diff --git a/charts/datadog/CHANGELOG.md b/charts/datadog/CHANGELOG.md index 556e46746..8ddfa63ab 100644 --- a/charts/datadog/CHANGELOG.md +++ b/charts/datadog/CHANGELOG.md @@ -1,5 +1,9 @@ # Datadog changelog +## 3.77.2 + +* Add the ability to include Security Contexts at the container level for Cluster Checks Runners. + ## 3.77.1 * Modify command that removes the default conf.d directory from the Cluster Checks Runners and only removes the default YAML files. diff --git a/charts/datadog/Chart.yaml b/charts/datadog/Chart.yaml index d304475d8..79d9343fd 100644 --- a/charts/datadog/Chart.yaml +++ b/charts/datadog/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v1 name: datadog -version: 3.77.1 +version: 3.77.2 appVersion: "7" description: Datadog Agent keywords: diff --git a/charts/datadog/README.md b/charts/datadog/README.md index c7db99b0e..be23a59a7 100644 --- a/charts/datadog/README.md +++ b/charts/datadog/README.md @@ -1,6 +1,6 @@ # Datadog -![Version: 3.77.1](https://img.shields.io/badge/Version-3.77.1-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square) +![Version: 3.77.2](https://img.shields.io/badge/Version-3.77.2-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square) [Datadog](https://www.datadoghq.com/) is a hosted infrastructure monitoring platform. This chart adds the Datadog Agent to all nodes in your cluster via a DaemonSet. It also optionally depends on the [kube-state-metrics chart](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics). For more information about monitoring Kubernetes with Datadog, please refer to the [Datadog documentation website](https://docs.datadoghq.com/agent/basic_agent_usage/kubernetes/). @@ -629,6 +629,8 @@ helm install \ | clusterAgent.volumes | list | `[]` | Specify additional volumes to mount in the cluster-agent container | | clusterChecksRunner.additionalLabels | object | `{}` | Adds labels to the cluster checks runner deployment and pods | | clusterChecksRunner.affinity | object | `{}` | Allow the ClusterChecks Deployment to schedule using affinity rules. | +| clusterChecksRunner.containers.agent.securityContext | object | `{}` | Specify securityContext on the agent container | +| clusterChecksRunner.containers.initContainers.securityContext | object | `{}` | Specify securityContext on the init containers | | clusterChecksRunner.createPodDisruptionBudget | bool | `false` | Create the pod disruption budget to apply to the cluster checks agents | | clusterChecksRunner.deploymentAnnotations | object | `{}` | Annotations to add to the cluster-checks-runner's Deployment | | clusterChecksRunner.dnsConfig | object | `{}` | specify dns configuration options for datadog cluster agent containers e.g ndots | diff --git a/charts/datadog/templates/agent-clusterchecks-deployment.yaml b/charts/datadog/templates/agent-clusterchecks-deployment.yaml index d61c3237a..6ae0de1c5 100644 --- a/charts/datadog/templates/agent-clusterchecks-deployment.yaml +++ b/charts/datadog/templates/agent-clusterchecks-deployment.yaml @@ -78,6 +78,10 @@ spec: command: ["bash", "-c"] args: - cp -r /etc/datadog-agent /opt +{{- if .Values.clusterChecksRunner.containers.initContainers.securityContext }} + securityContext: +{{ toYaml .Values.clusterChecksRunner.containers.initContainers.securityContext | indent 10 }} +{{- end }} volumeMounts: - name: config mountPath: /opt/datadog-agent @@ -90,6 +94,10 @@ spec: command: ["bash", "-c"] args: - for script in $(find /etc/cont-init.d/ -type f -name '*.sh' | sort) ; do bash $script ; done +{{- if .Values.clusterChecksRunner.containers.initContainers.securityContext }} + securityContext: +{{ toYaml .Values.clusterChecksRunner.containers.initContainers.securityContext | indent 10 }} +{{- end }} volumeMounts: - name: config mountPath: /etc/datadog-agent @@ -177,6 +185,10 @@ spec: {{- include "additional-env-dict-entries" .Values.clusterChecksRunner.envDict | indent 10 }} resources: {{ toYaml .Values.clusterChecksRunner.resources | indent 10 }} +{{- if .Values.clusterChecksRunner.containers.agent.securityContext }} + securityContext: +{{ toYaml .Values.clusterChecksRunner.containers.agent.securityContext | indent 10 }} +{{- end }} volumeMounts: - name: installinfo subPath: install_info diff --git a/charts/datadog/values.yaml b/charts/datadog/values.yaml index 34e158060..d90c27fe1 100644 --- a/charts/datadog/values.yaml +++ b/charts/datadog/values.yaml @@ -2218,6 +2218,14 @@ clusterChecksRunner: # clusterChecksRunner.securityContext -- Allows you to overwrite the default PodSecurityContext on the clusterchecks pods. securityContext: {} + containers: + agent: + # clusterChecksRunner.containers.agent.securityContext -- Specify securityContext on the agent container + securityContext: {} + initContainers: + # clusterChecksRunner.containers.initContainers.securityContext -- Specify securityContext on the init containers + securityContext: {} + # clusterChecksRunner.ports -- Allows to specify extra ports (hostPorts for instance) for this container ports: []