diff --git a/charts/datadog-operator/CHANGELOG.md b/charts/datadog-operator/CHANGELOG.md index a65ae2b42..75ed1131a 100644 --- a/charts/datadog-operator/CHANGELOG.md +++ b/charts/datadog-operator/CHANGELOG.md @@ -1,5 +1,9 @@ # Changelog +## 2.7.0 + +* Update Datadog Operator version to 1.12.1. + ## 2.6.0 * Update Datadog Operator version to 1.12.0. diff --git a/charts/datadog-operator/Chart.yaml b/charts/datadog-operator/Chart.yaml index 2e61e04bc..64cb814c7 100644 --- a/charts/datadog-operator/Chart.yaml +++ b/charts/datadog-operator/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 name: datadog-operator -version: 2.6.0 -appVersion: 1.12.0 +version: 2.7.0 +appVersion: 1.12.1 description: Datadog Operator keywords: - monitoring diff --git a/charts/datadog-operator/README.md b/charts/datadog-operator/README.md index bcd9a4fcf..cd369d95b 100644 --- a/charts/datadog-operator/README.md +++ b/charts/datadog-operator/README.md @@ -1,6 +1,6 @@ # Datadog Operator -![Version: 2.6.0](https://img.shields.io/badge/Version-2.6.0-informational?style=flat-square) ![AppVersion: 1.12.0](https://img.shields.io/badge/AppVersion-1.12.0-informational?style=flat-square) +![Version: 2.7.0](https://img.shields.io/badge/Version-2.7.0-informational?style=flat-square) ![AppVersion: 1.12.1](https://img.shields.io/badge/AppVersion-1.12.1-informational?style=flat-square) ## Values @@ -35,7 +35,7 @@ | image.doNotCheckTag | bool | `false` | Permit skipping operator image tag compatibility with the chart. | | image.pullPolicy | string | `"IfNotPresent"` | Define the pullPolicy for Datadog Operator image | | image.repository | string | `"gcr.io/datadoghq/operator"` | Repository to use for Datadog Operator image | -| image.tag | string | `"1.12.0"` | Define the Datadog Operator version to use | +| image.tag | string | `"1.12.1"` | Define the Datadog Operator version to use | | imagePullSecrets | list | `[]` | Datadog Operator repository pullSecret (ex: specify docker registry credentials) | | installCRDs | bool | `true` | Set to true to deploy the Datadog's CRDs | | introspection.enabled | bool | `false` | If true, enables introspection feature (beta). Requires v1.4.0+ | diff --git a/charts/datadog-operator/templates/_helpers.tpl b/charts/datadog-operator/templates/_helpers.tpl index 31e8e5f7d..f17953f81 100644 --- a/charts/datadog-operator/templates/_helpers.tpl +++ b/charts/datadog-operator/templates/_helpers.tpl @@ -85,6 +85,6 @@ Check operator image tag version. {{- if not .Values.image.doNotCheckTag -}} {{- .Values.image.tag -}} {{- else -}} -{{ "1.12.0" }} +{{ "1.12.1" }} {{- end -}} {{- end -}} diff --git a/charts/datadog-operator/values.yaml b/charts/datadog-operator/values.yaml index aaaa32e2f..74f1dddec 100644 --- a/charts/datadog-operator/values.yaml +++ b/charts/datadog-operator/values.yaml @@ -47,7 +47,7 @@ image: # image.repository -- Repository to use for Datadog Operator image repository: gcr.io/datadoghq/operator # image.tag -- Define the Datadog Operator version to use - tag: 1.12.0 + tag: 1.12.1 # image.pullPolicy -- Define the pullPolicy for Datadog Operator image pullPolicy: IfNotPresent # image.doNotCheckTag -- Permit skipping operator image tag compatibility with the chart. diff --git a/charts/datadog/CHANGELOG.md b/charts/datadog/CHANGELOG.md index 401546640..59dc19f20 100644 --- a/charts/datadog/CHANGELOG.md +++ b/charts/datadog/CHANGELOG.md @@ -1,9 +1,47 @@ # Datadog changelog -## 3.91.0 +## 3.97.0 * Enable `system-probe` container on GKE Autopilot (requires GKE 1.32.1-gke.1376000 or later). +## 3.96.0 + +* Upgrade default Agent version to `7.63.0`. + +## 3.95.0 + +* Fix a bug where setting `datadog.containerImageCollection.enabled` to `false` does not disable image collection. + +## 3.94.0 + +* Support adding labels to the Agent service account via `agents.rbac.serviceAccountAdditionalLabels`. +* Support adding labels to the Cluster Agent service account via `clusterAgent.rbac.serviceAccountAdditionalLabels`. +* Support adding labels to the Cluster Checks Runner service account via `clusterChecksRunner.rbac.serviceAccountAdditionalLabels`. + +## 3.93.0 + +* Revert "Add a mount for the Kubernetes PodResources socket." + +## 3.92.0 + +* Add a mount for the Kubernetes PodResources socket. + +## 3.91.0 + +* Add support for GPU monitoring + +## 3.90.5 + +* Update `fips.image.tag` to `1.1.7` updating openSSL version to 3.0.16 + +## 3.90.4 + +* Fix RBAC rendering and map merge when `datadog.kubernetesResourcesAnnotationsAsTags` and/or `datadog.kubernetesResourcesLabelsAsTags` are used. + +## 3.90.3 + +* Defaults `registry` to `gcr.io/datadoghq` when setting `datadog.site: us3.datadoghq.com` and deploying on GKE Autopilot (`providers.gke.autopilot: true`). + ## 3.90.2 * Adds env vars `DD_AGENT_IPC_PORT` and `DD_AGENT_IPC_CONFIG_REFRESH_INTERVAL` when Otel Agent is enabled and adds flag `--sync-delay=30s` to otel agent. @@ -46,7 +84,7 @@ ## 3.87.0 -* Launch `otel-agent` with the `--core-config` switch pointing to the main agent configuration. Note that this affects the OTel Agent beta images, early beta image releases with version tag `<7.59.0-v.1.2.0` will experience issues and should remain on older helm chart versions for their deployments. For regular users not deploying the `otel-agent` beta images, this should be a NOOP. +* Launch `otel-agent` with the `--core-config` switch pointing to the main agent configuration. Note that this affects the OTel Agent beta images, early beta image releases with version tag `<7.59.0-v.1.2.0` will experience issues and should remain on older helm chart versions for their deployments. For regular users not deploying the `otel-agent` beta images, this should be a NOOP. ## 3.86.0 diff --git a/charts/datadog/Chart.yaml b/charts/datadog/Chart.yaml index aa398ce1e..7fcbb55ae 100644 --- a/charts/datadog/Chart.yaml +++ b/charts/datadog/Chart.yaml @@ -1,7 +1,7 @@ --- apiVersion: v1 name: datadog -version: 3.91.0 +version: 3.97.0 appVersion: "7" description: Datadog Agent keywords: diff --git a/charts/datadog/README.md b/charts/datadog/README.md index db10fd946..5a3df46be 100644 --- a/charts/datadog/README.md +++ b/charts/datadog/README.md @@ -1,6 +1,6 @@ # Datadog -![Version: 3.91.0](https://img.shields.io/badge/Version-3.91.0-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square) +![Version: 3.96.0](https://img.shields.io/badge/Version-3.96.0-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square) [Datadog](https://www.datadoghq.com/) is a hosted infrastructure monitoring platform. This chart adds the Datadog Agent to all nodes in your cluster via a DaemonSet. It also optionally depends on the [kube-state-metrics chart](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics). For more information about monitoring Kubernetes with Datadog, please refer to the [Datadog documentation website](https://docs.datadoghq.com/agent/basic_agent_usage/kubernetes/). @@ -525,7 +525,7 @@ helm install \ | agents.image.pullPolicy | string | `"IfNotPresent"` | Datadog Agent image pull policy | | agents.image.pullSecrets | list | `[]` | Datadog Agent repository pullSecret (ex: specify docker registry credentials) | | agents.image.repository | string | `nil` | Override default registry + image.name for Agent | -| agents.image.tag | string | `"7.62.0"` | Define the Agent version to use | +| agents.image.tag | string | `"7.63.0"` | Define the Agent version to use | | agents.image.tagSuffix | string | `""` | Suffix to append to Agent tag | | agents.localService.forceLocalServiceEnabled | bool | `false` | Force the creation of the internal traffic policy service to target the agent running on the local node. By default, the internal traffic service is created only on Kubernetes 1.22+ where the feature became beta and enabled by default. This option allows to force the creation of the internal traffic service on kubernetes 1.21 where the feature was alpha and required a feature gate to be explicitly enabled. | | agents.localService.overrideName | string | `""` | Name of the internal traffic service to target the agent running on the local node | @@ -550,6 +550,7 @@ helm install \ | agents.priorityPreemptionPolicyValue | string | `"PreemptLowerPriority"` | Set to "Never" to change the PriorityClass to non-preempting | | agents.rbac.automountServiceAccountToken | bool | `true` | If true, automatically mount the ServiceAccount's API credentials if agents.rbac.create is true | | agents.rbac.create | bool | `true` | If true, create & use RBAC resources | +| agents.rbac.serviceAccountAdditionalLabels | object | `{}` | Labels to add to the ServiceAccount if agents.rbac.create is true | | agents.rbac.serviceAccountAnnotations | object | `{}` | Annotations to add to the ServiceAccount if agents.rbac.create is true | | agents.rbac.serviceAccountName | string | `"default"` | Specify a preexisting ServiceAccount to use if agents.rbac.create is false | | agents.revisionHistoryLimit | int | `10` | The number of ControllerRevision to keep in this DaemonSet. | @@ -607,7 +608,7 @@ helm install \ | clusterAgent.image.pullPolicy | string | `"IfNotPresent"` | Cluster Agent image pullPolicy | | clusterAgent.image.pullSecrets | list | `[]` | Cluster Agent repository pullSecret (ex: specify docker registry credentials) | | clusterAgent.image.repository | string | `nil` | Override default registry + image.name for Cluster Agent | -| clusterAgent.image.tag | string | `"7.62.0"` | Cluster Agent image tag to use | +| clusterAgent.image.tag | string | `"7.63.0"` | Cluster Agent image tag to use | | clusterAgent.kubernetesApiserverCheck.disableUseComponentStatus | bool | `false` | Set this to true to disable use_component_status for the kube_apiserver integration. | | clusterAgent.livenessProbe | object | Every 15s / 6 KO / 1 OK | Override default Cluster Agent liveness probe settings | | clusterAgent.metricsProvider.aggregator | string | `"avg"` | Define the aggregator the cluster agent will use to process the metrics. The options are (avg, min, max, sum) | @@ -628,6 +629,7 @@ helm install \ | clusterAgent.rbac.automountServiceAccountToken | bool | `true` | If true, automatically mount the ServiceAccount's API credentials if clusterAgent.rbac.create is true | | clusterAgent.rbac.create | bool | `true` | If true, create & use RBAC resources | | clusterAgent.rbac.flareAdditionalPermissions | bool | `true` | If true, add Secrets and Configmaps get/list permissions to retrieve user Datadog Helm values from Cluster Agent namespace | +| clusterAgent.rbac.serviceAccountAdditionalLabels | object | `{}` | Labels to add to the ServiceAccount if clusterAgent.rbac.create is true | | clusterAgent.rbac.serviceAccountAnnotations | object | `{}` | Annotations to add to the ServiceAccount if clusterAgent.rbac.create is true | | clusterAgent.rbac.serviceAccountName | string | `"default"` | Specify a preexisting ServiceAccount to use if clusterAgent.rbac.create is false | | clusterAgent.readinessProbe | object | Every 15s / 6 KO / 1 OK | Override default Cluster Agent readiness probe settings | @@ -662,7 +664,7 @@ helm install \ | clusterChecksRunner.image.pullPolicy | string | `"IfNotPresent"` | Datadog Agent image pull policy | | clusterChecksRunner.image.pullSecrets | list | `[]` | Datadog Agent repository pullSecret (ex: specify docker registry credentials) | | clusterChecksRunner.image.repository | string | `nil` | Override default registry + image.name for Cluster Check Runners | -| clusterChecksRunner.image.tag | string | `"7.62.0"` | Define the Agent version to use | +| clusterChecksRunner.image.tag | string | `"7.63.0"` | Define the Agent version to use | | clusterChecksRunner.image.tagSuffix | string | `""` | Suffix to append to Agent tag | | clusterChecksRunner.livenessProbe | object | Every 15s / 6 KO / 1 OK | Override default agent liveness probe settings | | clusterChecksRunner.networkPolicy.create | bool | `false` | If true, create a NetworkPolicy for the cluster checks runners. DEPRECATED. Use datadog.networkPolicy.create instead | @@ -673,6 +675,7 @@ helm install \ | clusterChecksRunner.rbac.automountServiceAccountToken | bool | `true` | If true, automatically mount the ServiceAccount's API credentials if clusterChecksRunner.rbac.create is true | | clusterChecksRunner.rbac.create | bool | `true` | If true, create & use RBAC resources | | clusterChecksRunner.rbac.dedicated | bool | `false` | If true, use a dedicated RBAC resource for the cluster checks agent(s) | +| clusterChecksRunner.rbac.serviceAccountAdditionalLabels | object | `{}` | Labels to add to the ServiceAccount if clusterChecksRunner.rbac.dedicated is true | | clusterChecksRunner.rbac.serviceAccountAnnotations | object | `{}` | Annotations to add to the ServiceAccount if clusterChecksRunner.rbac.dedicated is true | | clusterChecksRunner.rbac.serviceAccountName | string | `"default"` | Specify a preexisting ServiceAccount to use if clusterChecksRunner.rbac.create is false | | clusterChecksRunner.readinessProbe | object | Every 15s / 6 KO / 1 OK | Override default agent readiness probe settings | @@ -749,6 +752,9 @@ helm install \ | datadog.envFrom | list | `[]` | Set environment variables for all Agents directly from configMaps and/or secrets | | datadog.excludePauseContainer | bool | `true` | Exclude pause containers from Agent Autodiscovery. | | datadog.expvarPort | int | `6000` | Specify the port to expose pprof and expvar to not interfere with the agent metrics port from the cluster-agent, which defaults to 5000 | +| datadog.gpuMonitoring.configureCgroupPerms | bool | `false` | Configure cgroup permissions for GPU monitoring | +| datadog.gpuMonitoring.enabled | bool | `false` | Enable GPU monitoring | +| datadog.gpuMonitoring.runtimeClassName | string | `"nvidia"` | Runtime class name for the agent pods to get access to NVIDIA resources | | datadog.helmCheck.collectEvents | bool | `false` | Set this to true to enable event collection in the Helm Check (Requires Agent 7.36.0+ and Cluster Agent 1.20.0+) This requires datadog.HelmCheck.enabled to be set to true | | datadog.helmCheck.enabled | bool | `false` | Set this to true to enable the Helm check (Requires Agent 7.35.0+ and Cluster Agent 1.19.0+) This requires clusterAgent.enabled to be set to true | | datadog.helmCheck.valuesAsTags | object | `{}` | Collects Helm values from a release and uses them as tags (Requires Agent and Cluster Agent 7.40.0+). This requires datadog.HelmCheck.enabled to be set to true | @@ -885,7 +891,7 @@ helm install \ | fips.image.name | string | `"fips-proxy"` | | | fips.image.pullPolicy | string | `"IfNotPresent"` | Datadog the FIPS sidecar image pull policy | | fips.image.repository | string | `nil` | Override default registry + image.name for the FIPS sidecar container. | -| fips.image.tag | string | `"1.1.6"` | Define the FIPS sidecar container version to use. | +| fips.image.tag | string | `"1.1.7"` | Define the FIPS sidecar container version to use. | | fips.local_address | string | `"127.0.0.1"` | Set local IP address | | fips.port | int | `9803` | Specifies which port is used by the containers to communicate to the FIPS sidecar. | | fips.portRange | int | `15` | Specifies the number of ports used, defaults to 13 https://github.com/DataDog/datadog-agent/blob/7.44.x/pkg/config/config.go#L1564-L1577 | diff --git a/charts/datadog/ci/agent-with-additional-rbac-label-values.yaml b/charts/datadog/ci/agent-with-additional-rbac-label-values.yaml new file mode 100644 index 000000000..d30828525 --- /dev/null +++ b/charts/datadog/ci/agent-with-additional-rbac-label-values.yaml @@ -0,0 +1,6 @@ +agents: + enabled: true + rbac: + enabled: true + serviceAccountAdditionalLabels: + "app.kubernetes.io/custom-label": custom-value diff --git a/charts/datadog/ci/cluster-agent-and-worker-with-dedicated-rbac-label-values.yaml b/charts/datadog/ci/cluster-agent-and-worker-with-dedicated-rbac-label-values.yaml new file mode 100644 index 000000000..571db5a6f --- /dev/null +++ b/charts/datadog/ci/cluster-agent-and-worker-with-dedicated-rbac-label-values.yaml @@ -0,0 +1,21 @@ +datadog: + apiKey: "00000000000000000000000000000000" + appKey: "0000000000000000000000000000000000000000" + kubeStateMetricsEnabled: false + clusterChecks: + enabled: true + +clusterAgent: + enabled: true + rbac: + create: true + serviceAccountAdditionalLabels: + "app.kubernetes.io/custom-label": custom-value + +clusterChecksRunner: + enabled: true + replicas: 1 + rbac: + dedicated: true + serviceAccountAdditionalLabels: + "app.kubernetes.io/custom-label": custom-value diff --git a/charts/datadog/templates/_container-agent.yaml b/charts/datadog/templates/_container-agent.yaml index 1bda81b9d..46bcd6e26 100644 --- a/charts/datadog/templates/_container-agent.yaml +++ b/charts/datadog/templates/_container-agent.yaml @@ -172,10 +172,8 @@ value: {{ .Values.datadog.expvarPort | quote }} - name: DD_COMPLIANCE_CONFIG_ENABLED value: {{ .Values.datadog.securityAgent.compliance.enabled | quote }} - {{- if eq (include "should-enable-container-image-collection" .) "true" }} - name: DD_CONTAINER_IMAGE_ENABLED - value: "true" - {{- end }} + value: {{ include "should-enable-container-image-collection" . | quote }} {{- if or (eq (include "should-enable-sbom-host-fs-collection" .) "true") (eq (include "should-enable-sbom-container-image-collection" .) "true") }} - name: DD_SBOM_ENABLED value: "true" diff --git a/charts/datadog/templates/_container-system-probe.yaml b/charts/datadog/templates/_container-system-probe.yaml index 8959826a5..90721eca1 100644 --- a/charts/datadog/templates/_container-system-probe.yaml +++ b/charts/datadog/templates/_container-system-probe.yaml @@ -21,7 +21,7 @@ {{- include "containers-common-env" . | nindent 4 }} - name: DD_LOG_LEVEL value: {{ .Values.agents.containers.systemProbe.logLevel | default .Values.datadog.logLevel | quote }} - {{- if .Values.datadog.serviceMonitoring.enabled }} + {{- if or .Values.datadog.serviceMonitoring.enabled .Values.datadog.gpuMonitoring.enabled }} - name: HOST_ROOT value: "/host/root" {{- end }} @@ -72,14 +72,14 @@ mountPath: /host/proc mountPropagation: {{ .Values.datadog.hostVolumeMountPropagation }} readOnly: true -{{- if or .Values.datadog.serviceMonitoring.enabled .Values.datadog.networkMonitoring.enabled .Values.datadog.discovery.enabled }} +{{- if or .Values.datadog.serviceMonitoring.enabled .Values.datadog.networkMonitoring.enabled .Values.datadog.discovery.enabled .Values.datadog.gpuMonitoring.enabled }} - name: cgroups mountPath: /host/sys/fs/cgroup mountPropagation: {{ .Values.datadog.hostVolumeMountPropagation }} readOnly: true {{- end }} {{- include "linux-container-host-release-volumemounts" . | nindent 4 }} - {{- if (eq (include "should-add-host-path-for-os-release-paths" .) "true") }} + {{- if (eq (include "should-add-host-path-for-os-release-paths" .) "true") }} {{- if ne .Values.datadog.osReleasePath "/etc/redhat-release" }} - name: etc-redhat-release mountPath: /host/etc/redhat-release @@ -96,12 +96,16 @@ readOnly: true {{- end }} {{- end }} -{{- if .Values.datadog.serviceMonitoring.enabled }} +{{- if or .Values.datadog.serviceMonitoring.enabled .Values.datadog.gpuMonitoring.enabled }} - name: hostroot mountPath: /host/root mountPropagation: {{ .Values.datadog.hostVolumeMountPropagation }} readOnly: true {{- end }} +{{- if .Values.datadog.gpuMonitoring.enabled }} + - name: gpu-devices + mountPath: /var/run/nvidia-container-devices/all +{{- end }} {{- if and (eq (include "runtime-compilation-enabled" .) "true") .Values.datadog.systemProbe.enableDefaultKernelHeadersPaths }} - name: modules mountPath: /lib/modules diff --git a/charts/datadog/templates/_daemonset-volumes-linux.yaml b/charts/datadog/templates/_daemonset-volumes-linux.yaml index 85ee9b0cc..9e4415d91 100644 --- a/charts/datadog/templates/_daemonset-volumes-linux.yaml +++ b/charts/datadog/templates/_daemonset-volumes-linux.yaml @@ -148,7 +148,7 @@ path: /etc/passwd name: passwd {{- end }} -{{- if or (and (eq (include "should-enable-system-probe" .) "true") .Values.datadog.serviceMonitoring.enabled) (and (eq (include "should-enable-security-agent" .) "true") .Values.datadog.securityAgent.compliance.enabled) }} +{{- if or (and (eq (include "should-enable-system-probe" .) "true") (or .Values.datadog.serviceMonitoring.enabled .Values.datadog.gpuMonitoring.enabled)) (and (eq (include "should-enable-security-agent" .) "true") .Values.datadog.securityAgent.compliance.enabled) }} - hostPath: path: / name: hostroot @@ -219,4 +219,9 @@ secretName: datadog-kubelet-cert name: kubelet-cert-volume {{- end }} +{{- if .Values.datadog.gpuMonitoring.enabled }} +- name: gpu-devices + hostPath: + path: /dev/null +{{- end }} {{- end -}} diff --git a/charts/datadog/templates/_helpers.tpl b/charts/datadog/templates/_helpers.tpl index 53acb70ce..857854bcd 100644 --- a/charts/datadog/templates/_helpers.tpl +++ b/charts/datadog/templates/_helpers.tpl @@ -295,7 +295,7 @@ eu.gcr.io/datadoghq public.ecr.aws/datadog {{- else if eq .datadog.site "ap1.datadoghq.com" -}} asia.gcr.io/datadoghq -{{- else if eq .datadog.site "us3.datadoghq.com" -}} +{{- else if and (eq .datadog.site "us3.datadoghq.com") (not .providers.gke.autopilot) -}} datadoghq.azurecr.io {{- else -}} gcr.io/datadoghq @@ -329,7 +329,7 @@ Return a remote image path based on `.Values` (passed as root) and `.` (any `.im Return true if a system-probe feature is enabled. */}} {{- define "system-probe-feature" -}} -{{- if or .Values.datadog.securityAgent.runtime.enabled .Values.datadog.securityAgent.runtime.fimEnabled .Values.datadog.networkMonitoring.enabled .Values.datadog.systemProbe.enableTCPQueueLength .Values.datadog.systemProbe.enableOOMKill .Values.datadog.serviceMonitoring.enabled .Values.datadog.discovery.enabled -}} +{{- if or .Values.datadog.securityAgent.runtime.enabled .Values.datadog.securityAgent.runtime.fimEnabled .Values.datadog.networkMonitoring.enabled .Values.datadog.systemProbe.enableTCPQueueLength .Values.datadog.systemProbe.enableOOMKill .Values.datadog.serviceMonitoring.enabled .Values.datadog.discovery.enabled .Values.datadog.gpuMonitoring.enabled -}} true {{- else -}} false diff --git a/charts/datadog/templates/agent-clusterchecks-rbac.yaml b/charts/datadog/templates/agent-clusterchecks-rbac.yaml index fd81988d6..cf95e646e 100644 --- a/charts/datadog/templates/agent-clusterchecks-rbac.yaml +++ b/charts/datadog/templates/agent-clusterchecks-rbac.yaml @@ -24,6 +24,9 @@ metadata: chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" heritage: {{ .Release.Service | quote }} release: {{ .Release.Name | quote }} +{{- if .Values.clusterChecksRunner.rbac.serviceAccountAdditionalLabels -}} +{{ tpl (toYaml .Values.clusterChecksRunner.rbac.serviceAccountAdditionalLabels) . | nindent 4}} +{{- end }} name: {{ template "datadog.fullname" . }}-cluster-checks namespace: {{ .Release.Namespace }} {{- if .Values.clusterChecksRunner.rbac.serviceAccountAnnotations }} diff --git a/charts/datadog/templates/cluster-agent-rbac.yaml b/charts/datadog/templates/cluster-agent-rbac.yaml index 8bf355ebb..29ab56553 100644 --- a/charts/datadog/templates/cluster-agent-rbac.yaml +++ b/charts/datadog/templates/cluster-agent-rbac.yaml @@ -364,6 +364,9 @@ metadata: heritage: {{ .Release.Service | quote }} release: {{ .Release.Name | quote }} {{ include "datadog.labels" . | indent 4 }} +{{- if .Values.clusterAgent.rbac.serviceAccountAdditionalLabels -}} +{{ tpl (toYaml .Values.clusterAgent.rbac.serviceAccountAdditionalLabels) . | nindent 4 -}} +{{ end }} {{- if .Values.clusterAgent.rbac.serviceAccountAnnotations }} annotations: {{ tpl (toYaml .Values.clusterAgent.rbac.serviceAccountAnnotations) . | nindent 4}} {{- end }} @@ -515,14 +518,13 @@ metadata: namespace: {{ .Release.Namespace }} {{- $groupedResources := dict }} -{{- $mergedResources := merge (default dict .Values.datadog.kubernetesResourcesAnnotationsAsTags) (default dict .Values.datadog.kubernetesResourcesLabelsAsTags)}} +{{- $mergedResources := mergeOverwrite dict (default dict .Values.datadog.kubernetesResourcesAnnotationsAsTags) (default dict .Values.datadog.kubernetesResourcesLabelsAsTags)}} {{- range $resource, $labels := $mergedResources }} - {{- $parts := split "." $resource }} + {{- $parts := splitList "." $resource }} {{- $apiGroup := "" }} - {{- $resourceName := $resource }} - {{- if eq (len $parts) 2 }} - {{- $apiGroup = index $parts "_1" }} - {{- $resourceName = index $parts "_0" }} + {{- $resourceName := mustFirst $parts }} + {{- if gt (len $parts) 1 }} + {{- $apiGroup = join "." (mustRest $parts) }} {{- end }} {{- $existing := index $groupedResources $apiGroup | default (list) }} {{- $groupedResources = set $groupedResources $apiGroup (append $existing $resourceName) }} @@ -559,4 +561,4 @@ subjects: - kind: ServiceAccount name: {{ template "datadog.fullname" . }}-cluster-agent namespace: {{ .Release.Namespace }} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/charts/datadog/templates/daemonset.yaml b/charts/datadog/templates/daemonset.yaml index 27fa3d25c..5edcd8bb0 100644 --- a/charts/datadog/templates/daemonset.yaml +++ b/charts/datadog/templates/daemonset.yaml @@ -114,6 +114,9 @@ spec: {{- if or .Values.agents.priorityClassCreate .Values.agents.priorityClassName }} priorityClassName: {{ .Values.agents.priorityClassName | default (include "datadog.fullname" . ) }} {{- end }} + {{- if .Values.datadog.gpuMonitoring.enabled }} + runtimeClassName: {{ .Values.datadog.gpuMonitoring.runtimeClassName }} + {{- end }} containers: {{- include "container-agent" . | nindent 6 }} {{- if eq (include "should-enable-trace-agent" .) "true" }} diff --git a/charts/datadog/templates/rbac.yaml b/charts/datadog/templates/rbac.yaml index 919808f88..8cd02c53b 100644 --- a/charts/datadog/templates/rbac.yaml +++ b/charts/datadog/templates/rbac.yaml @@ -163,6 +163,9 @@ metadata: {{- end }} labels: {{ include "datadog.labels" . | indent 4 }} +{{- if .Values.agents.rbac.serviceAccountAdditionalLabels -}} +{{ tpl (toYaml .Values.agents.rbac.serviceAccountAdditionalLabels) . | nindent 4}} +{{- end }} {{- range $role := .Values.datadog.secretBackend.roles }} --- apiVersion: rbac.authorization.k8s.io/v1 diff --git a/charts/datadog/templates/system-probe-configmap.yaml b/charts/datadog/templates/system-probe-configmap.yaml index d769235d2..e74f96f23 100644 --- a/charts/datadog/templates/system-probe-configmap.yaml +++ b/charts/datadog/templates/system-probe-configmap.yaml @@ -47,6 +47,9 @@ data: discovery: enabled: {{ $.Values.datadog.discovery.enabled }} {{- end }} + gpu_monitoring: + enabled: {{ $.Values.datadog.gpuMonitoring.enabled }} + configure_cgroup_perms: {{ $.Values.datadog.gpuMonitoring.configureCgroupPerms }} runtime_security_config: enabled: {{ $.Values.datadog.securityAgent.runtime.enabled }} fim_enabled: {{ $.Values.datadog.securityAgent.runtime.fimEnabled }} diff --git a/charts/datadog/values.yaml b/charts/datadog/values.yaml index 432b1618c..42197daa4 100644 --- a/charts/datadog/values.yaml +++ b/charts/datadog/values.yaml @@ -27,6 +27,8 @@ commonLabels: {} ## Azure - use datadoghq.azurecr.io ## AWS - use public.ecr.aws/datadog ## DockerHub - use docker.io/datadog +## If you are on GKE Autopilot, you must use a gcr.io variant registry. + registry: # gcr.io/datadoghq datadog: @@ -833,6 +835,17 @@ datadog: # datadog.discovery.enabled -- (bool) Enable Service Discovery enabled: # false + gpuMonitoring: + # datadog.gpuMonitoring.enabled -- Enable GPU monitoring + enabled: false + + # datadog.gpuMonitoring.configureCgroupPerms -- Configure cgroup permissions for GPU monitoring + configureCgroupPerms: false + + # datadog.gpuMonitoring.runtimeClassName -- Runtime class name for the agent pods to get access to NVIDIA resources + runtimeClassName: "nvidia" + + # Software Bill of Materials configuration sbom: containerImage: @@ -1029,7 +1042,7 @@ clusterAgent: name: cluster-agent # clusterAgent.image.tag -- Cluster Agent image tag to use - tag: 7.62.0 + tag: 7.63.0 # clusterAgent.image.digest -- Cluster Agent image digest to use, takes precedence over tag if specified digest: "" @@ -1097,6 +1110,9 @@ clusterAgent: # clusterAgent.rbac.serviceAccountAnnotations -- Annotations to add to the ServiceAccount if clusterAgent.rbac.create is true serviceAccountAnnotations: {} + # clusterAgent.rbac.serviceAccountAdditionalLabels -- Labels to add to the ServiceAccount if clusterAgent.rbac.create is true + serviceAccountAdditionalLabels: {} + # clusterAgent.rbac.automountServiceAccountToken -- If true, automatically mount the ServiceAccount's API credentials if clusterAgent.rbac.create is true automountServiceAccountToken: true @@ -1507,7 +1523,7 @@ fips: name: fips-proxy # fips.image.tag -- Define the FIPS sidecar container version to use. - tag: 1.1.6 + tag: 1.1.7 # fips.image.pullPolicy -- Datadog the FIPS sidecar image pull policy pullPolicy: IfNotPresent @@ -1550,7 +1566,7 @@ agents: name: agent # agents.image.tag -- Define the Agent version to use - tag: 7.62.0 + tag: 7.63.0 # agents.image.digest -- Define Agent image digest to use, takes precedence over tag if specified digest: "" @@ -1594,6 +1610,9 @@ agents: # agents.rbac.serviceAccountAnnotations -- Annotations to add to the ServiceAccount if agents.rbac.create is true serviceAccountAnnotations: {} + # agents.rbac.serviceAccountAdditionalLabels -- Labels to add to the ServiceAccount if agents.rbac.create is true + serviceAccountAdditionalLabels: {} + # agents.rbac.automountServiceAccountToken -- If true, automatically mount the ServiceAccount's API credentials if agents.rbac.create is true automountServiceAccountToken: true @@ -2056,7 +2075,7 @@ clusterChecksRunner: name: agent # clusterChecksRunner.image.tag -- Define the Agent version to use - tag: 7.62.0 + tag: 7.63.0 # clusterChecksRunner.image.digest -- Define Agent image digest to use, takes precedence over tag if specified digest: "" @@ -2094,6 +2113,10 @@ clusterChecksRunner: # clusterChecksRunner.rbac.serviceAccountAnnotations -- Annotations to add to the ServiceAccount if clusterChecksRunner.rbac.dedicated is true serviceAccountAnnotations: {} + # clusterChecksRunner.rbac.serviceAccountAdditionalLabels -- Labels to add to the ServiceAccount if clusterChecksRunner.rbac.dedicated is true + serviceAccountAdditionalLabels: {} + + # clusterChecksRunner.rbac.automountServiceAccountToken -- If true, automatically mount the ServiceAccount's API credentials if clusterChecksRunner.rbac.create is true automountServiceAccountToken: true diff --git a/charts/private-action-runner/CHANGELOG.md b/charts/private-action-runner/CHANGELOG.md index aafcf4187..97db34964 100644 --- a/charts/private-action-runner/CHANGELOG.md +++ b/charts/private-action-runner/CHANGELOG.md @@ -1,5 +1,9 @@ # Datadog changelog +## 0.15.6 + +* Update private action image version to `v0.1.11-beta` + ## 0.15.5 * Add gitlab credentials file example diff --git a/charts/private-action-runner/Chart.yaml b/charts/private-action-runner/Chart.yaml index 592c07f9e..114b8c4ed 100644 --- a/charts/private-action-runner/Chart.yaml +++ b/charts/private-action-runner/Chart.yaml @@ -3,7 +3,7 @@ name: private-action-runner description: A Helm chart to deploy the private action runner type: application -version: 0.15.5 +version: 0.15.6 appVersion: "1.22.0" keywords: - app builder diff --git a/charts/private-action-runner/README.md b/charts/private-action-runner/README.md index eff38fbaa..3d15b5d3f 100644 --- a/charts/private-action-runner/README.md +++ b/charts/private-action-runner/README.md @@ -1,6 +1,6 @@ # Datadog Private Action Runner -![Version: 0.15.5](https://img.shields.io/badge/Version-0.15.4-informational?style=flat-square) ![AppVersion: v0.1.10-beta](https://img.shields.io/badge/AppVersion-v0.1.6--beta-informational?style=flat-square) +![Version: 0.15.6](https://img.shields.io/badge/Version-0.15.6-informational?style=flat-square) ![AppVersion: v0.1.11-beta](https://img.shields.io/badge/AppVersion-v0.1.11--beta-informational?style=flat-square) This Helm Chart deploys the Datadog Private Action runner inside a Kubernetes cluster. It allows you to use private actions from the Datadog Workflow and Datadog App Builder products. When deploying this chart, you can give permissions to the runner in order to be able to run Kubernetes actions. @@ -42,7 +42,7 @@ helm repo update | Key | Type | Default | Description | |-----|------|---------|-------------| -| common.image | object | `{"repository":"gcr.io/datadoghq/private-action-runner","tag":"v0.1.10-beta"}` | Current Datadog Private Action Runner image | +| common.image | object | `{"repository":"gcr.io/datadoghq/private-action-runner","tag":"v0.1.11-beta"}` | Current Datadog Private Action Runner image | | credentialFiles | list | `[]` | List of credential files to be used by the Datadog Private Action Runner | | runners[0].config | object | `{"actionsAllowlist":[],"ddBaseURL":"https://app.datadoghq.com","modes":["workflowAutomation","appBuilder"],"port":9016,"privateKey":"CHANGE_ME_PRIVATE_KEY_FROM_CONFIG","urn":"CHANGE_ME_URN_FROM_CONFIG"}` | Configuration for the Datadog Private Action Runner | | runners[0].config.actionsAllowlist | list | `[]` | List of actions that the Datadog Private Action Runner is allowed to execute | diff --git a/charts/private-action-runner/README.md.gotmpl b/charts/private-action-runner/README.md.gotmpl index fadc705ac..4d1cc066f 100644 --- a/charts/private-action-runner/README.md.gotmpl +++ b/charts/private-action-runner/README.md.gotmpl @@ -1,6 +1,6 @@ # Datadog Private Action Runner -![Version: 0.15.5](https://img.shields.io/badge/Version-0.15.4-informational?style=flat-square) ![AppVersion: v0.1.10-beta](https://img.shields.io/badge/AppVersion-v0.1.6--beta-informational?style=flat-square) +![Version: 0.15.6](https://img.shields.io/badge/Version-0.15.6-informational?style=flat-square) ![AppVersion: v0.1.11-beta](https://img.shields.io/badge/AppVersion-v0.1.11--beta-informational?style=flat-square) This Helm Chart deploys the Datadog Private Action runner inside a Kubernetes cluster. It allows you to use private actions from the Datadog Workflow and Datadog App Builder products. When deploying this chart, you can give permissions to the runner in order to be able to run Kubernetes actions. diff --git a/charts/private-action-runner/values.yaml b/charts/private-action-runner/values.yaml index 5fefaa9cf..a30c21851 100644 --- a/charts/private-action-runner/values.yaml +++ b/charts/private-action-runner/values.yaml @@ -6,7 +6,7 @@ common: # -- Current Datadog Private Action Runner image image: repository: gcr.io/datadoghq/private-action-runner - tag: v0.1.10-beta + tag: v0.1.11-beta runners: # runners[0].name -- Name of the Datadog Private Action Runner diff --git a/test/datadog-operator/baseline/Operator_Deployment_default.yaml b/test/datadog-operator/baseline/Operator_Deployment_default.yaml index 84be9b411..cdf0174c5 100644 --- a/test/datadog-operator/baseline/Operator_Deployment_default.yaml +++ b/test/datadog-operator/baseline/Operator_Deployment_default.yaml @@ -7,9 +7,9 @@ metadata: namespace: datadog-agent labels: app.kubernetes.io/name: datadog-operator - helm.sh/chart: datadog-operator-2.6.0 + helm.sh/chart: datadog-operator-2.7.0 app.kubernetes.io/instance: datadog-operator - app.kubernetes.io/version: "1.12.0" + app.kubernetes.io/version: "1.12.1" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -35,7 +35,7 @@ spec: serviceAccountName: datadog-operator containers: - name: datadog-operator - image: "gcr.io/datadoghq/operator:1.12.0" + image: "gcr.io/datadoghq/operator:1.12.1" imagePullPolicy: IfNotPresent env: - name: WATCH_NAMESPACE diff --git a/test/datadog-operator/operator_deployment_test.go b/test/datadog-operator/operator_deployment_test.go index 233c544fc..230d07a07 100644 --- a/test/datadog-operator/operator_deployment_test.go +++ b/test/datadog-operator/operator_deployment_test.go @@ -121,7 +121,7 @@ func verifyDeployment(t *testing.T, manifest string) { assert.Equal(t, 1, len(deployment.Spec.Template.Spec.Containers)) operatorContainer := deployment.Spec.Template.Spec.Containers[0] assert.Equal(t, v1.PullPolicy("IfNotPresent"), operatorContainer.ImagePullPolicy) - assert.Equal(t, "gcr.io/datadoghq/operator:1.12.0", operatorContainer.Image) + assert.Equal(t, "gcr.io/datadoghq/operator:1.12.1", operatorContainer.Image) assert.NotContains(t, operatorContainer.Args, "-webhookEnabled=false") assert.NotContains(t, operatorContainer.Args, "-webhookEnabled=true") } diff --git a/test/datadog/baseline/agent-clusterchecks-deployment_default.yaml b/test/datadog/baseline/agent-clusterchecks-deployment_default.yaml index 84e1254cd..1aaccf93a 100644 --- a/test/datadog/baseline/agent-clusterchecks-deployment_default.yaml +++ b/test/datadog/baseline/agent-clusterchecks-deployment_default.yaml @@ -6,13 +6,13 @@ metadata: name: datadog-clusterchecks namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm app.kubernetes.io/version: "7" app.kubernetes.io/component: clusterchecks-agent - + spec: replicas: 2 revisionHistoryLimit: 10 @@ -33,11 +33,11 @@ spec: app.kubernetes.io/component: clusterchecks-agent admission.datadoghq.com/enabled: "false" app: datadog-clusterchecks - + name: datadog-clusterchecks annotations: - checksum/clusteragent_token: ace9da5834c970ccbe64e4c1d26e90d04508cad05f1b0198e37b6aef958b9712 - checksum/install_info: d99057d2f27261db48a091cf5b114431385f7e656a0b4575b81b9ade7b02583d + checksum/clusteragent_token: d9b3af416ecff4819b57dfe0c64429d869712b3b36f947eb85b9311a05d79192 + checksum/install_info: f22e5b8c2c7eff515e831f89ce1cba51ae3b2b4280f08c7dbacca373c3ac097f spec: serviceAccountName: datadog-cluster-checks automountServiceAccountToken: true @@ -45,7 +45,7 @@ spec: [] initContainers: - name: init-volume - image: "gcr.io/datadoghq/agent:7.62.0" + image: "gcr.io/datadoghq/agent:7.63.0" imagePullPolicy: IfNotPresent command: ["bash", "-c"] args: @@ -57,7 +57,7 @@ spec: resources: {} - name: init-config - image: "gcr.io/datadoghq/agent:7.62.0" + image: "gcr.io/datadoghq/agent:7.63.0" imagePullPolicy: IfNotPresent command: ["bash", "-c"] args: @@ -70,13 +70,13 @@ spec: {} containers: - name: agent - image: "gcr.io/datadoghq/agent:7.62.0" + image: "gcr.io/datadoghq/agent:7.63.0" command: ["bash", "-c"] args: - find /etc/datadog-agent/conf.d/ -name "*.yaml.default" -type f -delete && touch /etc/datadog-agent/datadog.yaml && exec agent run imagePullPolicy: IfNotPresent env: - + - name: KUBERNETES value: "yes" - name: DD_API_KEY @@ -129,8 +129,8 @@ spec: valueFrom: fieldRef: fieldPath: spec.nodeName - - + + resources: {} volumeMounts: @@ -189,4 +189,4 @@ spec: app: datadog-clusterchecks topologyKey: kubernetes.io/hostname nodeSelector: - kubernetes.io/os: linux \ No newline at end of file + kubernetes.io/os: linux diff --git a/test/datadog/baseline/cluster-agent-deployment_default.yaml b/test/datadog/baseline/cluster-agent-deployment_default.yaml index a395cef31..f153cb030 100644 --- a/test/datadog/baseline/cluster-agent-deployment_default.yaml +++ b/test/datadog/baseline/cluster-agent-deployment_default.yaml @@ -6,13 +6,13 @@ metadata: name: datadog-cluster-agent namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm app.kubernetes.io/version: "7" app.kubernetes.io/component: cluster-agent - + spec: replicas: 1 revisionHistoryLimit: 10 @@ -33,20 +33,20 @@ spec: app.kubernetes.io/component: cluster-agent admission.datadoghq.com/enabled: "false" app: datadog-cluster-agent - + name: datadog-cluster-agent annotations: - checksum/clusteragent_token: b8fb19e71daf9c13ce771ed31ed10563a3fdccdb818dce82989b56cbe7f7af16 - checksum/clusteragent-configmap: 04f78cc8c755f4c6debb07948b1bf8318109acb1f32d624857bf409e9e7570c0 - checksum/api_key: 657e19756058df21cac9dd8bdb1289cdf8ab0a632155ce5b9cd382881874a62f + checksum/clusteragent_token: 771d105929d3021acd21a2f768baaf4bbe522635b4a4184bc0e995f59685b55d + checksum/clusteragent-configmap: 526621b6025adf66ae46fbbd8477ca9f9683c7db50f65e84d449c5d8c8a66f02 + checksum/api_key: 8122e1d841c3b3d38f070ddb0ea377f20a7c47efd4f50cc2107281eacd6b6bb0 checksum/application_key: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b - checksum/install_info: d99057d2f27261db48a091cf5b114431385f7e656a0b4575b81b9ade7b02583d + checksum/install_info: f22e5b8c2c7eff515e831f89ce1cba51ae3b2b4280f08c7dbacca373c3ac097f spec: serviceAccountName: datadog-cluster-agent automountServiceAccountToken: true initContainers: - name: init-volume - image: "gcr.io/datadoghq/cluster-agent:7.62.0" + image: "gcr.io/datadoghq/cluster-agent:7.63.0" imagePullPolicy: IfNotPresent command: - cp @@ -59,7 +59,7 @@ spec: mountPath: /opt/datadog-agent containers: - name: cluster-agent - image: "gcr.io/datadoghq/cluster-agent:7.62.0" + image: "gcr.io/datadoghq/cluster-agent:7.63.0" imagePullPolicy: IfNotPresent resources: {} @@ -90,7 +90,7 @@ spec: name: "datadog" key: api-key optional: true - + - name: KUBERNETES value: "yes" - name: DD_LANGUAGE_DETECTION_ENABLED @@ -119,8 +119,8 @@ spec: value: "8000" - name: DD_ADMISSION_CONTROLLER_CONTAINER_REGISTRY value: "gcr.io/datadoghq" - - + + - name: DD_REMOTE_CONFIGURATION_ENABLED value: "false" - name: DD_CLUSTER_CHECKS_ENABLED @@ -183,7 +183,7 @@ spec: configMapKeyRef: name: datadog-kpi-telemetry-configmap key: install_type - + livenessProbe: failureThreshold: 6 httpGet: @@ -268,4 +268,4 @@ spec: app: datadog-cluster-agent topologyKey: kubernetes.io/hostname nodeSelector: - kubernetes.io/os: linux \ No newline at end of file + kubernetes.io/os: linux diff --git a/test/datadog/baseline/cluster-agent-deployment_default_advanced_AC_injection.yaml b/test/datadog/baseline/cluster-agent-deployment_default_advanced_AC_injection.yaml index 97fbbf4d1..02a94755a 100644 --- a/test/datadog/baseline/cluster-agent-deployment_default_advanced_AC_injection.yaml +++ b/test/datadog/baseline/cluster-agent-deployment_default_advanced_AC_injection.yaml @@ -6,13 +6,13 @@ metadata: name: datadog-cluster-agent namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm app.kubernetes.io/version: "7" app.kubernetes.io/component: cluster-agent - + spec: replicas: 1 revisionHistoryLimit: 10 @@ -33,20 +33,20 @@ spec: app.kubernetes.io/component: cluster-agent admission.datadoghq.com/enabled: "false" app: datadog-cluster-agent - + name: datadog-cluster-agent annotations: - checksum/clusteragent_token: d6d5cc3b75e910992b70aceefc6e23fb963430f152d46955a90dc360d855e23a - checksum/clusteragent-configmap: 04f78cc8c755f4c6debb07948b1bf8318109acb1f32d624857bf409e9e7570c0 - checksum/api_key: 657e19756058df21cac9dd8bdb1289cdf8ab0a632155ce5b9cd382881874a62f + checksum/clusteragent_token: 4eed4c4ff3c9fb2e8477919438698cb7ac0b982f10a744099dd77af952b777c2 + checksum/clusteragent-configmap: 526621b6025adf66ae46fbbd8477ca9f9683c7db50f65e84d449c5d8c8a66f02 + checksum/api_key: 8122e1d841c3b3d38f070ddb0ea377f20a7c47efd4f50cc2107281eacd6b6bb0 checksum/application_key: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b - checksum/install_info: d99057d2f27261db48a091cf5b114431385f7e656a0b4575b81b9ade7b02583d + checksum/install_info: f22e5b8c2c7eff515e831f89ce1cba51ae3b2b4280f08c7dbacca373c3ac097f spec: serviceAccountName: datadog-cluster-agent automountServiceAccountToken: true initContainers: - name: init-volume - image: "gcr.io/datadoghq/cluster-agent:7.62.0" + image: "gcr.io/datadoghq/cluster-agent:7.63.0" imagePullPolicy: IfNotPresent command: - cp @@ -59,7 +59,7 @@ spec: mountPath: /opt/datadog-agent containers: - name: cluster-agent - image: "gcr.io/datadoghq/cluster-agent:7.62.0" + image: "gcr.io/datadoghq/cluster-agent:7.63.0" imagePullPolicy: IfNotPresent resources: {} @@ -90,7 +90,7 @@ spec: name: "datadog" key: api-key optional: true - + - name: KUBERNETES value: "yes" - name: DD_LANGUAGE_DETECTION_ENABLED @@ -119,8 +119,8 @@ spec: value: "8000" - name: DD_ADMISSION_CONTROLLER_CONTAINER_REGISTRY value: "gcr.io/datadoghq" - - + + - name: DD_ADMISSION_CONTROLLER_AGENT_SIDECAR_ENABLED value: "true" - name: DD_ADMISSION_CONTROLLER_AGENT_SIDECAR_CLUSTER_AGENT_ENABLED @@ -197,7 +197,7 @@ spec: configMapKeyRef: name: datadog-kpi-telemetry-configmap key: install_type - + livenessProbe: failureThreshold: 6 httpGet: @@ -282,4 +282,4 @@ spec: app: datadog-cluster-agent topologyKey: kubernetes.io/hostname nodeSelector: - kubernetes.io/os: linux \ No newline at end of file + kubernetes.io/os: linux diff --git a/test/datadog/baseline/cluster-agent-deployment_default_minimal_AC_injection.yaml b/test/datadog/baseline/cluster-agent-deployment_default_minimal_AC_injection.yaml index b8f5120fc..b4b5e0da0 100644 --- a/test/datadog/baseline/cluster-agent-deployment_default_minimal_AC_injection.yaml +++ b/test/datadog/baseline/cluster-agent-deployment_default_minimal_AC_injection.yaml @@ -6,13 +6,13 @@ metadata: name: datadog-cluster-agent namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm app.kubernetes.io/version: "7" app.kubernetes.io/component: cluster-agent - + spec: replicas: 1 revisionHistoryLimit: 10 @@ -33,20 +33,20 @@ spec: app.kubernetes.io/component: cluster-agent admission.datadoghq.com/enabled: "false" app: datadog-cluster-agent - + name: datadog-cluster-agent annotations: - checksum/clusteragent_token: 657d56ddcd5aff983a20ed91e79a6ef1dd7092745b8dda1d7cdf294f49c61a5d - checksum/clusteragent-configmap: 04f78cc8c755f4c6debb07948b1bf8318109acb1f32d624857bf409e9e7570c0 - checksum/api_key: 657e19756058df21cac9dd8bdb1289cdf8ab0a632155ce5b9cd382881874a62f + checksum/clusteragent_token: 50ce670f2c8620a094fa935fdc1b8868a9a96c7e2e79abb0b5ac70b4e382f509 + checksum/clusteragent-configmap: 526621b6025adf66ae46fbbd8477ca9f9683c7db50f65e84d449c5d8c8a66f02 + checksum/api_key: 8122e1d841c3b3d38f070ddb0ea377f20a7c47efd4f50cc2107281eacd6b6bb0 checksum/application_key: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b - checksum/install_info: d99057d2f27261db48a091cf5b114431385f7e656a0b4575b81b9ade7b02583d + checksum/install_info: f22e5b8c2c7eff515e831f89ce1cba51ae3b2b4280f08c7dbacca373c3ac097f spec: serviceAccountName: datadog-cluster-agent automountServiceAccountToken: true initContainers: - name: init-volume - image: "gcr.io/datadoghq/cluster-agent:7.62.0" + image: "gcr.io/datadoghq/cluster-agent:7.63.0" imagePullPolicy: IfNotPresent command: - cp @@ -59,7 +59,7 @@ spec: mountPath: /opt/datadog-agent containers: - name: cluster-agent - image: "gcr.io/datadoghq/cluster-agent:7.62.0" + image: "gcr.io/datadoghq/cluster-agent:7.63.0" imagePullPolicy: IfNotPresent resources: {} @@ -90,7 +90,7 @@ spec: name: "datadog" key: api-key optional: true - + - name: KUBERNETES value: "yes" - name: DD_LANGUAGE_DETECTION_ENABLED @@ -119,8 +119,8 @@ spec: value: "8000" - name: DD_ADMISSION_CONTROLLER_CONTAINER_REGISTRY value: "gcr.io/datadoghq" - - + + - name: DD_ADMISSION_CONTROLLER_AGENT_SIDECAR_ENABLED value: "true" - name: DD_ADMISSION_CONTROLLER_AGENT_SIDECAR_CLUSTER_AGENT_ENABLED @@ -130,7 +130,7 @@ spec: - name: DD_ADMISSION_CONTROLLER_AGENT_SIDECAR_IMAGE_NAME value: agent - name: DD_ADMISSION_CONTROLLER_AGENT_SIDECAR_IMAGE_TAG - value: 7.62.0 + value: 7.63.0 - name: DD_REMOTE_CONFIGURATION_ENABLED value: "false" - name: DD_CLUSTER_CHECKS_ENABLED @@ -193,7 +193,7 @@ spec: configMapKeyRef: name: datadog-kpi-telemetry-configmap key: install_type - + livenessProbe: failureThreshold: 6 httpGet: @@ -278,4 +278,4 @@ spec: app: datadog-cluster-agent topologyKey: kubernetes.io/hostname nodeSelector: - kubernetes.io/os: linux \ No newline at end of file + kubernetes.io/os: linux diff --git a/test/datadog/baseline/daemonset_default.yaml b/test/datadog/baseline/daemonset_default.yaml index 537d816c2..652e13ab1 100644 --- a/test/datadog/baseline/daemonset_default.yaml +++ b/test/datadog/baseline/daemonset_default.yaml @@ -6,13 +6,13 @@ metadata: name: datadog namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm app.kubernetes.io/version: "7" app.kubernetes.io/component: agent - + spec: revisionHistoryLimit: 10 selector: @@ -27,25 +27,25 @@ spec: app.kubernetes.io/component: agent admission.datadoghq.com/enabled: "false" app: datadog - + name: datadog annotations: - checksum/clusteragent_token: 5009f2ddeff5693884134d5a8e46880c0eeb09969b307b89a1749b05cf32b2f6 - checksum/install_info: d99057d2f27261db48a091cf5b114431385f7e656a0b4575b81b9ade7b02583d + checksum/clusteragent_token: 63460e3fbf5bf6ce23a5e2e71e18ca3674fe22b92bb3c666c6b2a1ebfdae397d + checksum/install_info: f22e5b8c2c7eff515e831f89ce1cba51ae3b2b4280f08c7dbacca373c3ac097f checksum/autoconf-config: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b checksum/confd-config: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a checksum/checksd-config: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a spec: - + securityContext: runAsUser: 0 hostPID: true containers: - name: agent - image: "gcr.io/datadoghq/agent:7.62.0" + image: "gcr.io/datadoghq/agent:7.63.0" imagePullPolicy: IfNotPresent command: ["agent", "run"] - + resources: {} ports: @@ -62,7 +62,7 @@ spec: value: "true" - name: DD_AUTH_TOKEN_FILE_PATH value: /etc/datadog-agent/auth/token - + - name: KUBERNETES value: "yes" - name: DD_LANGUAGE_DETECTION_ENABLED @@ -75,9 +75,9 @@ spec: fieldPath: status.hostIP - name: DD_OTLP_CONFIG_LOGS_ENABLED value: "false" - - - + + + - name: DD_PROCESS_CONFIG_PROCESS_COLLECTION_ENABLED value: "false" - name: DD_PROCESS_CONFIG_CONTAINER_COLLECTION_ENABLED @@ -124,7 +124,7 @@ spec: - name: DD_IGNORE_AUTOCONF value: "kubernetes_state" - name: DD_CONTAINER_LIFECYCLE_ENABLED - value: "true" + value: "true" - name: DD_ORCHESTRATOR_EXPLORER_ENABLED value: "true" - name: DD_EXPVAR_PORT @@ -134,7 +134,7 @@ spec: - name: DD_CONTAINER_IMAGE_ENABLED value: "true" - name: DD_KUBELET_CORE_CHECK_ENABLED - value: "true" + value: "true" volumeMounts: - name: logdatadog mountPath: /var/log/datadog @@ -146,7 +146,7 @@ spec: - name: tmpdir mountPath: /tmp readOnly: false # Need RW to write to /tmp directory - + - name: os-release-file mountPath: /host/etc/os-release readOnly: true @@ -156,12 +156,12 @@ spec: - name: auth-token mountPath: /etc/datadog-agent/auth readOnly: false # Need RW to write auth token - + - name: runtimesocketdir mountPath: /host/var/run mountPropagation: None readOnly: true - + - name: dsdsocket mountPath: /var/run/datadog readOnly: false @@ -207,9 +207,9 @@ spec: successThreshold: 1 timeoutSeconds: 5 - name: trace-agent - image: "gcr.io/datadoghq/agent:7.62.0" + image: "gcr.io/datadoghq/agent:7.63.0" imagePullPolicy: IfNotPresent - command: ["trace-agent", "-config=/etc/datadog-agent/datadog.yaml"] + command: ["trace-agent", "-config=/etc/datadog-agent/datadog.yaml"] resources: {} ports: @@ -226,7 +226,7 @@ spec: value: "true" - name: DD_AUTH_TOKEN_FILE_PATH value: /etc/datadog-agent/auth/token - + - name: KUBERNETES value: "yes" - name: DD_LANGUAGE_DETECTION_ENABLED @@ -239,7 +239,7 @@ spec: fieldPath: status.hostIP - name: DD_OTLP_CONFIG_LOGS_ENABLED value: "false" - + - name: DD_CLUSTER_AGENT_ENABLED value: "true" - name: DD_CLUSTER_AGENT_KUBERNETES_SERVICE_NAME @@ -249,7 +249,7 @@ spec: secretKeyRef: name: datadog-cluster-agent key: token - + - name: DD_LOG_LEVEL value: "INFO" - name: DD_APM_ENABLED @@ -276,7 +276,7 @@ spec: valueFrom: configMapKeyRef: name: datadog-kpi-telemetry-configmap - key: install_type + key: install_type volumeMounts: - name: config mountPath: /etc/datadog-agent @@ -301,12 +301,12 @@ spec: - name: dsdsocket mountPath: /var/run/datadog readOnly: false # Need RW for UDS DSD socket - + - name: runtimesocketdir mountPath: /host/var/run mountPropagation: None readOnly: true - + livenessProbe: initialDelaySeconds: 15 periodSeconds: 15 @@ -314,8 +314,8 @@ spec: port: 8126 timeoutSeconds: 5 initContainers: - - name: init-volume - image: "gcr.io/datadoghq/agent:7.62.0" + - name: init-volume + image: "gcr.io/datadoghq/agent:7.63.0" imagePullPolicy: IfNotPresent command: ["bash", "-c"] args: @@ -326,8 +326,8 @@ spec: readOnly: false # Need RW for config path resources: {} - - name: init-config - image: "gcr.io/datadoghq/agent:7.62.0" + - name: init-config + image: "gcr.io/datadoghq/agent:7.63.0" imagePullPolicy: IfNotPresent command: - bash @@ -345,7 +345,7 @@ spec: mountPath: /host/proc mountPropagation: None readOnly: true - + - name: runtimesocketdir mountPath: /host/var/run mountPropagation: None @@ -360,7 +360,7 @@ spec: value: "true" - name: DD_AUTH_TOKEN_FILE_PATH value: /etc/datadog-agent/auth/token - + - name: KUBERNETES value: "yes" - name: DD_LANGUAGE_DETECTION_ENABLED @@ -373,7 +373,7 @@ spec: fieldPath: status.hostIP - name: DD_OTLP_CONFIG_LOGS_ENABLED value: "false" - + resources: {} volumes: @@ -384,7 +384,7 @@ spec: name: datadog-installinfo - name: config emptyDir: {} - + - name: logdatadog emptyDir: {} - name: tmpdir @@ -424,4 +424,4 @@ spec: updateStrategy: rollingUpdate: maxUnavailable: 10% - type: RollingUpdate \ No newline at end of file + type: RollingUpdate diff --git a/test/datadog/baseline/gdc_daemonset_default.yaml b/test/datadog/baseline/gdc_daemonset_default.yaml index 4d484409e..4d4abe691 100644 --- a/test/datadog/baseline/gdc_daemonset_default.yaml +++ b/test/datadog/baseline/gdc_daemonset_default.yaml @@ -6,7 +6,7 @@ metadata: name: datadog namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -30,21 +30,21 @@ spec: env.datadoghq.com/kind: gke-gdc name: datadog annotations: - checksum/clusteragent_token: 8a75f345568b6472914bb55b5bedf76f346038cddcb4f081c452339e66d542d1 - checksum/install_info: d99057d2f27261db48a091cf5b114431385f7e656a0b4575b81b9ade7b02583d + checksum/clusteragent_token: 7ea7ba292c47ff4bb9428c79db844d419821934dd23f00ab15178a294a24eea6 + checksum/install_info: f22e5b8c2c7eff515e831f89ce1cba51ae3b2b4280f08c7dbacca373c3ac097f checksum/autoconf-config: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b checksum/confd-config: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a checksum/checksd-config: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a spec: - + securityContext: runAsUser: 0 containers: - name: agent - image: "gcr.io/datadoghq/agent:7.62.0" + image: "gcr.io/datadoghq/agent:7.63.0" imagePullPolicy: IfNotPresent command: ["agent", "run"] - + resources: {} ports: @@ -61,7 +61,7 @@ spec: value: "false" - name: DD_AUTH_TOKEN_FILE_PATH value: /etc/datadog-agent/auth/token - + - name: KUBERNETES value: "yes" - name: DD_KUBELET_CLIENT_CRT @@ -87,8 +87,8 @@ spec: value: "false" - name: DD_PROVIDER_KIND value: gke-gdc - - + + - name: DD_LOG_LEVEL value: "INFO" - name: DD_DOGSTATSD_PORT @@ -123,7 +123,7 @@ spec: - name: DD_IGNORE_AUTOCONF value: "kubernetes_state" - name: DD_CONTAINER_LIFECYCLE_ENABLED - value: "true" + value: "true" - name: DD_ORCHESTRATOR_EXPLORER_ENABLED value: "true" - name: DD_EXPVAR_PORT @@ -133,7 +133,7 @@ spec: - name: DD_CONTAINER_IMAGE_ENABLED value: "true" - name: DD_KUBELET_CORE_CHECK_ENABLED - value: "true" + value: "true" volumeMounts: - name: logdatadog mountPath: /var/log/datadog @@ -145,15 +145,15 @@ spec: - name: tmpdir mountPath: /tmp readOnly: false # Need RW to write to /tmp directory - + - name: config mountPath: /etc/datadog-agent readOnly: false # Need RW to mount to config path - name: auth-token mountPath: /etc/datadog-agent/auth readOnly: false # Need RW to write auth token - - + + - name: kubelet-cert-volume mountPath: /certs livenessProbe: @@ -187,8 +187,8 @@ spec: successThreshold: 1 timeoutSeconds: 5 initContainers: - - name: init-volume - image: "gcr.io/datadoghq/agent:7.62.0" + - name: init-volume + image: "gcr.io/datadoghq/agent:7.63.0" imagePullPolicy: IfNotPresent command: ["bash", "-c"] args: @@ -199,8 +199,8 @@ spec: readOnly: false # Need RW for config path resources: {} - - name: init-config - image: "gcr.io/datadoghq/agent:7.62.0" + - name: init-config + image: "gcr.io/datadoghq/agent:7.63.0" imagePullPolicy: IfNotPresent command: - bash @@ -221,7 +221,7 @@ spec: value: "false" - name: DD_AUTH_TOKEN_FILE_PATH value: /etc/datadog-agent/auth/token - + - name: KUBERNETES value: "yes" - name: DD_KUBELET_CLIENT_CRT @@ -257,7 +257,7 @@ spec: name: datadog-installinfo - name: config emptyDir: {} - + - name: logdatadog emptyDir: {} - name: tmpdir @@ -277,4 +277,4 @@ spec: updateStrategy: rollingUpdate: maxUnavailable: 10% - type: RollingUpdate \ No newline at end of file + type: RollingUpdate diff --git a/test/datadog/baseline/gdc_daemonset_logs_collection.yaml b/test/datadog/baseline/gdc_daemonset_logs_collection.yaml index 1cf3745fc..4c279b04f 100644 --- a/test/datadog/baseline/gdc_daemonset_logs_collection.yaml +++ b/test/datadog/baseline/gdc_daemonset_logs_collection.yaml @@ -6,7 +6,7 @@ metadata: name: datadog namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -30,21 +30,21 @@ spec: env.datadoghq.com/kind: gke-gdc name: datadog annotations: - checksum/clusteragent_token: 415b5eaf576ee79e12a17fb7201c014f2116f3f75b75927e69e41971fa9357a3 - checksum/install_info: d99057d2f27261db48a091cf5b114431385f7e656a0b4575b81b9ade7b02583d + checksum/clusteragent_token: ecd2ba8ac890860d56ebbef729ec7282e9c0ca9d71fc1f1b4308a5bd898ea809 + checksum/install_info: f22e5b8c2c7eff515e831f89ce1cba51ae3b2b4280f08c7dbacca373c3ac097f checksum/autoconf-config: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b checksum/confd-config: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a checksum/checksd-config: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a spec: - + securityContext: runAsUser: 0 containers: - name: agent - image: "gcr.io/datadoghq/agent:7.62.0" + image: "gcr.io/datadoghq/agent:7.63.0" imagePullPolicy: IfNotPresent command: ["agent", "run"] - + resources: {} ports: @@ -61,7 +61,7 @@ spec: value: "false" - name: DD_AUTH_TOKEN_FILE_PATH value: /etc/datadog-agent/auth/token - + - name: KUBERNETES value: "yes" - name: DD_KUBELET_CLIENT_CRT @@ -87,8 +87,8 @@ spec: value: "false" - name: DD_PROVIDER_KIND value: gke-gdc - - + + - name: DD_LOG_LEVEL value: "INFO" - name: DD_DOGSTATSD_PORT @@ -123,7 +123,7 @@ spec: - name: DD_IGNORE_AUTOCONF value: "kubernetes_state" - name: DD_CONTAINER_LIFECYCLE_ENABLED - value: "true" + value: "true" - name: DD_ORCHESTRATOR_EXPLORER_ENABLED value: "true" - name: DD_EXPVAR_PORT @@ -133,7 +133,7 @@ spec: - name: DD_CONTAINER_IMAGE_ENABLED value: "true" - name: DD_KUBELET_CORE_CHECK_ENABLED - value: "true" + value: "true" volumeMounts: - name: logdatadog mountPath: /var/log/datadog @@ -145,15 +145,15 @@ spec: - name: tmpdir mountPath: /tmp readOnly: false # Need RW to write to /tmp directory - + - name: config mountPath: /etc/datadog-agent readOnly: false # Need RW to mount to config path - name: auth-token mountPath: /etc/datadog-agent/auth readOnly: false # Need RW to write auth token - - + + - name: pointerdir mountPath: /opt/datadog-agent/run mountPropagation: None @@ -199,8 +199,8 @@ spec: successThreshold: 1 timeoutSeconds: 5 initContainers: - - name: init-volume - image: "gcr.io/datadoghq/agent:7.62.0" + - name: init-volume + image: "gcr.io/datadoghq/agent:7.63.0" imagePullPolicy: IfNotPresent command: ["bash", "-c"] args: @@ -211,8 +211,8 @@ spec: readOnly: false # Need RW for config path resources: {} - - name: init-config - image: "gcr.io/datadoghq/agent:7.62.0" + - name: init-config + image: "gcr.io/datadoghq/agent:7.63.0" imagePullPolicy: IfNotPresent command: - bash @@ -233,7 +233,7 @@ spec: value: "false" - name: DD_AUTH_TOKEN_FILE_PATH value: /etc/datadog-agent/auth/token - + - name: KUBERNETES value: "yes" - name: DD_KUBELET_CLIENT_CRT @@ -269,7 +269,7 @@ spec: name: datadog-installinfo - name: config emptyDir: {} - + - name: logdatadog emptyDir: {} - name: tmpdir @@ -298,4 +298,4 @@ spec: updateStrategy: rollingUpdate: maxUnavailable: 10% - type: RollingUpdate \ No newline at end of file + type: RollingUpdate diff --git a/test/datadog/baseline/other_default.yaml b/test/datadog/baseline/other_default.yaml index 405c28892..417478036 100644 --- a/test/datadog/baseline/other_default.yaml +++ b/test/datadog/baseline/other_default.yaml @@ -6,7 +6,7 @@ metadata: name: datadog-clusterchecks namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -24,7 +24,7 @@ metadata: name: datadog-cluster-agent namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -41,13 +41,13 @@ kind: ServiceAccount automountServiceAccountToken: true metadata: labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm app.kubernetes.io/version: "7" app: "datadog" - chart: "datadog-3.91.0" + chart: "datadog-3.94.0" heritage: "Helm" release: "datadog" name: datadog-cluster-checks @@ -60,10 +60,10 @@ automountServiceAccountToken: true metadata: labels: app: "datadog" - chart: "datadog-3.91.0" + chart: "datadog-3.94.0" heritage: "Helm" release: "datadog" - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -79,7 +79,7 @@ metadata: name: datadog namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -92,14 +92,14 @@ metadata: name: datadog-cluster-agent namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm app.kubernetes.io/version: "7" type: Opaque data: - token: "MEFMZlA3MjQzS01QakxuakhxSXhRYlFObmlNdTQwR1k=" + token: "Z3RQU2hXVXl6RUIxUXRoMnQ3OVNwNk9PaDJHSXZ6TFk=" --- # Source: datadog/templates/cluster-agent-confd-configmap.yaml apiVersion: v1 @@ -108,7 +108,7 @@ metadata: name: datadog-cluster-agent-confd namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -149,7 +149,7 @@ data: {} annotations_as_tags: {} - + kubernetes_apiserver.yaml: |- init_config: instances: @@ -164,20 +164,20 @@ metadata: name: datadog-installinfo namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm app.kubernetes.io/version: "7" annotations: - checksum/install_info: d99057d2f27261db48a091cf5b114431385f7e656a0b4575b81b9ade7b02583d + checksum/install_info: f22e5b8c2c7eff515e831f89ce1cba51ae3b2b4280f08c7dbacca373c3ac097f data: install_info: | --- install_method: tool: helm tool_version: Helm - installer_version: datadog-3.91.0 + installer_version: datadog-3.94.0 --- # Source: datadog/templates/kpi-telemetry-configmap.yaml apiVersion: v1 @@ -186,22 +186,22 @@ metadata: name: datadog-kpi-telemetry-configmap namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm app.kubernetes.io/version: "7" data: install_type: k8s_manual - install_id: "e73a0f38-ac6c-48a2-9e58-8a14b776478a" - install_time: "1739225171" + install_id: "7ab6981b-5b1d-4490-82ec-22b25031e1ef" + install_time: "1739998016" --- # Source: datadog/templates/cluster-agent-rbac.yaml apiVersion: "rbac.authorization.k8s.io/v1" kind: ClusterRole metadata: labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -426,7 +426,7 @@ apiVersion: "rbac.authorization.k8s.io/v1" kind: ClusterRole metadata: labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -522,7 +522,7 @@ kind: ClusterRole metadata: name: datadog labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -577,7 +577,7 @@ apiVersion: "rbac.authorization.k8s.io/v1" kind: ClusterRoleBinding metadata: labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -597,7 +597,7 @@ apiVersion: "rbac.authorization.k8s.io/v1" kind: ClusterRoleBinding metadata: labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -617,7 +617,7 @@ apiVersion: "rbac.authorization.k8s.io/v1" kind: ClusterRoleBinding metadata: labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -638,7 +638,7 @@ kind: ClusterRoleBinding metadata: name: datadog labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -657,7 +657,7 @@ apiVersion: "rbac.authorization.k8s.io/v1" kind: Role metadata: labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -674,7 +674,7 @@ apiVersion: "rbac.authorization.k8s.io/v1" kind: Role metadata: labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -696,7 +696,7 @@ apiVersion: "rbac.authorization.k8s.io/v1" kind: RoleBinding metadata: labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -717,7 +717,7 @@ apiVersion: "rbac.authorization.k8s.io/v1" kind: RoleBinding metadata: labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -740,7 +740,7 @@ metadata: name: datadog-cluster-agent namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -762,10 +762,10 @@ metadata: namespace: datadog-agent labels: app: "datadog" - chart: "datadog-3.91.0" + chart: "datadog-3.94.0" release: "datadog" heritage: "Helm" - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -788,10 +788,10 @@ metadata: namespace: datadog-agent labels: app: "datadog" - chart: "datadog-3.91.0" + chart: "datadog-3.94.0" release: "datadog" heritage: "Helm" - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm @@ -817,13 +817,13 @@ metadata: name: datadog namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm app.kubernetes.io/version: "7" app.kubernetes.io/component: agent - + spec: revisionHistoryLimit: 10 selector: @@ -838,25 +838,25 @@ spec: app.kubernetes.io/component: agent admission.datadoghq.com/enabled: "false" app: datadog - + name: datadog annotations: - checksum/clusteragent_token: f23352ce6337e397534d60358b952fb37b8c0e0ef9280ef5d374d06d0597a8f4 - checksum/install_info: d99057d2f27261db48a091cf5b114431385f7e656a0b4575b81b9ade7b02583d + checksum/clusteragent_token: 76b7e48f3b6f5a69bd69caca36858256aecfe72ae9482cb3cff7176bfba8c1bb + checksum/install_info: f22e5b8c2c7eff515e831f89ce1cba51ae3b2b4280f08c7dbacca373c3ac097f checksum/autoconf-config: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b checksum/confd-config: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a checksum/checksd-config: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a spec: - + securityContext: runAsUser: 0 hostPID: true containers: - name: agent - image: "gcr.io/datadoghq/agent:7.62.0" + image: "gcr.io/datadoghq/agent:7.63.0" imagePullPolicy: IfNotPresent command: ["agent", "run"] - + resources: {} ports: @@ -873,7 +873,7 @@ spec: value: "true" - name: DD_AUTH_TOKEN_FILE_PATH value: /etc/datadog-agent/auth/token - + - name: KUBERNETES value: "yes" - name: DD_LANGUAGE_DETECTION_ENABLED @@ -886,9 +886,9 @@ spec: fieldPath: status.hostIP - name: DD_OTLP_CONFIG_LOGS_ENABLED value: "false" - - - + + + - name: DD_PROCESS_CONFIG_PROCESS_COLLECTION_ENABLED value: "false" - name: DD_PROCESS_CONFIG_CONTAINER_COLLECTION_ENABLED @@ -932,11 +932,11 @@ spec: value: "/var/run/datadog/dsd.socket" - name: DD_EXTRA_CONFIG_PROVIDERS value: "endpointschecks" - + - name: DD_IGNORE_AUTOCONF value: "kubernetes_state" - name: DD_CONTAINER_LIFECYCLE_ENABLED - value: "true" + value: "true" - name: DD_ORCHESTRATOR_EXPLORER_ENABLED value: "true" - name: DD_EXPVAR_PORT @@ -946,7 +946,7 @@ spec: - name: DD_CONTAINER_IMAGE_ENABLED value: "true" - name: DD_KUBELET_CORE_CHECK_ENABLED - value: "true" + value: "true" volumeMounts: - name: logdatadog mountPath: /var/log/datadog @@ -958,7 +958,7 @@ spec: - name: tmpdir mountPath: /tmp readOnly: false # Need RW to write to /tmp directory - + - name: os-release-file mountPath: /host/etc/os-release readOnly: true @@ -968,12 +968,12 @@ spec: - name: auth-token mountPath: /etc/datadog-agent/auth readOnly: false # Need RW to write auth token - + - name: runtimesocketdir mountPath: /host/var/run mountPropagation: None readOnly: true - + - name: dsdsocket mountPath: /var/run/datadog readOnly: false @@ -1019,9 +1019,9 @@ spec: successThreshold: 1 timeoutSeconds: 5 - name: trace-agent - image: "gcr.io/datadoghq/agent:7.62.0" + image: "gcr.io/datadoghq/agent:7.63.0" imagePullPolicy: IfNotPresent - command: ["trace-agent", "-config=/etc/datadog-agent/datadog.yaml"] + command: ["trace-agent", "-config=/etc/datadog-agent/datadog.yaml"] resources: {} ports: @@ -1038,7 +1038,7 @@ spec: value: "true" - name: DD_AUTH_TOKEN_FILE_PATH value: /etc/datadog-agent/auth/token - + - name: KUBERNETES value: "yes" - name: DD_LANGUAGE_DETECTION_ENABLED @@ -1051,7 +1051,7 @@ spec: fieldPath: status.hostIP - name: DD_OTLP_CONFIG_LOGS_ENABLED value: "false" - + - name: DD_CLUSTER_AGENT_ENABLED value: "true" - name: DD_CLUSTER_AGENT_KUBERNETES_SERVICE_NAME @@ -1061,7 +1061,7 @@ spec: secretKeyRef: name: datadog-cluster-agent key: token - + - name: DD_LOG_LEVEL value: "INFO" - name: DD_APM_ENABLED @@ -1088,7 +1088,7 @@ spec: valueFrom: configMapKeyRef: name: datadog-kpi-telemetry-configmap - key: install_type + key: install_type volumeMounts: - name: config mountPath: /etc/datadog-agent @@ -1113,12 +1113,12 @@ spec: - name: dsdsocket mountPath: /var/run/datadog readOnly: false # Need RW for UDS DSD socket - + - name: runtimesocketdir mountPath: /host/var/run mountPropagation: None readOnly: true - + livenessProbe: initialDelaySeconds: 15 periodSeconds: 15 @@ -1126,8 +1126,8 @@ spec: port: 8126 timeoutSeconds: 5 initContainers: - - name: init-volume - image: "gcr.io/datadoghq/agent:7.62.0" + - name: init-volume + image: "gcr.io/datadoghq/agent:7.63.0" imagePullPolicy: IfNotPresent command: ["bash", "-c"] args: @@ -1138,8 +1138,8 @@ spec: readOnly: false # Need RW for config path resources: {} - - name: init-config - image: "gcr.io/datadoghq/agent:7.62.0" + - name: init-config + image: "gcr.io/datadoghq/agent:7.63.0" imagePullPolicy: IfNotPresent command: - bash @@ -1157,7 +1157,7 @@ spec: mountPath: /host/proc mountPropagation: None readOnly: true - + - name: runtimesocketdir mountPath: /host/var/run mountPropagation: None @@ -1172,7 +1172,7 @@ spec: value: "true" - name: DD_AUTH_TOKEN_FILE_PATH value: /etc/datadog-agent/auth/token - + - name: KUBERNETES value: "yes" - name: DD_LANGUAGE_DETECTION_ENABLED @@ -1185,7 +1185,7 @@ spec: fieldPath: status.hostIP - name: DD_OTLP_CONFIG_LOGS_ENABLED value: "false" - + resources: {} volumes: @@ -1196,7 +1196,7 @@ spec: name: datadog-installinfo - name: config emptyDir: {} - + - name: logdatadog emptyDir: {} - name: tmpdir @@ -1245,13 +1245,13 @@ metadata: name: datadog-clusterchecks namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm app.kubernetes.io/version: "7" app.kubernetes.io/component: clusterchecks-agent - + spec: replicas: 2 revisionHistoryLimit: 10 @@ -1272,11 +1272,11 @@ spec: app.kubernetes.io/component: clusterchecks-agent admission.datadoghq.com/enabled: "false" app: datadog-clusterchecks - + name: datadog-clusterchecks annotations: - checksum/clusteragent_token: 15f90e4cabb80a209da1d06f3cb2dd35324b45bd8deff6d3fdf72a0292ec175c - checksum/install_info: d99057d2f27261db48a091cf5b114431385f7e656a0b4575b81b9ade7b02583d + checksum/clusteragent_token: daa174eddd987c6413de2d94a6369e9241c95486be083fe1a97f1ec6a65e4040 + checksum/install_info: f22e5b8c2c7eff515e831f89ce1cba51ae3b2b4280f08c7dbacca373c3ac097f spec: serviceAccountName: datadog-cluster-checks automountServiceAccountToken: true @@ -1284,7 +1284,7 @@ spec: [] initContainers: - name: init-volume - image: "gcr.io/datadoghq/agent:7.62.0" + image: "gcr.io/datadoghq/agent:7.63.0" imagePullPolicy: IfNotPresent command: ["bash", "-c"] args: @@ -1296,7 +1296,7 @@ spec: resources: {} - name: init-config - image: "gcr.io/datadoghq/agent:7.62.0" + image: "gcr.io/datadoghq/agent:7.63.0" imagePullPolicy: IfNotPresent command: ["bash", "-c"] args: @@ -1309,13 +1309,13 @@ spec: {} containers: - name: agent - image: "gcr.io/datadoghq/agent:7.62.0" + image: "gcr.io/datadoghq/agent:7.63.0" command: ["bash", "-c"] args: - find /etc/datadog-agent/conf.d/ -name "*.yaml.default" -type f -delete && touch /etc/datadog-agent/datadog.yaml && exec agent run imagePullPolicy: IfNotPresent env: - + - name: KUBERNETES value: "yes" - name: DD_API_KEY @@ -1368,8 +1368,8 @@ spec: valueFrom: fieldRef: fieldPath: spec.nodeName - - + + resources: {} volumeMounts: @@ -1437,13 +1437,13 @@ metadata: name: datadog-cluster-agent namespace: datadog-agent labels: - helm.sh/chart: 'datadog-3.91.0' + helm.sh/chart: 'datadog-3.94.0' app.kubernetes.io/name: "datadog" app.kubernetes.io/instance: "datadog" app.kubernetes.io/managed-by: Helm app.kubernetes.io/version: "7" app.kubernetes.io/component: cluster-agent - + spec: replicas: 1 revisionHistoryLimit: 10 @@ -1464,18 +1464,18 @@ spec: app.kubernetes.io/component: cluster-agent admission.datadoghq.com/enabled: "false" app: datadog-cluster-agent - + name: datadog-cluster-agent annotations: - checksum/clusteragent_token: 5a6fc51e022b01df7c04eeb424a8810c04b991b55069539e9f5cd8af12cee296 - checksum/clusteragent-configmap: 86190a6d13b82b58a4a3158761c458fd0009ae0cfd622e7c98e02207e8361074 - checksum/install_info: d99057d2f27261db48a091cf5b114431385f7e656a0b4575b81b9ade7b02583d + checksum/clusteragent_token: d2e4a6d1ba18dde0aec744258e2bee3527c24715f206a6eb1b14e4c216f30345 + checksum/clusteragent-configmap: 3e1d28b00f05be6ed53a01f58794b605d25fcc847c2348f7ede166ee0f2ee128 + checksum/install_info: f22e5b8c2c7eff515e831f89ce1cba51ae3b2b4280f08c7dbacca373c3ac097f spec: serviceAccountName: datadog-cluster-agent automountServiceAccountToken: true initContainers: - name: init-volume - image: "gcr.io/datadoghq/cluster-agent:7.62.0" + image: "gcr.io/datadoghq/cluster-agent:7.63.0" imagePullPolicy: IfNotPresent command: - cp @@ -1488,7 +1488,7 @@ spec: mountPath: /opt/datadog-agent containers: - name: cluster-agent - image: "gcr.io/datadoghq/cluster-agent:7.62.0" + image: "gcr.io/datadoghq/cluster-agent:7.63.0" imagePullPolicy: IfNotPresent resources: {} @@ -1519,7 +1519,7 @@ spec: name: "datadog-secret" key: api-key optional: true - + - name: KUBERNETES value: "yes" - name: DD_LANGUAGE_DETECTION_ENABLED @@ -1548,8 +1548,8 @@ spec: value: "8000" - name: DD_ADMISSION_CONTROLLER_CONTAINER_REGISTRY value: "gcr.io/datadoghq" - - + + - name: DD_REMOTE_CONFIGURATION_ENABLED value: "false" - name: DD_CLUSTER_CHECKS_ENABLED @@ -1614,7 +1614,7 @@ spec: configMapKeyRef: name: datadog-kpi-telemetry-configmap key: install_type - + livenessProbe: failureThreshold: 6 httpGet: @@ -1699,4 +1699,4 @@ spec: app: datadog-cluster-agent topologyKey: kubernetes.io/hostname nodeSelector: - kubernetes.io/os: linux \ No newline at end of file + kubernetes.io/os: linux diff --git a/test/private-action-runner/__snapshot__/default.yaml b/test/private-action-runner/__snapshot__/default.yaml index a6842ac84..97496712e 100644 --- a/test/private-action-runner/__snapshot__/default.yaml +++ b/test/private-action-runner/__snapshot__/default.yaml @@ -100,7 +100,7 @@ spec: value: nodeless containers: - name: runner - image: "gcr.io/datadoghq/private-action-runner:v0.1.10-beta" + image: "gcr.io/datadoghq/private-action-runner:v0.1.11-beta" imagePullPolicy: IfNotPresent ports: - name: http diff --git a/test/private-action-runner/__snapshot__/enable-kubernetes-actions.yaml b/test/private-action-runner/__snapshot__/enable-kubernetes-actions.yaml index 0f68c4cc1..0243594a4 100644 --- a/test/private-action-runner/__snapshot__/enable-kubernetes-actions.yaml +++ b/test/private-action-runner/__snapshot__/enable-kubernetes-actions.yaml @@ -144,7 +144,7 @@ spec: value: nodeless containers: - name: runner - image: "gcr.io/datadoghq/private-action-runner:v0.1.10-beta" + image: "gcr.io/datadoghq/private-action-runner:v0.1.11-beta" imagePullPolicy: IfNotPresent ports: - name: http