Merge pull request #319 from cs-pvyas/iar-1.1.10-helm-updates

v1.1.10 helm updates for flag for klogs + autodiscovery
CrowdStrike · Oct 16, 2024 · 957e18c · 957e18c
2 parents 6731e7b + 0c9e7d9
commit 957e18c
Show file tree

Hide file tree

Showing 6 changed files with 72 additions and 52 deletions.
diff --git a/helm-charts/falcon-image-analyzer/Chart.yaml b/helm-charts/falcon-image-analyzer/Chart.yaml
@@ -15,10 +15,10 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 1.1.9
+version: 1.1.10
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "1.0.15"
+appVersion: "1.0.16"
diff --git a/helm-charts/falcon-image-analyzer/README.md b/helm-charts/falcon-image-analyzer/README.md
diff --git a/helm-charts/falcon-image-analyzer/templates/_helpers.tpl b/helm-charts/falcon-image-analyzer/templates/_helpers.tpl
@@ -174,9 +174,9 @@ runAsGroup: {{ .Values.securityContext.runAsGroup | default 0 }}
 
 {{- define "falcon-image-analyzer.imagePullSecret" }}
 {{- with .Values.crowdstrikeConfig }}
-{{- if eq .agentRegion "us-gov-1" }}
+{{- if or (eq .agentRegion "us-gov-1") (eq .agentRegion "usgov1") (eq .agentRegion "us-gov1") (eq .agentRegion "gov1") (eq .agentRegion "gov-1") }}
 {{- printf "{\"auths\":{\"registry.laggar.gcw.crowdstrike.com\":{\"username\":\"fc-%s\",\"password\":\"%s\",\"email\":\"[email protected]\",\"auth\":\"%s\"}}}" (first (regexSplit "-" (lower .cid) -1)) .dockerAPIToken (printf "fc-%s:%s" (first (regexSplit "-" (lower .cid) -1)) .dockerAPIToken | b64enc) | b64enc }}
-{{- else if eq .agentRegion "us-gov-2" }}
+{{- else if or (eq .agentRegion "us-gov-2") (eq .agentRegion "usgov2") (eq .agentRegion "us-gov2") (eq .agentRegion "gov2") (eq .agentRegion "gov-2") }}
 {{- printf "{\"auths\":{\"registry.us-gov-2.crowdstrike.mil\":{\"username\":\"fc-%s\",\"password\":\"%s\",\"email\":\"[email protected]\",\"auth\":\"%s\"}}}" (first (regexSplit "-" (lower .cid) -1)) .dockerAPIToken (printf "fc-%s:%s" (first (regexSplit "-" (lower .cid) -1)) .dockerAPIToken | b64enc) | b64enc }}
 {{- else }}
 {{- printf "{\"auths\":{\"registry.crowdstrike.com\":{\"username\":\"fc-%s\",\"password\":\"%s\",\"email\":\"[email protected]\",\"auth\":\"%s\"}}}" (first (regexSplit "-" (lower .cid) -1)) .dockerAPIToken (printf "fc-%s:%s" (first (regexSplit "-" (lower .cid) -1)) .dockerAPIToken | b64enc) | b64enc }}

diff --git a/helm-charts/falcon-image-analyzer/templates/configmap.yaml b/helm-charts/falcon-image-analyzer/templates/configmap.yaml
@@ -17,6 +17,7 @@ data:
   AGENT_NAMESPACE_EXCLUSIONS: {{ .Values.exclusions.namespace | quote }}
   AGENT_REGISTRY_EXCLUSIONS: {{ .Values.exclusions.registry | quote }}
   AGENT_DEBUG: {{ .Values.crowdstrikeConfig.enableDebug | quote }}
+  ENABLE_KLOGS: {{ .Values.crowdstrikeConfig.enableKlogs | quote }}
   AGENT_RUNMODE: {{ include "falcon-image-analyzer.agentrunmode" . | quote }}
   AGENT_REGION: {{ .Values.crowdstrikeConfig.agentRegion | quote }}
   AGENT_TEMP_MOUNT_SIZE: {{ include "falcon-image-analyzer.tempvolsize" . | quote }}

diff --git a/helm-charts/falcon-image-analyzer/values.schema.json b/helm-charts/falcon-image-analyzer/values.schema.json
@@ -165,9 +165,9 @@
                 },
                 "agentRegion": {
                     "type": "string",
-                    "pattern": "^(us-|eu-|us-gov-)[1-2]+$",
+                    "pattern": "^(us-1|us-2|eu-1|us-gov-1|us-gov-2|gov-1|gov-2|gov1|gov2|auto|autodiscovery|autodiscover)$",
                     "description": "CrowdStrike Cloud Region",
-                    "default": "us-1"
+                    "default": "autodiscovery"
                 },
                 "agentRuntime": {
                     "type": "string",

diff --git a/helm-charts/falcon-image-analyzer/values.yaml b/helm-charts/falcon-image-analyzer/values.yaml
@@ -9,8 +9,9 @@ deployment:
   enabled: false
 
 # override this value if needed
+# default to 500 as kubectl
 watcher:
-  listPageSize: 100
+  listPageSize: 500
 
 # Do not override anywhere in values - Always 1 for Deployment. NA for daemonset
 replicaCount: 1
@@ -154,6 +155,12 @@ scanStats:
 
 crowdstrikeConfig:
   clusterName: ""
+
+  # These are special Kubernetes SDK Verbose Logs. Helpful for troubleshooting kube API.
+  # Only Enable for extreme troubleshooting.
+  enableKlogs: "false"
+
+
   enableDebug: "false"
   clientID: ""
   clientSecret: ""
@@ -168,7 +175,7 @@ crowdstrikeConfig:
   # defined in your k8s that may contain secrets
   # for falcon api client id and pw
   existingSecret: ""
-  agentRegion: "us-1"
+  agentRegion: "autodiscovery"
   agentRuntime: ""
   agentRuntimeSocket: ""
   agentMaxConsumerThreads: "1"