Skip to content

Commit

Permalink
Merge branch 'master' into master
Browse files Browse the repository at this point in the history
  • Loading branch information
nluedema authored Oct 24, 2024
2 parents d8cc15a + 83cef4c commit ad10628
Show file tree
Hide file tree
Showing 13 changed files with 33 additions and 130 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/security.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ jobs:
uses: actions/checkout@v4

- name: Run Trivy vulnerability scanner in repo mode
uses: aquasecurity/trivy-action@0.24.0
uses: aquasecurity/trivy-action@0.28.0
if: ${{ ! github.event.schedule }} # Do not run inline checks when running periodically
with:
scan-type: fs
Expand All @@ -23,7 +23,7 @@ jobs:
severity: 'HIGH,CRITICAL'

- name: Run Trivy vulnerability scanner sarif output
uses: aquasecurity/trivy-action@0.24.0
uses: aquasecurity/trivy-action@0.28.0
if: ${{ github.event.schedule }} # Generate sarif when running periodically
with:
scan-type: fs
Expand Down
4 changes: 2 additions & 2 deletions charts/nr-k8s-otel-collector/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.7.7
version: 0.8.0

dependencies:
- name: common-library
Expand All @@ -32,7 +32,7 @@ dependencies:
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
appVersion: "0.7.1"
appVersion: "0.8.0"

maintainers:
- name: csongnr
Expand Down
10 changes: 2 additions & 8 deletions charts/nr-k8s-otel-collector/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -65,13 +65,7 @@ Options that can be defined globally include `affinity`, `nodeSelector`, `tolera
If using GKE Autopilot, please set the following configuration in your values.yaml file in order for the agent to work with GKE Autopilot.

```
privileged: false
receivers:
filelog:
enabled: false
daemonset:
containerSecurityContext:
privileged: false
gkeAutopilot: false
```

## Values
Expand Down Expand Up @@ -106,6 +100,7 @@ daemonset:
| deployment.resources | object | `{}` | Sets resources for the deployment. |
| deployment.tolerations | list | `[]` | Sets deployment pod tolerations. Overrides `tolerations` and `global.tolerations` |
| dnsConfig | object | `{}` | Sets pod's dnsConfig. Can be configured also with `global.dnsConfig` |
| gkeAutopilot | bool | `false` | If deploying to a GKE autopilot cluster, set to true |
| image.pullPolicy | string | `"IfNotPresent"` | The pull policy is defaulted to IfNotPresent, which skips pulling an image if it already exists. If pullPolicy is defined without a specific value, it is also set to Always. |
| image.repository | string | `"newrelic/nr-otel-collector"` | OTel collector image to be deployed. You can use your own collector as long it accomplish the following requirements mentioned below. |
| image.tag | string | `"0.7.1"` | Overrides the image tag whose default is the chart appVersion. |
Expand All @@ -119,7 +114,6 @@ daemonset:
| podLabels | object | `{}` | Additional labels for chart pods |
| podSecurityContext | object | `{}` | Sets all security contexts (at pod level). Can be configured also with `global.securityContext.pod` |
| priorityClassName | string | `""` | Sets pod's priorityClassName. Can be configured also with `global.priorityClassName` |
| privileged | bool | `true` | Run the integration with full access to the host filesystem and network. Running in this mode allows reporting fine-grained cpu, memory, process and network metrics for your nodes. |
| rbac.create | bool | `true` | Specifies whether RBAC resources should be created |
| receivers.filelog.enabled | bool | `true` | Specifies whether the `filelog` receiver is enabled |
| receivers.hostmetrics.enabled | bool | `true` | Specifies whether the `hostmetrics` receiver is enabled |
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ data:
receivers:
hostmetrics:
# TODO (chris): this is a linux specific configuration
{{- if include "newrelic.common.privileged" . }}
{{- if not .Values.gkeAutopilot }}
root_path: /hostfs
{{- end }}
collection_interval: {{ .Values.receivers.hostmetrics.scrapeInterval }}
Expand Down Expand Up @@ -66,7 +66,7 @@ data:
kubeletstats:
collection_interval: {{ .Values.receivers.kubeletstats.scrapeInterval }}
{{- if include "newrelic.common.privileged" . }}
{{- if not .Values.gkeAutopilot }}
endpoint: "${KUBE_NODE_NAME}:10250"
auth_type: "serviceAccount"
insecure_skip_verify: true
Expand Down Expand Up @@ -564,13 +564,13 @@ data:
{{- if or .Values.receivers.hostmetrics.enabled (or .Values.receivers.kubeletstats.enabled .Values.receivers.prometheus.enabled) }}
metrics:
receivers:
{{- if and .Values.receivers.hostmetrics.enabled (include "newrelic.common.privileged" .) }}
{{- if .Values.receivers.hostmetrics.enabled }}
- hostmetrics
{{- end }}
{{- if .Values.receivers.kubeletstats.enabled }}
- kubeletstats
{{- end }}
{{- if and .Values.receivers.prometheus.enabled (include "newrelic.common.privileged" .) }}
{{- if .Values.receivers.prometheus.enabled }}
- prometheus
{{- end }}
processors:
Expand Down
10 changes: 4 additions & 6 deletions charts/nr-k8s-otel-collector/templates/daemonset.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -79,27 +79,25 @@ spec:
{{- . | toYaml | nindent 12 }}
{{- end }}
volumeMounts:
# TODO (chris): this is a linux specific configuration
{{- if include "newrelic.common.privileged" . }}
{{- if not .Values.gkeAutopilot }}
- name: host-fs
mountPath: /hostfs
readOnly: true
{{- end }}
- name: varlogpods
mountPath: /var/log/pods
readOnly: true
{{- end }}
- name: daemonset-config
mountPath: /config
volumes:
# TODO (chris): this is a linux specific configuration
{{- if include "newrelic.common.privileged" . }}
{{- if not .Values.gkeAutopilot }}
- name: host-fs
hostPath:
path: /
{{- end }}
- name: varlogpods
hostPath:
path: /var/log/pods
{{- end }}
- name: daemonset-config
configMap:
name: {{ include "nrKubernetesOtel.daemonset.configMap.fullname" . }}
Expand Down
88 changes: 0 additions & 88 deletions charts/nr-k8s-otel-collector/tests/privileged_test.yaml

This file was deleted.

9 changes: 4 additions & 5 deletions charts/nr-k8s-otel-collector/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ image:
# -- The pull policy is defaulted to IfNotPresent, which skips pulling an image if it already exists. If pullPolicy is defined without a specific value, it is also set to Always.
pullPolicy: IfNotPresent
# -- Overrides the image tag whose default is the chart appVersion.
tag: "0.7.1"
tag: "0.8.3"

# -- Name of the Kubernetes cluster monitored. Mandatory. Can be configured also with `global.cluster`
cluster: ""
Expand All @@ -39,10 +39,9 @@ priorityClassName: ""
# -- Sets pod's dnsConfig. Can be configured also with `global.dnsConfig`
dnsConfig: {}

# -- Run the integration with full access to the host filesystem and network.
# Running in this mode allows reporting fine-grained cpu, memory, process and network metrics for your nodes.
# @default -- `true`
privileged: true
# -- If deploying to a GKE autopilot cluster, set to true
# @default -- `false`
gkeAutopilot: false

daemonset:
# -- Sets daemonset pod node selector. Overrides `nodeSelector` and `global.nodeSelector`
Expand Down
10 changes: 5 additions & 5 deletions charts/nri-bundle/Chart.lock
Original file line number Diff line number Diff line change
Expand Up @@ -16,10 +16,10 @@ dependencies:
version: 1.11.4
- name: kube-state-metrics
repository: https://prometheus-community.github.io/helm-charts
version: 5.12.1
version: 5.26.0
- name: nri-kube-events
repository: https://newrelic.github.io/nri-kube-events
version: 3.10.8
version: 3.10.9
- name: newrelic-logging
repository: https://newrelic.github.io/helm-charts
version: 1.23.0
Expand All @@ -28,12 +28,12 @@ dependencies:
version: 2.1.5
- name: k8s-agents-operator
repository: https://newrelic.github.io/k8s-agents-operator
version: 0.14.0
version: 0.15.0
- name: pixie-operator-chart
repository: https://pixie-operator-charts.storage.googleapis.com
version: 0.1.6
- name: newrelic-infra-operator
repository: https://newrelic.github.io/newrelic-infra-operator
version: 2.11.4
digest: sha256:8f19ad3de657de31df05c577d52cf0e1564804e1dada487c00fed0346f3df1c0
generated: "2024-10-14T19:10:40.623083233Z"
digest: sha256:1c72675f294da2e692af217484ef68681b41e790ba18b93419c914d6f30e1388
generated: "2024-10-22T14:03:09.864437-07:00"
8 changes: 4 additions & 4 deletions charts/nri-bundle/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ sources:
- https://github.com/newrelic/newrelic-infra-operator/tree/master/charts/newrelic-infra-operator
- https://github.com/newrelic/k8s-agents-operator/tree/master/charts/k8s-agents-operator

version: 5.0.95
version: 5.0.97

dependencies:
- name: newrelic-infrastructure
Expand Down Expand Up @@ -46,14 +46,14 @@ dependencies:
version: 1.11.4

- name: kube-state-metrics
version: 5.12.1
version: 5.26.0
condition: ksm.enabled,kube-state-metrics.enabled
repository: https://prometheus-community.github.io/helm-charts

- name: nri-kube-events
repository: https://newrelic.github.io/nri-kube-events
condition: kubeEvents.enabled,nri-kube-events.enabled
version: 3.10.8
version: 3.10.9

- name: newrelic-logging
repository: https://newrelic.github.io/helm-charts
Expand All @@ -68,7 +68,7 @@ dependencies:
- name: k8s-agents-operator
repository: https://newrelic.github.io/k8s-agents-operator
condition: k8s-agents-operator.enabled
version: 0.14.0
version: 0.15.0

# Keep the version of pixie-operator-chart in sync with the CRD versions for
# olm_crd.yaml and px.dev_viziers.yaml in
Expand Down
2 changes: 1 addition & 1 deletion charts/super-agent/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ name: super-agent
description: Bootstraps New Relic' Super Agent

type: application
version: 0.0.21-beta
version: 0.0.22-beta

dependencies:
- name: flux2
Expand Down
2 changes: 1 addition & 1 deletion charts/super-agent/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ super-agent-deployment:
image:
registry:
repository: newrelic/newrelic-super-agent
tag: 0.23.0
tag: 0.24.1
imagePullPolicy: IfNotPresent
# -- The secrets that are needed to pull images from a custom registry.
pullSecrets: []
Expand Down
4 changes: 2 additions & 2 deletions charts/synthetics-job-manager/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v2
name: synthetics-job-manager
description: New Relic Synthetics Containerized Job Manager
type: application
version: 3.0.1
version: 3.0.2
appVersion: release-404
home: https://github.com/orgs/newrelic/teams/proactive-monitoring
maintainers:
Expand All @@ -24,7 +24,7 @@ keywords:
- newrelic
dependencies:
- name: ping-runtime
version: 1.0.21
version: 1.0.22
condition: ping-runtime.enabled
- name: node-api-runtime
version: 1.0.37
Expand Down
4 changes: 2 additions & 2 deletions charts/synthetics-job-manager/charts/ping-runtime/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@ apiVersion: v2
name: ping-runtime
description: New Relic Synthetics Ping Runtime
type: application
version: 1.0.21
appVersion: 1.46.0
version: 1.0.22
appVersion: 1.47.0
home: https://github.com/orgs/newrelic/teams/proactive-monitoring
maintainers:
- name: Philip-R-Beckwith
Expand Down

0 comments on commit ad10628

Please sign in to comment.