Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[CSPM] Disabling host benchmarks should be propagated to the agent #1276

Merged
merged 4 commits into from
Jul 9, 2024
Merged

[CSPM] Disabling host benchmarks should be propagated to the agent #1276

merged 4 commits into from
Jul 9, 2024

Conversation

jinroh
Copy link
Contributor

@jinroh jinroh commented Jul 8, 2024
edited
Loading

What does this PR do?

Host benchmarks configuration needs always to be propagated to the agent so that deactivation takes effect.

Motivation

Same as DataDog/helm-charts#1446.

Minimum Agent Versions

No minimum.

This fix however is only targetting agents >= 7.53.0 which enabled host benchmarks by default.

Describe your test plan

When deactivating CSPM Host Benchmarks, the agent should effectively deactivate them. Relevant tests:

default configuration: spinning up an operator with

  • features.cspm.enabled: true

security-agent container should be running with the configuration DD_COMPLIANCE_HOST_BENCHMARKS_ENABLED=true

disabled configuration: spinning up an operator with

  • features.cspm.enabled: true
  • features.cspm.hostBenchmarks.enabled: false

security-agent container should be running with the configurationDD_COMPLIANCE_HOST_BENCHMARKS_ENABLED=false

Checklist

  • PR has at least one valid label: bug, enhancement, refactoring, documentation, tooling, and/or dependencies
  • PR has a milestone or the qa/skip-qa label

@jinroh jinroh added the bug Something isn't working label Jul 8, 2024
@jinroh jinroh added this to the v1.8.0 milestone Jul 8, 2024
@jinroh jinroh requested review from a team as code owners July 8, 2024 12:15
@jinroh jinroh force-pushed the jinroh/fix-host-benchmarks-deactivation branch from 6f00713 to 3477a3d Compare July 8, 2024 12:23
@codecov-commenter
Copy link

codecov-commenter commented Jul 8, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 54.75%. Comparing base (4c1f839) to head (c57839a).
Report is 6 commits behind head on main.

Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##             main    #1276      +/-   ##
==========================================
- Coverage   54.89%   54.75%   -0.15%     
==========================================
  Files         241      241              
  Lines       27901    28021     +120     
==========================================
+ Hits        15317    15343      +26     
- Misses      11713    11808      +95     
+ Partials      871      870       -1
Flag Coverage Δ
unittests 54.75% <100.00%> (-0.15%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files Coverage Δ
apis/datadoghq/v2alpha1/datadogagent_default.go 93.73% <100.00%> (+3.25%) ⬆️
apis/datadoghq/v2alpha1/datadogagent_types.go 100.00% <ø> (ø)
controllers/datadogagent/feature/cspm/feature.go 75.08% <100.00%> (-0.09%) ⬇️

... and 5 files with indirect coverage changes

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 4c1f839...c57839a. Read the comment docs.

@jinroh jinroh force-pushed the jinroh/fix-host-benchmarks-deactivation branch from fd998ab to 784953e Compare July 8, 2024 12:40
@jinroh jinroh force-pushed the jinroh/fix-host-benchmarks-deactivation branch from 784953e to ba07ae9 Compare July 9, 2024 08:07
@jinroh jinroh requested a review from a team as a code owner July 9, 2024 13:52
@jinroh jinroh force-pushed the jinroh/fix-host-benchmarks-deactivation branch from 1c8dbcd to c57839a Compare July 9, 2024 14:03
@celenechang celenechang merged commit 26e9e9f into main Jul 9, 2024
19 checks passed
@celenechang celenechang deleted the jinroh/fix-host-benchmarks-deactivation branch July 9, 2024 14:24
mftoure pushed a commit that referenced this pull request Oct 3, 2024
@jinroh
[CSPM] Disabling host benchmarks should be propagated to the agent (#…
daa8499 
…1276)

* [CSPM] Disabling host benchmarks should be propagated to the agent

* enabling host benchmarks by default

* add tests for CSPM and CWS default values

* update generated files
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@paulcacheux paulcacheux paulcacheux approved these changes

@celenechang celenechang celenechang approved these changes

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
v1.8.0
Development

Successfully merging this pull request may close these issues.
4 participants
@jinroh @codecov-commenter @paulcacheux @celenechang