs/cgroup name: cgroups -{{- if and (not .Values.providers.gke.autopilot) (or .Values.datadog.systemProbe.osReleasePath .Values.datadog.osReleasePath .Values.datadog.sbom.host.enabled) }} +{{- end }} +{{- if and (not (or .Values.providers.gke.autopilot .Values.providers.gke.gdc)) (or .Values.datadog.systemProbe.osReleasePath .Values.datadog.osReleasePath .Values.datadog.sbom.host.enabled) }} - hostPath: path: {{ .Values.datadog.systemProbe.osReleasePath | default .Values.datadog.osReleasePath }} name: os-release-file @@ -181,6 +183,18 @@ {{- end }} {{- end }} {{- if or .Values.datadog.logs.enabled .Values.datadog.logsEnabled }} +{{- if .Values.providers.gke.gdc }} +- name: pointerdir + emptyDir: {} +- name: logpodpath + emptyDir: {} +- name: logscontainerspath + emptyDir: {} +{{- if not .Values.datadog.criSocketPath }} +- name: logdockercontainerpath + emptyDir: {} +{{- end }} +{{ else }} - hostPath: path: {{ template "datadog.hostMountRoot" . }}/logs name: pointerdir @@ -196,7 +210,8 @@ name: logdockercontainerpath {{- end }} {{- end }} -{{- if .Values.datadog.containerRuntimeSupport.enabled }} +{{- end }} +{{- if and (.Values.datadog.containerRuntimeSupport.enabled) (not .Values.providers.gke.gdc) }} - hostPath: path: {{ dir (include "datadog.dockerOrCriSocketPath" .) }} name: runtimesocketdir diff --git a/charts/datadog/templates/_helpers.tpl b/charts/datadog/templates/_helpers.tpl index b7a40d791..eaae463a8 100644 --- a/charts/datadog/templates/_helpers.tpl +++ b/charts/datadog/templates/_helpers.tpl @@ -869,7 +869,7 @@ false Returns whether Remote Configuration should be enabled in the agent */}} {{- define "datadog-remoteConfiguration-enabled" -}} -{{- if and (.Values.remoteConfiguration.enabled) (.Values.datadog.remoteConfiguration.enabled) -}} +{{- if and (.Values.remoteConfiguration.enabled) (.Values.datadog.remoteConfiguration.enabled) (not .Values.providers.gke.gdc ) -}} true {{- else -}} false @@ -946,7 +946,7 @@ Create RBACs for custom resources Return true if any process-related check is enabled */}} {{- define "process-checks-enabled" -}} - {{- if or .Values.datadog.processAgent.containerCollection .Values.datadog.processAgent.processCollection .Values.datadog.processAgent.processDiscovery (eq (include "language-detection-enabled" .) "true") -}} + {{- if and (or .Values.datadog.processAgent.containerCollection .Values.datadog.processAgent.processCollection .Values.datadog.processAgent.processDiscovery (eq (include "language-detection-enabled" .) "true")) (not .Values.providers.gke.gdc) -}} true {{- else -}} false @@ -974,6 +974,8 @@ Create RBACs for custom resources {{- include "get-process-checks-in-core-agent-envvar" . -}} {{- else if and (not .Values.agents.image.doNotCheckTag) .Values.datadog.processAgent.runInCoreAgent (semverCompare ">=7.53.0-0" (include "get-agent-version" .)) -}} true + {{- else if .Values.providers.gke.gdc }} + false {{- else -}} false {{- end -}} @@ -989,8 +991,10 @@ Create RBACs for custom resources true {{- else if (eq (include "should-run-process-checks-on-core-agent" .) "true") -}} false - {{- else -}} + {{- else if (not .Values.providers.gke.gdc) -}} {{- include "process-checks-enabled" . -}} + {{- else -}} + false {{- end -}} {{- end -}} diff --git a/charts/datadog/templates/_processes-common-env.yaml b/charts/datadog/templates/_processes-common-env.yaml index 41f723d26..65fcd07f8 100644 --- a/charts/datadog/templates/_processes-common-env.yaml +++ b/charts/datadog/templates/_processes-common-env.yaml @@ -1,5 +1,6 @@ # Defines set of environment variables for Processes-related checks. {{- define "processes-common-envs" -}} +{{- if not .Values.providers.gke.gdc }} - name: DD_PROCESS_CONFIG_PROCESS_COLLECTION_ENABLED value: {{ .Values.datadog.processAgent.processCollection | quote }} - name: DD_PROCESS_CONFIG_CONTAINER_COLLECTION_ENABLED @@ -11,5 +12,6 @@ {{- if and (eq .Values.targetSystem "linux") (eq (include "get-process-checks-in-core-agent-envvar" .) "") }} - name: DD_PROCESS_CONFIG_RUN_IN_CORE_AGENT_ENABLED value: {{ (include "should-run-process-checks-on-core-agent" .) | quote }} -{{- end }} +{{- end }} +{{- end }} {{- end -}} diff --git a/charts/datadog/templates/daemonset.yaml b/charts/datadog/templates/daemonset.yaml index ab01e002e..755c5b0a4 100644 --- a/charts/datadog/templates/daemonset.yaml +++ b/charts/datadog/templates/daemonset.yaml @@ -139,7 +139,7 @@ spec: {{ include "containers-init-windows" . | nindent 6 }} {{- end }} {{- if eq .Values.targetSystem "linux" }} - {{ include "containers-init-linux" . | nindent 6 }} + {{- include "containers-init-linux" . | nindent 6 -}} {{- end }} {{- if and (eq (include "should-enable-system-probe" .) "true") (eq .Values.datadog.systemProbe.seccomp "localhost/system-probe") }} {{ include "system-probe-init" . | nindent 6 }} @@ -167,7 +167,7 @@ spec: {{- if eq .Values.targetSystem "windows" }} {{ include "daemonset-volumes-windows" . | nindent 6 }} {{- end }} - {{- if and (eq .Values.targetSystem "linux") (not .Values.providers.gke.gdc) }} + {{- if and (eq .Values.targetSystem "linux") }} {{ include "daemonset-volumes-linux" . | nindent 6 }} {{- end }} {{- if eq (include "should-enable-otel-agent" .) "true" }} diff --git a/test/datadog-operator/baseline/DatadogAgent_CRD_default.yaml b/test/datadog-operator/baseline/DatadogAgent_CRD_default.yaml index d241a6bc6..e69de29bb 100644 --- a/test/datadog-operator/baseline/DatadogAgent_CRD_default.yaml +++ b/test/datadog-operator/baseline/DatadogAgent_CRD_default.yaml @@ -1,3804 +0,0 @@ ---- -# Source: datadog-operator/charts/datadogCRDs/templates/datadoghq.com_datadogagents_v1.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.14.0 - name: datadogagents.datadoghq.com - labels: - helm.sh/chart: 'datadogCRDs-2.0.0' - app.kubernetes.io/managed-by: 'Helm' - app.kubernetes.io/name: 'datadogCRDs' - app.kubernetes.io/instance: 'datadog-operator' -spec: - group: datadoghq.com - names: - kind: DatadogAgent - listKind: DatadogAgentList - plural: datadogagents - shortNames: - - dd - singular: datadogagent - scope: Namespaced - versions: - - additionalPrinterColumns: - - jsonPath: .status.agent.status - name: agent - type: string - - jsonPath: .status.clusterAgent.status - name: cluster-agent - type: string - - jsonPath: .status.clusterChecksRunner.status - name: cluster-checks-runner - type: string - - jsonPath: .metadata.creationTimestamp - name: age - type: date - name: v2alpha1 - schema: - openAPIV3Schema: - properties: - apiVersion: - type: string - kind: - type: string - metadata: - type: object - spec: - properties: - features: - properties: - admissionController: - properties: - agentCommunicationMode: - type: string - agentSidecarInjection: - properties: - clusterAgentCommunicationEnabled: - type: boolean - enabled: - type: boolean - image: - properties: - jmxEnabled: - type: boolean - name: - type: string - pullPolicy: - type: string - pullSecrets: - items: - properties: - name: - type: string - type: object - x-kubernetes-map-type: atomic - type: array - tag: - type: string - type: object - profiles: - items: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - resources: - properties: - claims: - items: - properties: - name: - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - type: object - type: array - x-kubernetes-list-type: atomic - provider: - type: string - registry: - type: string - selectors: - items: - properties: - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - objectSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - type: object - type: array - x-kubernetes-list-type: atomic - type: object - cwsInstrumentation: - properties: - enabled: - type: boolean - mode: - type: string - type: object - enabled: - type: boolean - failurePolicy: - type: string - mutateUnlabelled: - type: boolean - registry: - type: string - serviceName: - type: string - webhookName: - type: string - type: object - apm: - properties: - enabled: - type: boolean - hostPortConfig: - properties: - enabled: - type: boolean - hostPort: - format: int32 - type: integer - type: object - instrumentation: - properties: - disabledNamespaces: - items: - type: string - type: array - x-kubernetes-list-type: set - enabled: - type: boolean - enabledNamespaces: - items: - type: string - type: array - x-kubernetes-list-type: set - languageDetection: - properties: - enabled: - type: boolean - type: object - libVersions: - additionalProperties: - type: string - type: object - type: object - unixDomainSocketConfig: - properties: - enabled: - type: boolean - path: - type: string - type: object - type: object - asm: - properties: - iast: - properties: - enabled: - type: boolean - type: object - sca: - properties: - enabled: - type: boolean - type: object - threats: - properties: - enabled: - type: boolean - type: object - type: object - autoscaling: - properties: - workload: - properties: - enabled: - type: boolean - type: object - type: object - clusterChecks: - properties: - enabled: - type: boolean - useClusterChecksRunners: - type: boolean - type: object - cspm: - properties: - checkInterval: - type: string - customBenchmarks: - properties: - configData: - type: string - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - x-kubernetes-list-map-keys: - - key - x-kubernetes-list-type: map - name: - type: string - type: object - type: object - enabled: - type: boolean - hostBenchmarks: - properties: - enabled: - type: boolean - type: object - type: object - cws: - properties: - customPolicies: - properties: - configData: - type: string - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - x-kubernetes-list-map-keys: - - key - x-kubernetes-list-type: map - name: - type: string - type: object - type: object - enabled: - type: boolean - network: - properties: - enabled: - type: boolean - type: object - remoteConfiguration: - properties: - enabled: - type: boolean - type: object - securityProfiles: - properties: - enabled: - type: boolean - type: object - syscallMonitorEnabled: - type: boolean - type: object - dogstatsd: - properties: - hostPortConfig: - properties: - enabled: - type: boolean - hostPort: - format: int32 - type: integer - type: object - mapperProfiles: - properties: - configData: - type: string - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - x-kubernetes-list-map-keys: - - key - x-kubernetes-list-type: map - name: - type: string - type: object - type: object - originDetectionEnabled: - type: boolean - tagCardinality: - type: string - unixDomainSocketConfig: - properties: - enabled: - type: boolean - path: - type: string - type: object - type: object - ebpfCheck: - properties: - enabled: - type: boolean - type: object - eventCollection: - properties: - collectKubernetesEvents: - type: boolean - collectedEventTypes: - items: - properties: - kind: - type: string - reasons: - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - kind - - reasons - type: object - type: array - x-kubernetes-list-type: atomic - unbundleEvents: - type: boolean - type: object - externalMetricsServer: - properties: - enabled: - type: boolean - endpoint: - properties: - credentials: - properties: - apiKey: - type: string - apiSecret: - properties: - keyName: - type: string - secretName: - type: string - required: - - secretName - type: object - appKey: - type: string - appSecret: - properties: - keyName: - type: string - secretName: - type: string - required: - - secretName - type: object - type: object - url: - type: string - type: object - port: - format: int32 - type: integer - registerAPIService: - type: boolean - useDatadogMetrics: - type: boolean - wpaController: - type: boolean - type: object - helmCheck: - properties: - collectEvents: - type: boolean - enabled: - type: boolean - valuesAsTags: - additionalProperties: - type: string - type: object - type: object - kubeStateMetricsCore: - properties: - conf: - properties: - configData: - type: string - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - x-kubernetes-list-map-keys: - - key - x-kubernetes-list-type: map - name: - type: string - type: object - type: object - enabled: - type: boolean - type: object - liveContainerCollection: - properties: - enabled: - type: boolean - type: object - liveProcessCollection: - properties: - enabled: - type: boolean - scrubProcessArguments: - type: boolean - stripProcessArguments: - type: boolean - type: object - logCollection: - properties: - containerCollectAll: - type: boolean - containerCollectUsingFiles: - type: boolean - containerLogsPath: - type: string - containerSymlinksPath: - type: string - enabled: - type: boolean - openFilesLimit: - format: int32 - type: integer - podLogsPath: - type: string - tempStoragePath: - type: string - type: object - npm: - properties: - collectDNSStats: - type: boolean - enableConntrack: - type: boolean - enabled: - type: boolean - type: object - oomKill: - properties: - enabled: - type: boolean - type: object - orchestratorExplorer: - properties: - conf: - properties: - configData: - type: string - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - x-kubernetes-list-map-keys: - - key - x-kubernetes-list-type: map - name: - type: string - type: object - type: object - customResources: - items: - type: string - type: array - x-kubernetes-list-type: set - ddUrl: - type: string - enabled: - type: boolean - extraTags: - items: - type: string - type: array - x-kubernetes-list-type: set - scrubContainers: - type: boolean - type: object - otlp: - properties: - receiver: - properties: - protocols: - properties: - grpc: - properties: - enabled: - type: boolean - endpoint: - type: string - type: object - http: - properties: - enabled: - type: boolean - endpoint: - type: string - type: object - type: object - type: object - type: object - processDiscovery: - properties: - enabled: - type: boolean - type: object - prometheusScrape: - properties: - additionalConfigs: - type: string - enableServiceEndpoints: - type: boolean - enabled: - type: boolean - version: - type: integer - type: object - remoteConfiguration: - properties: - enabled: - type: boolean - type: object - sbom: - properties: - containerImage: - properties: - analyzers: - items: - type: string - type: array - x-kubernetes-list-type: set - enabled: - type: boolean - overlayFSDirectScan: - type: boolean - uncompressedLayersSupport: - type: boolean - type: object - enabled: - type: boolean - host: - properties: - analyzers: - items: - type: string - type: array - x-kubernetes-list-type: set - enabled: - type: boolean - type: object - type: object - tcpQueueLength: - properties: - enabled: - type: boolean - type: object - usm: - properties: - enabled: - type: boolean - type: object - type: object - global: - properties: - clusterAgentToken: - type: string - clusterAgentTokenSecret: - properties: - keyName: - type: string - secretName: - type: string - required: - - secretName - type: object - clusterName: - type: string - containerStrategy: - type: string - credentials: - properties: - apiKey: - type: string - apiSecret: - properties: - keyName: - type: string - secretName: - type: string - required: - - secretName - type: object - appKey: - type: string - appSecret: - properties: - keyName: - type: string - secretName: - type: string - required: - - secretName - type: object - type: object - criSocketPath: - type: string - disableNonResourceRules: - type: boolean - dockerSocketPath: - type: string - endpoint: - properties: - credentials: - properties: - apiKey: - type: string - apiSecret: - properties: - keyName: - type: string - secretName: - type: string - required: - - secretName - type: object - appKey: - type: string - appSecret: - properties: - keyName: - type: string - secretName: - type: string - required: - - secretName - type: object - type: object - url: - type: string - type: object - fips: - properties: - customFIPSConfig: - properties: - configData: - type: string - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - x-kubernetes-list-map-keys: - - key - x-kubernetes-list-type: map - name: - type: string - type: object - type: object - enabled: - type: boolean - image: - properties: - jmxEnabled: - type: boolean - name: - type: string - pullPolicy: - type: string - pullSecrets: - items: - properties: - name: - type: string - type: object - x-kubernetes-map-type: atomic - type: array - tag: - type: string - type: object - localAddress: - type: string - port: - format: int32 - type: integer - portRange: - format: int32 - type: integer - resources: - properties: - claims: - items: - properties: - name: - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - useHTTPS: - type: boolean - type: object - kubelet: - properties: - agentCAPath: - type: string - host: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - hostCAPath: - type: string - tlsVerify: - type: boolean - type: object - localService: - properties: - forceEnableLocalService: - type: boolean - nameOverride: - type: string - type: object - logLevel: - type: string - namespaceAnnotationsAsTags: - additionalProperties: - type: string - type: object - namespaceLabelsAsTags: - additionalProperties: - type: string - type: object - networkPolicy: - properties: - create: - type: boolean - dnsSelectorEndpoints: - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - type: array - x-kubernetes-list-type: atomic - flavor: - type: string - type: object - nodeLabelsAsTags: - additionalProperties: - type: string - type: object - originDetectionUnified: - properties: - enabled: - type: boolean - type: object - podAnnotationsAsTags: - additionalProperties: - type: string - type: object - podLabelsAsTags: - additionalProperties: - type: string - type: object - registry: - type: string - site: - type: string - tags: - items: - type: string - type: array - x-kubernetes-list-type: set - type: object - override: - additionalProperties: - properties: - affinity: - properties: - nodeAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - preference: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - x-kubernetes-map-type: atomic - weight: - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - properties: - nodeSelectorTerms: - items: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - x-kubernetes-map-type: atomic - type: array - required: - - nodeSelectorTerms - type: object - x-kubernetes-map-type: atomic - type: object - podAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - podAntiAffinity: - properties: - preferredDuringSchedulingIgnoredDuringExecution: - items: - properties: - podAffinityTerm: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - weight: - format: int32 - type: integer - required: - - podAffinityTerm - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - items: - properties: - labelSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - namespaces: - items: - type: string - type: array - topologyKey: - type: string - required: - - topologyKey - type: object - type: array - type: object - type: object - annotations: - additionalProperties: - type: string - type: object - containers: - additionalProperties: - properties: - appArmorProfileName: - type: string - args: - items: - type: string - type: array - x-kubernetes-list-type: atomic - command: - items: - type: string - type: array - x-kubernetes-list-type: atomic - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - healthPort: - format: int32 - type: integer - livenessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - required: - - port - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - logLevel: - type: string - name: - type: string - readinessProbe: - properties: - exec: - properties: - command: - items: - type: string - type: array - type: object - failureThreshold: - format: int32 - type: integer - grpc: - properties: - port: - format: int32 - type: integer - service: - type: string - required: - - port - type: object - httpGet: - properties: - host: - type: string - httpHeaders: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - path: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - scheme: - type: string - required: - - port - type: object - initialDelaySeconds: - format: int32 - type: integer - periodSeconds: - format: int32 - type: integer - successThreshold: - format: int32 - type: integer - tcpSocket: - properties: - host: - type: string - port: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - required: - - port - type: object - terminationGracePeriodSeconds: - format: int64 - type: integer - timeoutSeconds: - format: int32 - type: integer - type: object - resources: - properties: - claims: - items: - properties: - name: - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - seccompConfig: - properties: - customProfile: - properties: - configData: - type: string - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - x-kubernetes-list-map-keys: - - key - x-kubernetes-list-type: map - name: - type: string - type: object - type: object - customRootPath: - type: string - type: object - securityContext: - properties: - allowPrivilegeEscalation: - type: boolean - capabilities: - properties: - add: - items: - type: string - type: array - drop: - items: - type: string - type: array - type: object - privileged: - type: boolean - procMount: - type: string - readOnlyRootFilesystem: - type: boolean - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - properties: - localhostProfile: - type: string - type: - type: string - required: - - type - type: object - windowsOptions: - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - volumeMounts: - items: - properties: - mountPath: - type: string - mountPropagation: - type: string - name: - type: string - readOnly: - type: boolean - subPath: - type: string - subPathExpr: - type: string - required: - - mountPath - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - - mountPath - x-kubernetes-list-type: map - type: object - type: object - createRbac: - type: boolean - customConfigurations: - additionalProperties: - properties: - configData: - type: string - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - x-kubernetes-list-map-keys: - - key - x-kubernetes-list-type: map - name: - type: string - type: object - type: object - type: object - disabled: - type: boolean - dnsConfig: - properties: - nameservers: - items: - type: string - type: array - options: - items: - properties: - name: - type: string - value: - type: string - type: object - type: array - searches: - items: - type: string - type: array - type: object - dnsPolicy: - type: string - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - extraChecksd: - properties: - configDataMap: - additionalProperties: - type: string - type: object - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - x-kubernetes-list-map-keys: - - key - x-kubernetes-list-type: map - name: - type: string - type: object - type: object - extraConfd: - properties: - configDataMap: - additionalProperties: - type: string - type: object - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - x-kubernetes-list-map-keys: - - key - x-kubernetes-list-type: map - name: - type: string - type: object - type: object - hostNetwork: - type: boolean - hostPID: - type: boolean - image: - properties: - jmxEnabled: - type: boolean - name: - type: string - pullPolicy: - type: string - pullSecrets: - items: - properties: - name: - type: string - type: object - x-kubernetes-map-type: atomic - type: array - tag: - type: string - type: object - labels: - additionalProperties: - type: string - type: object - name: - type: string - nodeSelector: - additionalProperties: - type: string - type: object - priorityClassName: - type: string - replicas: - format: int32 - type: integer - securityContext: - properties: - fsGroup: - format: int64 - type: integer - fsGroupChangePolicy: - type: string - runAsGroup: - format: int64 - type: integer - runAsNonRoot: - type: boolean - runAsUser: - format: int64 - type: integer - seLinuxOptions: - properties: - level: - type: string - role: - type: string - type: - type: string - user: - type: string - type: object - seccompProfile: - properties: - localhostProfile: - type: string - type: - type: string - required: - - type - type: object - supplementalGroups: - items: - format: int64 - type: integer - type: array - sysctls: - items: - properties: - name: - type: string - value: - type: string - required: - - name - - value - type: object - type: array - windowsOptions: - properties: - gmsaCredentialSpec: - type: string - gmsaCredentialSpecName: - type: string - hostProcess: - type: boolean - runAsUserName: - type: string - type: object - type: object - serviceAccountName: - type: string - tolerations: - items: - properties: - effect: - type: string - key: - type: string - operator: - type: string - tolerationSeconds: - format: int64 - type: integer - value: - type: string - type: object - type: array - x-kubernetes-list-type: atomic - updateStrategy: - properties: - rollingUpdate: - properties: - maxSurge: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - maxUnavailable: - anyOf: - - type: integer - - type: string - x-kubernetes-int-or-string: true - type: object - type: - type: string - type: object - volumes: - items: - properties: - awsElasticBlockStore: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - azureDisk: - properties: - cachingMode: - type: string - diskName: - type: string - diskURI: - type: string - fsType: - type: string - kind: - type: string - readOnly: - type: boolean - required: - - diskName - - diskURI - type: object - azureFile: - properties: - readOnly: - type: boolean - secretName: - type: string - shareName: - type: string - required: - - secretName - - shareName - type: object - cephfs: - properties: - monitors: - items: - type: string - type: array - path: - type: string - readOnly: - type: boolean - secretFile: - type: string - secretRef: - properties: - name: - type: string - type: object - x-kubernetes-map-type: atomic - user: - type: string - required: - - monitors - type: object - cinder: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - x-kubernetes-map-type: atomic - volumeID: - type: string - required: - - volumeID - type: object - configMap: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - x-kubernetes-map-type: atomic - csi: - properties: - driver: - type: string - fsType: - type: string - nodePublishSecretRef: - properties: - name: - type: string - type: object - x-kubernetes-map-type: atomic - readOnly: - type: boolean - volumeAttributes: - additionalProperties: - type: string - type: object - required: - - driver - type: object - downwardAPI: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - required: - - path - type: object - type: array - type: object - emptyDir: - properties: - medium: - type: string - sizeLimit: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - ephemeral: - properties: - volumeClaimTemplate: - properties: - metadata: - type: object - spec: - properties: - accessModes: - items: - type: string - type: array - dataSource: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - required: - - kind - - name - type: object - x-kubernetes-map-type: atomic - dataSourceRef: - properties: - apiGroup: - type: string - kind: - type: string - name: - type: string - namespace: - type: string - required: - - kind - - name - type: object - resources: - properties: - claims: - items: - properties: - name: - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - selector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - storageClassName: - type: string - volumeMode: - type: string - volumeName: - type: string - type: object - required: - - spec - type: object - type: object - fc: - properties: - fsType: - type: string - lun: - format: int32 - type: integer - readOnly: - type: boolean - targetWWNs: - items: - type: string - type: array - wwids: - items: - type: string - type: array - type: object - flexVolume: - properties: - driver: - type: string - fsType: - type: string - options: - additionalProperties: - type: string - type: object - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - x-kubernetes-map-type: atomic - required: - - driver - type: object - flocker: - properties: - datasetName: - type: string - datasetUUID: - type: string - type: object - gcePersistentDisk: - properties: - fsType: - type: string - partition: - format: int32 - type: integer - pdName: - type: string - readOnly: - type: boolean - required: - - pdName - type: object - gitRepo: - properties: - directory: - type: string - repository: - type: string - revision: - type: string - required: - - repository - type: object - glusterfs: - properties: - endpoints: - type: string - path: - type: string - readOnly: - type: boolean - required: - - endpoints - - path - type: object - hostPath: - properties: - path: - type: string - type: - type: string - required: - - path - type: object - iscsi: - properties: - chapAuthDiscovery: - type: boolean - chapAuthSession: - type: boolean - fsType: - type: string - initiatorName: - type: string - iqn: - type: string - iscsiInterface: - type: string - lun: - format: int32 - type: integer - portals: - items: - type: string - type: array - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - x-kubernetes-map-type: atomic - targetPortal: - type: string - required: - - iqn - - lun - - targetPortal - type: object - name: - type: string - nfs: - properties: - path: - type: string - readOnly: - type: boolean - server: - type: string - required: - - path - - server - type: object - persistentVolumeClaim: - properties: - claimName: - type: string - readOnly: - type: boolean - required: - - claimName - type: object - photonPersistentDisk: - properties: - fsType: - type: string - pdID: - type: string - required: - - pdID - type: object - portworxVolume: - properties: - fsType: - type: string - readOnly: - type: boolean - volumeID: - type: string - required: - - volumeID - type: object - projected: - properties: - defaultMode: - format: int32 - type: integer - sources: - items: - properties: - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - x-kubernetes-map-type: atomic - downwardAPI: - properties: - items: - items: - properties: - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - mode: - format: int32 - type: integer - path: - type: string - resourceFieldRef: - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - required: - - path - type: object - type: array - type: object - secret: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - name: - type: string - optional: - type: boolean - type: object - x-kubernetes-map-type: atomic - serviceAccountToken: - properties: - audience: - type: string - expirationSeconds: - format: int64 - type: integer - path: - type: string - required: - - path - type: object - type: object - type: array - type: object - quobyte: - properties: - group: - type: string - readOnly: - type: boolean - registry: - type: string - tenant: - type: string - user: - type: string - volume: - type: string - required: - - registry - - volume - type: object - rbd: - properties: - fsType: - type: string - image: - type: string - keyring: - type: string - monitors: - items: - type: string - type: array - pool: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - x-kubernetes-map-type: atomic - user: - type: string - required: - - image - - monitors - type: object - scaleIO: - properties: - fsType: - type: string - gateway: - type: string - protectionDomain: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - x-kubernetes-map-type: atomic - sslEnabled: - type: boolean - storageMode: - type: string - storagePool: - type: string - system: - type: string - volumeName: - type: string - required: - - gateway - - secretRef - - system - type: object - secret: - properties: - defaultMode: - format: int32 - type: integer - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - optional: - type: boolean - secretName: - type: string - type: object - storageos: - properties: - fsType: - type: string - readOnly: - type: boolean - secretRef: - properties: - name: - type: string - type: object - x-kubernetes-map-type: atomic - volumeName: - type: string - volumeNamespace: - type: string - type: object - vsphereVolume: - properties: - fsType: - type: string - storagePolicyID: - type: string - storagePolicyName: - type: string - volumePath: - type: string - required: - - volumePath - type: object - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - type: object - type: object - type: object - status: - properties: - agent: - properties: - available: - format: int32 - type: integer - current: - format: int32 - type: integer - currentHash: - type: string - daemonsetName: - type: string - desired: - format: int32 - type: integer - lastUpdate: - format: date-time - type: string - ready: - format: int32 - type: integer - state: - type: string - status: - type: string - upToDate: - format: int32 - type: integer - required: - - available - - current - - desired - - ready - - upToDate - type: object - agentList: - items: - properties: - available: - format: int32 - type: integer - current: - format: int32 - type: integer - currentHash: - type: string - daemonsetName: - type: string - desired: - format: int32 - type: integer - lastUpdate: - format: date-time - type: string - ready: - format: int32 - type: integer - state: - type: string - status: - type: string - upToDate: - format: int32 - type: integer - required: - - available - - current - - desired - - ready - - upToDate - type: object - type: array - x-kubernetes-list-type: atomic - clusterAgent: - properties: - availableReplicas: - format: int32 - type: integer - currentHash: - type: string - deploymentName: - type: string - generatedToken: - type: string - lastUpdate: - format: date-time - type: string - readyReplicas: - format: int32 - type: integer - replicas: - format: int32 - type: integer - state: - type: string - status: - type: string - unavailableReplicas: - format: int32 - type: integer - updatedReplicas: - format: int32 - type: integer - type: object - clusterChecksRunner: - properties: - availableReplicas: - format: int32 - type: integer - currentHash: - type: string - deploymentName: - type: string - generatedToken: - type: string - lastUpdate: - format: date-time - type: string - readyReplicas: - format: int32 - type: integer - replicas: - format: int32 - type: integer - state: - type: string - status: - type: string - unavailableReplicas: - format: int32 - type: integer - updatedReplicas: - format: int32 - type: integer - type: object - conditions: - items: - properties: - lastTransitionTime: - format: date-time - type: string - message: - maxLength: 32768 - type: string - observedGeneration: - format: int64 - minimum: 0 - type: integer - reason: - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - enum: - - "True" - - "False" - - Unknown - type: string - type: - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - x-kubernetes-list-map-keys: - - type - x-kubernetes-list-type: map - remoteConfigConfiguration: - properties: - features: - properties: - admissionController: - properties: - agentCommunicationMode: - type: string - agentSidecarInjection: - properties: - clusterAgentCommunicationEnabled: - type: boolean - enabled: - type: boolean - image: - properties: - jmxEnabled: - type: boolean - name: - type: string - pullPolicy: - type: string - pullSecrets: - items: - properties: - name: - type: string - type: object - x-kubernetes-map-type: atomic - type: array - tag: - type: string - type: object - profiles: - items: - properties: - env: - items: - properties: - name: - type: string - value: - type: string - valueFrom: - properties: - configMapKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - fieldRef: - properties: - apiVersion: - type: string - fieldPath: - type: string - required: - - fieldPath - type: object - x-kubernetes-map-type: atomic - resourceFieldRef: - properties: - containerName: - type: string - divisor: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - type: string - required: - - resource - type: object - x-kubernetes-map-type: atomic - secretKeyRef: - properties: - key: - type: string - name: - type: string - optional: - type: boolean - required: - - key - type: object - x-kubernetes-map-type: atomic - type: object - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - resources: - properties: - claims: - items: - properties: - name: - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - type: object - type: object - type: object - type: array - x-kubernetes-list-type: atomic - provider: - type: string - registry: - type: string - selectors: - items: - properties: - namespaceSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - objectSelector: - properties: - matchExpressions: - items: - properties: - key: - type: string - operator: - type: string - values: - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - type: object - type: object - x-kubernetes-map-type: atomic - type: object - type: array - x-kubernetes-list-type: atomic - type: object - cwsInstrumentation: - properties: - enabled: - type: boolean - mode: - type: string - type: object - enabled: - type: boolean - failurePolicy: - type: string - mutateUnlabelled: - type: boolean - registry: - type: string - serviceName: - type: string - webhookName: - type: string - type: object - apm: - properties: - enabled: - type: boolean - hostPortConfig: - properties: - enabled: - type: boolean - hostPort: - format: int32 - type: integer - type: object - instrumentation: - properties: - disabledNamespaces: - items: - type: string - type: array - x-kubernetes-list-type: set - enabled: - type: boolean - enabledNamespaces: - items: - type: string - type: array - x-kubernetes-list-type: set - languageDetection: - properties: - enabled: - type: boolean - type: object - libVersions: - additionalProperties: - type: string - type: object - type: object - unixDomainSocketConfig: - properties: - enabled: - type: boolean - path: - type: string - type: object - type: object - asm: - properties: - iast: - properties: - enabled: - type: boolean - type: object - sca: - properties: - enabled: - type: boolean - type: object - threats: - properties: - enabled: - type: boolean - type: object - type: object - autoscaling: - properties: - workload: - properties: - enabled: - type: boolean - type: object - type: object - clusterChecks: - properties: - enabled: - type: boolean - useClusterChecksRunners: - type: boolean - type: object - cspm: - properties: - checkInterval: - type: string - customBenchmarks: - properties: - configData: - type: string - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - x-kubernetes-list-map-keys: - - key - x-kubernetes-list-type: map - name: - type: string - type: object - type: object - enabled: - type: boolean - hostBenchmarks: - properties: - enabled: - type: boolean - type: object - type: object - cws: - properties: - customPolicies: - properties: - configData: - type: string - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - x-kubernetes-list-map-keys: - - key - x-kubernetes-list-type: map - name: - type: string - type: object - type: object - enabled: - type: boolean - network: - properties: - enabled: - type: boolean - type: object - remoteConfiguration: - properties: - enabled: - type: boolean - type: object - securityProfiles: - properties: - enabled: - type: boolean - type: object - syscallMonitorEnabled: - type: boolean - type: object - dogstatsd: - properties: - hostPortConfig: - properties: - enabled: - type: boolean - hostPort: - format: int32 - type: integer - type: object - mapperProfiles: - properties: - configData: - type: string - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - x-kubernetes-list-map-keys: - - key - x-kubernetes-list-type: map - name: - type: string - type: object - type: object - originDetectionEnabled: - type: boolean - tagCardinality: - type: string - unixDomainSocketConfig: - properties: - enabled: - type: boolean - path: - type: string - type: object - type: object - ebpfCheck: - properties: - enabled: - type: boolean - type: object - eventCollection: - properties: - collectKubernetesEvents: - type: boolean - collectedEventTypes: - items: - properties: - kind: - type: string - reasons: - items: - type: string - type: array - x-kubernetes-list-type: atomic - required: - - kind - - reasons - type: object - type: array - x-kubernetes-list-type: atomic - unbundleEvents: - type: boolean - type: object - externalMetricsServer: - properties: - enabled: - type: boolean - endpoint: - properties: - credentials: - properties: - apiKey: - type: string - apiSecret: - properties: - keyName: - type: string - secretName: - type: string - required: - - secretName - type: object - appKey: - type: string - appSecret: - properties: - keyName: - type: string - secretName: - type: string - required: - - secretName - type: object - type: object - url: - type: string - type: object - port: - format: int32 - type: integer - registerAPIService: - type: boolean - useDatadogMetrics: - type: boolean - wpaController: - type: boolean - type: object - helmCheck: - properties: - collectEvents: - type: boolean - enabled: - type: boolean - valuesAsTags: - additionalProperties: - type: string - type: object - type: object - kubeStateMetricsCore: - properties: - conf: - properties: - configData: - type: string - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - x-kubernetes-list-map-keys: - - key - x-kubernetes-list-type: map - name: - type: string - type: object - type: object - enabled: - type: boolean - type: object - liveContainerCollection: - properties: - enabled: - type: boolean - type: object - liveProcessCollection: - properties: - enabled: - type: boolean - scrubProcessArguments: - type: boolean - stripProcessArguments: - type: boolean - type: object - logCollection: - properties: - containerCollectAll: - type: boolean - containerCollectUsingFiles: - type: boolean - containerLogsPath: - type: string - containerSymlinksPath: - type: string - enabled: - type: boolean - openFilesLimit: - format: int32 - type: integer - podLogsPath: - type: string - tempStoragePath: - type: string - type: object - npm: - properties: - collectDNSStats: - type: boolean - enableConntrack: - type: boolean - enabled: - type: boolean - type: object - oomKill: - properties: - enabled: - type: boolean - type: object - orchestratorExplorer: - properties: - conf: - properties: - configData: - type: string - configMap: - properties: - items: - items: - properties: - key: - type: string - mode: - format: int32 - type: integer - path: - type: string - required: - - key - - path - type: object - type: array - x-kubernetes-list-map-keys: - - key - x-kubernetes-list-type: map - name: - type: string - type: object - type: object - customResources: - items: - type: string - type: array - x-kubernetes-list-type: set - ddUrl: - type: string - enabled: - type: boolean - extraTags: - items: - type: string - type: array - x-kubernetes-list-type: set - scrubContainers: - type: boolean - type: object - otlp: - properties: - receiver: - properties: - protocols: - properties: - grpc: - properties: - enabled: - type: boolean - endpoint: - type: string - type: object - http: - properties: - enabled: - type: boolean - endpoint: - type: string - type: object - type: object - type: object - type: object - processDiscovery: - properties: - enabled: - type: boolean - type: object - prometheusScrape: - properties: - additionalConfigs: - type: string - enableServiceEndpoints: - type: boolean - enabled: - type: boolean - version: - type: integer - type: object - remoteConfiguration: - properties: - enabled: - type: boolean - type: object - sbom: - properties: - containerImage: - properties: - analyzers: - items: - type: string - type: array - x-kubernetes-list-type: set - enabled: - type: boolean - overlayFSDirectScan: - type: boolean - uncompressedLayersSupport: - type: boolean - type: object - enabled: - type: boolean - host: - properties: - analyzers: - items: - type: string - type: array - x-kubernetes-list-type: set - enabled: - type: boolean - type: object - type: object - tcpQueueLength: - properties: - enabled: - type: boolean - type: object - usm: - properties: - enabled: - type: boolean - type: object - type: object - type: object - type: object - type: object - served: true - storage: true - subresources: - status: {} \ No newline at end of file diff --git a/test/datadog/baseline/agent-clusterchecks-deployment_default.yaml b/test/datadog/baseline/agent-clusterchecks-deployment_default.yaml index 4cf8b1f8e..2b0535488 100644 --- a/test/datadog/baseline/agent-clusterchecks-deployment_default.yaml +++ b/test/datadog/baseline/agent-clusterchecks-deployment_default.yaml @@ -6,7 +6,7 @@ metadata: name: datadog-clusterchecks namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -36,8 +36,8 @@ spec: name: datadog-clusterchecks annotations: - checksum/clusteragent_token: 898b7de0d59fe1803c9e99f2010332dae52edfc36ef050f7f77c7ab12b8709c5 - checksum/install_info: 88c52cd7ef5158f4eb2738b4c3b575985b7d139c6b2a25213c46c5a6266e22e7 + checksum/clusteragent_token: 80c440624bd8ccc1f8a504f841622b4db0bee833035be0a9618ecc48ddc57ceb + checksum/install_info: d981b555be4a75e224267a779d6b633b9cde1b8258e49b0b42aada13ebc04f41 spec: serviceAccountName: datadog-cluster-checks automountServiceAccountToken: true @@ -45,7 +45,7 @@ spec: [] initContainers: - name: init-volume - image: "gcr.io/datadoghq/agent:7.55.2" + image: "gcr.io/datadoghq/agent:7.56.2" imagePullPolicy: IfNotPresent command: ["bash", "-c"] args: @@ -57,7 +57,7 @@ spec: resources: {} - name: init-config - image: "gcr.io/datadoghq/agent:7.55.2" + image: "gcr.io/datadoghq/agent:7.56.2" imagePullPolicy: IfNotPresent command: ["bash", "-c"] args: @@ -70,7 +70,7 @@ spec: {} containers: - name: agent - image: "gcr.io/datadoghq/agent:7.55.2" + image: "gcr.io/datadoghq/agent:7.56.2" command: ["bash", "-c"] args: - rm -rf /etc/datadog-agent/conf.d && touch /etc/datadog-agent/datadog.yaml && exec agent run diff --git a/test/datadog/baseline/cluster-agent-deployment_default.yaml b/test/datadog/baseline/cluster-agent-deployment_default.yaml index a7858e1f3..a327a8893 100644 --- a/test/datadog/baseline/cluster-agent-deployment_default.yaml +++ b/test/datadog/baseline/cluster-agent-deployment_default.yaml @@ -6,7 +6,7 @@ metadata: name: datadog-cluster-agent namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -36,17 +36,17 @@ spec: name: datadog-cluster-agent annotations: - checksum/clusteragent_token: 1e89899244fb44ae50129b361b512027fd59eeec723dc4e43ec8c54084de2f92 - checksum/clusteragent-configmap: fa5c139d4a60573ab9b4ecd4827360c3718bde0bcaaf5c9f1eae8ae24ff48edf - checksum/api_key: 43fd540dba2ec5835bddb0920a960e152d63d0dc44c95cdb376dfd5c8c39bdd4 + checksum/clusteragent_token: 40bc622d2f063f6da987bc8785a4107d7d1fe30254748ce3f4348b0bbbdcd376 + checksum/clusteragent-configmap: d0ab6e789c44fc4f5881e7244c4d00814ae7191b94560405bec45d3c2f0923c4 + checksum/api_key: 0a9725cd842dfab442be71cd22846bead912297242cfcb3f60c3a2b7513a4fc5 checksum/application_key: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b - checksum/install_info: 88c52cd7ef5158f4eb2738b4c3b575985b7d139c6b2a25213c46c5a6266e22e7 + checksum/install_info: d981b555be4a75e224267a779d6b633b9cde1b8258e49b0b42aada13ebc04f41 spec: serviceAccountName: datadog-cluster-agent automountServiceAccountToken: true initContainers: - name: init-volume - image: "gcr.io/datadoghq/cluster-agent:7.55.2" + image: "gcr.io/datadoghq/cluster-agent:7.56.2" imagePullPolicy: IfNotPresent command: - cp @@ -59,7 +59,7 @@ spec: mountPath: /opt/datadog-agent containers: - name: cluster-agent - image: "gcr.io/datadoghq/cluster-agent:7.55.2" + image: "gcr.io/datadoghq/cluster-agent:7.56.2" imagePullPolicy: IfNotPresent resources: {} @@ -100,7 +100,7 @@ spec: value: "false" - name: DD_ADMISSION_CONTROLLER_SERVICE_NAME value: datadog-cluster-agent-admission-controller - - name: DD_ADMISSION_CONTROLLER_INJECT_CONFIG_MODE + - name: DD_ADMISSION_CONTROLLER_INJECT_CONFIG_MODE # TODO: gdc should use local service value: socket - name: DD_ADMISSION_CONTROLLER_INJECT_CONFIG_LOCAL_SERVICE_NAME value: datadog diff --git a/test/datadog/baseline/cluster-agent-deployment_default_advanced_AC_injection.yaml b/test/datadog/baseline/cluster-agent-deployment_default_advanced_AC_injection.yaml index 32656490f..41698b83f 100644 --- a/test/datadog/baseline/cluster-agent-deployment_default_advanced_AC_injection.yaml +++ b/test/datadog/baseline/cluster-agent-deployment_default_advanced_AC_injection.yaml @@ -6,7 +6,7 @@ metadata: name: datadog-cluster-agent namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -36,17 +36,17 @@ spec: name: datadog-cluster-agent annotations: - checksum/clusteragent_token: 7991408bb52fa0f7419e6e11edf9a98b11a769fe9fd4574652c99d896a836f3a - checksum/clusteragent-configmap: fa5c139d4a60573ab9b4ecd4827360c3718bde0bcaaf5c9f1eae8ae24ff48edf - checksum/api_key: 43fd540dba2ec5835bddb0920a960e152d63d0dc44c95cdb376dfd5c8c39bdd4 + checksum/clusteragent_token: c459261522048068154cc6d6c140378830ad836abe06bb0241abc37d37de57d9 + checksum/clusteragent-configmap: d0ab6e789c44fc4f5881e7244c4d00814ae7191b94560405bec45d3c2f0923c4 + checksum/api_key: 0a9725cd842dfab442be71cd22846bead912297242cfcb3f60c3a2b7513a4fc5 checksum/application_key: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b - checksum/install_info: 88c52cd7ef5158f4eb2738b4c3b575985b7d139c6b2a25213c46c5a6266e22e7 + checksum/install_info: d981b555be4a75e224267a779d6b633b9cde1b8258e49b0b42aada13ebc04f41 spec: serviceAccountName: datadog-cluster-agent automountServiceAccountToken: true initContainers: - name: init-volume - image: "gcr.io/datadoghq/cluster-agent:7.55.2" + image: "gcr.io/datadoghq/cluster-agent:7.56.2" imagePullPolicy: IfNotPresent command: - cp @@ -59,7 +59,7 @@ spec: mountPath: /opt/datadog-agent containers: - name: cluster-agent - image: "gcr.io/datadoghq/cluster-agent:7.55.2" + image: "gcr.io/datadoghq/cluster-agent:7.56.2" imagePullPolicy: IfNotPresent resources: {} @@ -100,7 +100,7 @@ spec: value: "false" - name: DD_ADMISSION_CONTROLLER_SERVICE_NAME value: datadog-cluster-agent-admission-controller - - name: DD_ADMISSION_CONTROLLER_INJECT_CONFIG_MODE + - name: DD_ADMISSION_CONTROLLER_INJECT_CONFIG_MODE # TODO: gdc should use local service value: socket - name: DD_ADMISSION_CONTROLLER_INJECT_CONFIG_LOCAL_SERVICE_NAME value: datadog diff --git a/test/datadog/baseline/cluster-agent-deployment_default_minimal_AC_injection.yaml b/test/datadog/baseline/cluster-agent-deployment_default_minimal_AC_injection.yaml index 25417c0a1..56bb093c2 100644 --- a/test/datadog/baseline/cluster-agent-deployment_default_minimal_AC_injection.yaml +++ b/test/datadog/baseline/cluster-agent-deployment_default_minimal_AC_injection.yaml @@ -6,7 +6,7 @@ metadata: name: datadog-cluster-agent namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -36,17 +36,17 @@ spec: name: datadog-cluster-agent annotations: - checksum/clusteragent_token: 1c7f1ed04182e5250ad3cdd92f5e0549d68b792b85514efd1343d473b4b0ed31 - checksum/clusteragent-configmap: fa5c139d4a60573ab9b4ecd4827360c3718bde0bcaaf5c9f1eae8ae24ff48edf - checksum/api_key: 43fd540dba2ec5835bddb0920a960e152d63d0dc44c95cdb376dfd5c8c39bdd4 + checksum/clusteragent_token: 1e93627cfd8abdffa3856f1d6367d654734dba3d4973d72361131d100bdfe091 + checksum/clusteragent-configmap: d0ab6e789c44fc4f5881e7244c4d00814ae7191b94560405bec45d3c2f0923c4 + checksum/api_key: 0a9725cd842dfab442be71cd22846bead912297242cfcb3f60c3a2b7513a4fc5 checksum/application_key: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b - checksum/install_info: 88c52cd7ef5158f4eb2738b4c3b575985b7d139c6b2a25213c46c5a6266e22e7 + checksum/install_info: d981b555be4a75e224267a779d6b633b9cde1b8258e49b0b42aada13ebc04f41 spec: serviceAccountName: datadog-cluster-agent automountServiceAccountToken: true initContainers: - name: init-volume - image: "gcr.io/datadoghq/cluster-agent:7.55.2" + image: "gcr.io/datadoghq/cluster-agent:7.56.2" imagePullPolicy: IfNotPresent command: - cp @@ -59,7 +59,7 @@ spec: mountPath: /opt/datadog-agent containers: - name: cluster-agent - image: "gcr.io/datadoghq/cluster-agent:7.55.2" + image: "gcr.io/datadoghq/cluster-agent:7.56.2" imagePullPolicy: IfNotPresent resources: {} @@ -100,7 +100,7 @@ spec: value: "false" - name: DD_ADMISSION_CONTROLLER_SERVICE_NAME value: datadog-cluster-agent-admission-controller - - name: DD_ADMISSION_CONTROLLER_INJECT_CONFIG_MODE + - name: DD_ADMISSION_CONTROLLER_INJECT_CONFIG_MODE # TODO: gdc should use local service value: socket - name: DD_ADMISSION_CONTROLLER_INJECT_CONFIG_LOCAL_SERVICE_NAME value: datadog @@ -119,7 +119,7 @@ spec: - name: DD_ADMISSION_CONTROLLER_AGENT_SIDECAR_IMAGE_NAME value: agent - name: DD_ADMISSION_CONTROLLER_AGENT_SIDECAR_IMAGE_TAG - value: 7.55.2 + value: 7.56.2 - name: DD_REMOTE_CONFIGURATION_ENABLED value: "false" - name: DD_CLUSTER_CHECKS_ENABLED diff --git a/test/datadog/baseline/daemonset_default.yaml b/test/datadog/baseline/daemonset_default.yaml index 4b877c588..da8edcf8d 100644 --- a/test/datadog/baseline/daemonset_default.yaml +++ b/test/datadog/baseline/daemonset_default.yaml @@ -6,7 +6,7 @@ metadata: name: datadog namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -30,8 +30,8 @@ spec: name: datadog annotations: - checksum/clusteragent_token: de542da9e3ea422b2ed413961187c1fe5bd28d1608c78a8bb16a4bc64b508e9b - checksum/install_info: 88c52cd7ef5158f4eb2738b4c3b575985b7d139c6b2a25213c46c5a6266e22e7 + checksum/clusteragent_token: 96d23c40ee7e7ffdabdce8fd6831d9f813c82833c7c5a9f0feb9ec787e39109b + checksum/install_info: d981b555be4a75e224267a779d6b633b9cde1b8258e49b0b42aada13ebc04f41 checksum/autoconf-config: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b checksum/confd-config: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a checksum/checksd-config: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a @@ -42,7 +42,7 @@ spec: hostPID: true containers: - name: agent - image: "gcr.io/datadoghq/agent:7.55.2" + image: "gcr.io/datadoghq/agent:7.56.2" imagePullPolicy: IfNotPresent command: ["agent", "run"] @@ -74,8 +74,7 @@ spec: fieldPath: status.hostIP - name: DD_OTLP_CONFIG_LOGS_ENABLED value: "false" - - + - name: DD_PROCESS_CONFIG_PROCESS_COLLECTION_ENABLED value: "false" - name: DD_PROCESS_CONFIG_CONTAINER_COLLECTION_ENABLED @@ -140,11 +139,7 @@ spec: - name: installinfo subPath: install_info mountPath: /etc/datadog-agent/install_info - readOnly: true - - name: tmpdir - mountPath: /tmp - readOnly: false # Need RW to write to /tmp directory - + readOnly: true - name: os-release-file mountPath: /host/etc/os-release readOnly: true @@ -154,6 +149,9 @@ spec: - name: auth-token mountPath: /etc/datadog-agent/auth readOnly: false # Need RW to write auth token + - name: tmpdir + mountPath: /tmp + readOnly: false # Need RW to write to /tmp directory - name: runtimesocketdir mountPath: /host/var/run @@ -202,7 +200,7 @@ spec: successThreshold: 1 timeoutSeconds: 5 - name: trace-agent - image: "gcr.io/datadoghq/agent:7.55.2" + image: "gcr.io/datadoghq/agent:7.56.2" imagePullPolicy: IfNotPresent command: ["trace-agent", "-config=/etc/datadog-agent/datadog.yaml"] resources: @@ -308,7 +306,7 @@ spec: port: 8126 timeoutSeconds: 5 - name: process-agent - image: "gcr.io/datadoghq/agent:7.55.2" + image: "gcr.io/datadoghq/agent:7.56.2" imagePullPolicy: IfNotPresent command: ["process-agent", "--cfgpath=/etc/datadog-agent/datadog.yaml"] resources: @@ -346,6 +344,7 @@ spec: name: datadog-cluster-agent key: token + - name: DD_PROCESS_CONFIG_PROCESS_COLLECTION_ENABLED value: "false" - name: DD_PROCESS_CONFIG_CONTAINER_COLLECTION_ENABLED @@ -377,6 +376,11 @@ spec: - name: dsdsocket mountPath: /var/run/datadog readOnly: false # Need RW for UDS DSD socket + + - name: runtimesocketdir + mountPath: /host/var/run + mountPropagation: None + readOnly: true - name: tmpdir mountPath: /tmp readOnly: false # Need RW to write to tmp directory @@ -385,11 +389,6 @@ spec: mountPath: /host/etc/os-release readOnly: true - - name: runtimesocketdir - mountPath: /host/var/run - mountPropagation: None - readOnly: true - - name: cgroups mountPath: /host/sys/fs/cgroup mountPropagation: None @@ -402,10 +401,8 @@ spec: mountPropagation: None readOnly: true initContainers: - - - name: init-volume - - image: "gcr.io/datadoghq/agent:7.55.2" + - name: init-volume + image: "gcr.io/datadoghq/agent:7.56.2" imagePullPolicy: IfNotPresent command: ["bash", "-c"] args: @@ -416,9 +413,8 @@ spec: readOnly: false # Need RW for config path resources: {} - - name: init-config - - image: "gcr.io/datadoghq/agent:7.55.2" + - name: init-config + image: "gcr.io/datadoghq/agent:7.56.2" imagePullPolicy: IfNotPresent command: - bash @@ -426,12 +422,12 @@ spec: args: - for script in $(find /etc/cont-init.d/ -type f -name '*.sh' | sort) ; do bash $script ; done volumeMounts: - - name: logdatadog - mountPath: /var/log/datadog - readOnly: false # Need RW to write logs - name: config mountPath: /etc/datadog-agent readOnly: false # Need RW for config path + - name: logdatadog + mountPath: /var/log/datadog + readOnly: false # Need RW to write logs - name: procdir mountPath: /host/proc mountPropagation: None diff --git a/test/datadog/baseline/other_default.yaml b/test/datadog/baseline/other_default.yaml index cdb527639..2c827a544 100644 --- a/test/datadog/baseline/other_default.yaml +++ b/test/datadog/baseline/other_default.yaml @@ -6,7 +6,7 @@ metadata: name: datadog-clusterchecks namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -24,7 +24,7 @@ metadata: name: datadog-cluster-agent namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -41,13 +41,13 @@ kind: ServiceAccount automountServiceAccountToken: true metadata: labels: - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm app.kubernetes.io/version: "7" app: "datadog" - chart: "datadog-3.69.3" + chart: "datadog-3.71.0" heritage: "Helm" release: "datadog" name: datadog-cluster-checks @@ -60,10 +60,10 @@ automountServiceAccountToken: true metadata: labels: app: "datadog" - chart: "datadog-3.69.3" + chart: "datadog-3.71.0" heritage: "Helm" release: "datadog" - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -79,7 +79,7 @@ metadata: name: datadog namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -92,14 +92,14 @@ metadata: name: datadog-cluster-agent namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm app.kubernetes.io/version: "7" type: Opaque data: - token: "Y2NkeDBJRG50UWdHTlRiUWtIMTNRV2x2Wkk2VVA5VEE=" + token: "UExZUjc0VG50d0RUQUMxbzhSNDQySTE2YWZoRHJQNXQ=" --- # Source: datadog/templates/cluster-agent-confd-configmap.yaml apiVersion: v1 @@ -108,7 +108,7 @@ metadata: name: datadog-cluster-agent-confd namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -157,20 +157,20 @@ metadata: name: datadog-installinfo namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm app.kubernetes.io/version: "7" annotations: - checksum/install_info: 88c52cd7ef5158f4eb2738b4c3b575985b7d139c6b2a25213c46c5a6266e22e7 + checksum/install_info: d981b555be4a75e224267a779d6b633b9cde1b8258e49b0b42aada13ebc04f41 data: install_info: | --- install_method: tool: helm tool_version: Helm - installer_version: datadog-3.69.3 + installer_version: datadog-3.71.0 --- # Source: datadog/templates/kpi-telemetry-configmap.yaml apiVersion: v1 @@ -179,22 +179,22 @@ metadata: name: datadog-kpi-telemetry-configmap namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm app.kubernetes.io/version: "7" data: install_type: k8s_manual - install_id: "ea017c66-3746-4347-86ef-32a14ddda1c7" - install_time: "1723838680" + install_id: "6601c323-3d30-460c-8297-7eb72f1e8b36" + install_time: "1726071641" --- # Source: datadog/templates/cluster-agent-rbac.yaml apiVersion: "rbac.authorization.k8s.io/v1" kind: ClusterRole metadata: labels: - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -409,7 +409,7 @@ apiVersion: "rbac.authorization.k8s.io/v1" kind: ClusterRole metadata: labels: - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -505,7 +505,7 @@ kind: ClusterRole metadata: name: datadog labels: - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -553,7 +553,7 @@ apiVersion: "rbac.authorization.k8s.io/v1" kind: ClusterRoleBinding metadata: labels: - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -573,7 +573,7 @@ apiVersion: "rbac.authorization.k8s.io/v1" kind: ClusterRoleBinding metadata: labels: - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -593,7 +593,7 @@ apiVersion: "rbac.authorization.k8s.io/v1" kind: ClusterRoleBinding metadata: labels: - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -614,7 +614,7 @@ kind: ClusterRoleBinding metadata: name: datadog labels: - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -633,7 +633,7 @@ apiVersion: "rbac.authorization.k8s.io/v1" kind: Role metadata: labels: - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -650,7 +650,7 @@ apiVersion: "rbac.authorization.k8s.io/v1" kind: Role metadata: labels: - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -672,7 +672,7 @@ apiVersion: "rbac.authorization.k8s.io/v1" kind: RoleBinding metadata: labels: - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -693,7 +693,7 @@ apiVersion: "rbac.authorization.k8s.io/v1" kind: RoleBinding metadata: labels: - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -716,7 +716,7 @@ metadata: name: datadog-cluster-agent namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -738,10 +738,10 @@ metadata: namespace: datadog-agent labels: app: "datadog" - chart: "datadog-3.69.3" + chart: "datadog-3.71.0" release: "datadog" heritage: "Helm" - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -764,10 +764,10 @@ metadata: namespace: datadog-agent labels: app: "datadog" - chart: "datadog-3.69.3" + chart: "datadog-3.71.0" release: "datadog" heritage: "Helm" - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -793,7 +793,7 @@ metadata: name: datadog namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -817,8 +817,8 @@ spec: name: datadog annotations: - checksum/clusteragent_token: 2eda47b55579b010297762c6bc060f2992f6c3663c187124b71071457e50321d - checksum/install_info: 88c52cd7ef5158f4eb2738b4c3b575985b7d139c6b2a25213c46c5a6266e22e7 + checksum/clusteragent_token: f5fa61b20d3233bc959e8287a09a1467471c276653dcc68211effd0e181f8359 + checksum/install_info: d981b555be4a75e224267a779d6b633b9cde1b8258e49b0b42aada13ebc04f41 checksum/autoconf-config: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b checksum/confd-config: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a checksum/checksd-config: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a @@ -829,7 +829,7 @@ spec: hostPID: true containers: - name: agent - image: "gcr.io/datadoghq/agent:7.55.2" + image: "gcr.io/datadoghq/agent:7.56.2" imagePullPolicy: IfNotPresent command: ["agent", "run"] @@ -861,8 +861,7 @@ spec: fieldPath: status.hostIP - name: DD_OTLP_CONFIG_LOGS_ENABLED value: "false" - - + - name: DD_PROCESS_CONFIG_PROCESS_COLLECTION_ENABLED value: "false" - name: DD_PROCESS_CONFIG_CONTAINER_COLLECTION_ENABLED @@ -928,11 +927,7 @@ spec: - name: installinfo subPath: install_info mountPath: /etc/datadog-agent/install_info - readOnly: true - - name: tmpdir - mountPath: /tmp - readOnly: false # Need RW to write to /tmp directory - + readOnly: true - name: os-release-file mountPath: /host/etc/os-release readOnly: true @@ -942,6 +937,9 @@ spec: - name: auth-token mountPath: /etc/datadog-agent/auth readOnly: false # Need RW to write auth token + - name: tmpdir + mountPath: /tmp + readOnly: false # Need RW to write to /tmp directory - name: runtimesocketdir mountPath: /host/var/run @@ -990,7 +988,7 @@ spec: successThreshold: 1 timeoutSeconds: 5 - name: trace-agent - image: "gcr.io/datadoghq/agent:7.55.2" + image: "gcr.io/datadoghq/agent:7.56.2" imagePullPolicy: IfNotPresent command: ["trace-agent", "-config=/etc/datadog-agent/datadog.yaml"] resources: @@ -1096,7 +1094,7 @@ spec: port: 8126 timeoutSeconds: 5 - name: process-agent - image: "gcr.io/datadoghq/agent:7.55.2" + image: "gcr.io/datadoghq/agent:7.56.2" imagePullPolicy: IfNotPresent command: ["process-agent", "--cfgpath=/etc/datadog-agent/datadog.yaml"] resources: @@ -1134,6 +1132,7 @@ spec: name: datadog-cluster-agent key: token + - name: DD_PROCESS_CONFIG_PROCESS_COLLECTION_ENABLED value: "false" - name: DD_PROCESS_CONFIG_CONTAINER_COLLECTION_ENABLED @@ -1165,6 +1164,11 @@ spec: - name: dsdsocket mountPath: /var/run/datadog readOnly: false # Need RW for UDS DSD socket + + - name: runtimesocketdir + mountPath: /host/var/run + mountPropagation: None + readOnly: true - name: tmpdir mountPath: /tmp readOnly: false # Need RW to write to tmp directory @@ -1173,11 +1177,6 @@ spec: mountPath: /host/etc/os-release readOnly: true - - name: runtimesocketdir - mountPath: /host/var/run - mountPropagation: None - readOnly: true - - name: cgroups mountPath: /host/sys/fs/cgroup mountPropagation: None @@ -1190,10 +1189,8 @@ spec: mountPropagation: None readOnly: true initContainers: - - - name: init-volume - - image: "gcr.io/datadoghq/agent:7.55.2" + - name: init-volume + image: "gcr.io/datadoghq/agent:7.56.2" imagePullPolicy: IfNotPresent command: ["bash", "-c"] args: @@ -1204,9 +1201,8 @@ spec: readOnly: false # Need RW for config path resources: {} - - name: init-config - - image: "gcr.io/datadoghq/agent:7.55.2" + - name: init-config + image: "gcr.io/datadoghq/agent:7.56.2" imagePullPolicy: IfNotPresent command: - bash @@ -1214,12 +1210,12 @@ spec: args: - for script in $(find /etc/cont-init.d/ -type f -name '*.sh' | sort) ; do bash $script ; done volumeMounts: - - name: logdatadog - mountPath: /var/log/datadog - readOnly: false # Need RW to write logs - name: config mountPath: /etc/datadog-agent readOnly: false # Need RW for config path + - name: logdatadog + mountPath: /var/log/datadog + readOnly: false # Need RW to write logs - name: procdir mountPath: /host/proc mountPropagation: None @@ -1311,7 +1307,7 @@ metadata: name: datadog-clusterchecks namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -1341,8 +1337,8 @@ spec: name: datadog-clusterchecks annotations: - checksum/clusteragent_token: df513ccb46ac6f45f78030ba267aede6b25632a9d5beda28d8d1e3edf07a1601 - checksum/install_info: 88c52cd7ef5158f4eb2738b4c3b575985b7d139c6b2a25213c46c5a6266e22e7 + checksum/clusteragent_token: 4069306d45f6db80ffefb1c4e6a97667cf35a4c08db60b8e384415de8e91be1f + checksum/install_info: d981b555be4a75e224267a779d6b633b9cde1b8258e49b0b42aada13ebc04f41 spec: serviceAccountName: datadog-cluster-checks automountServiceAccountToken: true @@ -1350,7 +1346,7 @@ spec: [] initContainers: - name: init-volume - image: "gcr.io/datadoghq/agent:7.55.2" + image: "gcr.io/datadoghq/agent:7.56.2" imagePullPolicy: IfNotPresent command: ["bash", "-c"] args: @@ -1362,7 +1358,7 @@ spec: resources: {} - name: init-config - image: "gcr.io/datadoghq/agent:7.55.2" + image: "gcr.io/datadoghq/agent:7.56.2" imagePullPolicy: IfNotPresent command: ["bash", "-c"] args: @@ -1375,7 +1371,7 @@ spec: {} containers: - name: agent - image: "gcr.io/datadoghq/agent:7.55.2" + image: "gcr.io/datadoghq/agent:7.56.2" command: ["bash", "-c"] args: - rm -rf /etc/datadog-agent/conf.d && touch /etc/datadog-agent/datadog.yaml && exec agent run @@ -1502,7 +1498,7 @@ metadata: name: datadog-cluster-agent namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.69.3' + helm.sh/chart: 'datadog-3.71.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -1532,15 +1528,15 @@ spec: name: datadog-cluster-agent annotations: - checksum/clusteragent_token: 61cab1de9ffa31fa392576b66b69e7fef5e5918ac8257f49fa119b96c0941f34 - checksum/clusteragent-configmap: 7d7437f233eef67301769d5141b59f31f12ac10c0354e17bf5ae9405058ea53b - checksum/install_info: 88c52cd7ef5158f4eb2738b4c3b575985b7d139c6b2a25213c46c5a6266e22e7 + checksum/clusteragent_token: 57b7598efe0f49afe8dd2ac653736fdc156fc1deffb79b7f65130f4a773aa230 + checksum/clusteragent-configmap: f8ac56b7fb460daf68883ae9c5b53472bf479e5d1d6ba0d7731e9287d48b4f5c + checksum/install_info: d981b555be4a75e224267a779d6b633b9cde1b8258e49b0b42aada13ebc04f41 spec: serviceAccountName: datadog-cluster-agent automountServiceAccountToken: true initContainers: - name: init-volume - image: "gcr.io/datadoghq/cluster-agent:7.55.2" + image: "gcr.io/datadoghq/cluster-agent:7.56.2" imagePullPolicy: IfNotPresent command: - cp @@ -1553,7 +1549,7 @@ spec: mountPath: /opt/datadog-agent containers: - name: cluster-agent - image: "gcr.io/datadoghq/cluster-agent:7.55.2" + image: "gcr.io/datadoghq/cluster-agent:7.56.2" imagePullPolicy: IfNotPresent resources: {} @@ -1594,7 +1590,7 @@ spec: value: "false" - name: DD_ADMISSION_CONTROLLER_SERVICE_NAME value: datadog-cluster-agent-admission-controller - - name: DD_ADMISSION_CONTROLLER_INJECT_CONFIG_MODE + - name: DD_ADMISSION_CONTROLLER_INJECT_CONFIG_MODE # TODO: gdc should use local service value: socket - name: DD_ADMISSION_CONTROLLER_INJECT_CONFIG_LOCAL_SERVICE_NAME value: datadog diff --git a/test/datadog/gdc_test.go b/test/datadog/gdc_test.go new file mode 100644 index 000000000..d68c4cd3c --- /dev/null +++ b/test/datadog/gdc_test.go @@ -0,0 +1,94 @@ +package datadog + +import ( + "github.com/DataDog/helm-charts/test/common" + "github.com/stretchr/testify/assert" + appsv1 "k8s.io/api/apps/v1" + corev1 "k8s.io/api/core/v1" + "testing" +) + +func Test_gdcConfigs(t *testing.T) { + tests := []struct { + name string + command common.HelmCommand + assertions func(t *testing.T, manifest string) + }{ + { + name: "default", + command: common.HelmCommand{ + ReleaseName: "datadog", + ChartPath: "../../charts/datadog", + ShowOnly: []string{"templates/daemonset.yaml"}, + Values: []string{"../../charts/datadog/values.yaml"}, + Overrides: map[string]string{ + "datadog.apiKeyExistingSecret": "datadog-secret", + "datadog.appKeyExistingSecret": "datadog-secret", + "datadog.clusterName": "test-gdce", + "datadog.logs.enabled": "true", + "agents.image.doNotCheckTag": "true", + "providers.gke.gdc": "true", + }, + }, + assertions: verifyDaemonsetGDCMinimal, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + manifest, err := common.RenderChart(t, tt.command) + assert.Nil(t, err, "couldn't render template") + tt.assertions(t, manifest) + }) + } +} + +func verifyDaemonsetGDCMinimal(t *testing.T, manifest string) { + var ds appsv1.DaemonSet + common.Unmarshal(t, manifest, &ds) + agentContainer := &corev1.Container{} + + assert.Equal(t, 1, len(ds.Spec.Template.Spec.Containers)) + + for _, container := range ds.Spec.Template.Spec.Containers { + if container.Name == "agent" { + agentContainer = &container + } + } + + assert.NotNil(t, agentContainer) + + hasHostPathVolume := false + for _, volume := range ds.Spec.Template.Spec.Volumes { + if hostPathMounted(volume) { + hasHostPathVolume = true + break + } + } + assert.False(t, hasHostPathVolume) + + hasHostPort := false + for _, container := range ds.Spec.Template.Spec.Containers { + for _, port := range container.Ports { + if hostPortMounted(port) { + hasHostPort = true + break + } + } + } + assert.False(t, hasHostPort) +} + +func hostPathMounted(volume corev1.Volume) bool { + if volume.HostPath != nil { + return true + } + return false +} + +func hostPortMounted(port corev1.ContainerPort) bool { + if port.HostPort >= 1 { + return true + } + return false +}