Global vars

[dwertent]

Type

enhancement

---

Description

This PR introduces several enhancements to the kubescape-operator Helm chart:

• Global volumes and volumeMounts have been added to various components, including the node agent, host scanner, and others. This allows for more flexible configuration of volumes across different components.
• Custom scheduling options have been introduced, allowing for the configuration of nodeSelector, affinity, and tolerations at a global level. These settings apply to all workloads managed by the kubescape-operator.
• The individual volume, volumeMount, and scheduling configurations in each component have been removed and replaced with the new global configurations.
• The README and values.yaml files have been updated to reflect these changes.

---

PR changes walkthrough

	Relevant files
Configuration changes	11 files daemonset.yaml                                                                                            charts/kubescape-operator/templates/node-agent/daemonset.yaml The file daemonset.yaml has been updated to include global volumes and volumeMounts. It also includes custom scheduling options for nodeSelector, affinity, and tolerations. The previous individual volume and volumeMount configurations have been removed. +27/-24 host-scanner-definition.yaml                                                                charts/kubescape-operator/assets/host-scanner-definition.yaml The host-scanner-definition.yaml file has been updated to include custom scheduling options for nodeSelector, affinity, and tolerations. It also includes global volumes and volumeMounts. The previous individual scheduling configurations have been removed. +24/-17 cronjob.yaml                                                                                                charts/kubescape-operator/templates/kubevuln-scheduler/cronjob.yaml The cronjob.yaml file under kubevuln-scheduler has been updated to include custom scheduling options for nodeSelector, affinity, and tolerations. The previous individual scheduling configurations have been removed. +18/-12 kubevuln-cronjob-full.yaml                                                                    charts/kubescape-operator/assets/kubevuln-cronjob-full.yaml The kubevuln-cronjob-full.yaml file has been updated to include custom scheduling options for nodeSelector, affinity, and tolerations. The previous individual scheduling configurations have been removed. +18/-12 cronjob.yaml                                                                                                charts/kubescape-operator/templates/kubescape-scheduler/cronjob.yaml The cronjob.yaml file under kubescape-scheduler has been updated to include custom scheduling options for nodeSelector, affinity, and tolerations. The previous individual scheduling configurations have been removed. +18/-12 kubescape-cronjob-full.yaml                                                                  charts/kubescape-operator/assets/kubescape-cronjob-full.yaml The kubescape-cronjob-full.yaml file has been updated to include custom scheduling options for nodeSelector, affinity, and tolerations. The previous individual scheduling configurations have been removed. +18/-12 registry-scan-cronjob-full.yaml                                                          charts/kubescape-operator/assets/registry-scan-cronjob-full.yaml The registry-scan-cronjob-full.yaml file has been updated to include custom scheduling options for nodeSelector, affinity, and tolerations. The previous individual scheduling configurations have been removed. +18/-12 deployment.yaml                                                                                          charts/kubescape-operator/templates/storage/deployment.yaml The deployment.yaml file under storage has been updated to include custom scheduling options for nodeSelector, affinity, and tolerations. The previous individual scheduling configurations have been removed. +16/-10 deployment.yaml                                                                                          charts/kubescape-operator/templates/kubevuln/deployment.yaml The deployment.yaml file under kubevuln has been updated to include custom scheduling options for nodeSelector, affinity, and tolerations. The previous individual scheduling configurations have been removed. +13/-7 statefulset.yaml                                                                                        charts/kubescape-operator/templates/kollector/statefulset.yaml The statefulset.yaml file under kollector has been updated to include custom scheduling options for nodeSelector, affinity, and tolerations. The previous individual scheduling configurations have been removed. +13/-7 values.yaml                                                                                                  charts/kubescape-operator/values.yaml The values.yaml file has been updated to include new customScheduling configuration options for nodeSelector, affinity, and tolerations. +8/-0
Documentation	1 files README.md                                                                                                      charts/kubescape-operator/README.md The README.md file has been updated to include documentation for the new customScheduling configuration options. +4/-1

---

User description

Overview

[codiumai-pr-agent-free]

PR Description updated to latest commit (0afaf47)

[codiumai-pr-agent-free]

PR Analysis

• 🎯 Main theme: Introducing global configurations for volumes, volumeMounts, and scheduling options in the kubescape-operator Helm chart
• 📝 PR summary: This PR introduces enhancements to the kubescape-operator Helm chart, including global configurations for volumes, volumeMounts, and scheduling options. These global configurations apply to all workloads managed by the kubescape-operator, providing more flexible configuration across different components. The PR also updates the README and values.yaml files to reflect these changes.
• 📌 Type of PR: Enhancement
• 🧪 Relevant tests added: No
• ⏱️ Estimated effort to review [1-5]: 3, because the PR involves changes in multiple files and introduces new global configurations which need to be thoroughly reviewed for potential impacts on the system.
• 🔒 Security concerns: No security concerns found

PR Feedback

• 💡 General suggestions: The PR is well-structured and the changes are logically grouped. The introduction of global configurations for volumes, volumeMounts, and scheduling options is a good enhancement as it provides more flexibility for configuration. However, it would be beneficial to add tests to validate these new configurations and ensure they work as expected across different components.

• 🤖 Code feedback:

  ---

  relevant file	charts/kubescape-operator/templates/node-agent/daemonset.yaml
  suggestion	Consider adding a default value for the new global configurations to handle cases where they might not be provided. This can help avoid potential issues or errors during deployment. [medium]
  relevant line	{{- if .Values.nodeAgent.volumes }}

  ---

  relevant file	charts/kubescape-operator/templates/node-agent/daemonset.yaml
  suggestion	It would be beneficial to add error handling or validation for the new configurations. This can help ensure that the configurations are valid and can be correctly applied to the components. [important]
  relevant line	{{- if .Values.volumes }}

  ---

  relevant file	charts/kubescape-operator/templates/node-agent/daemonset.yaml
  suggestion	It's a good practice to add comments to the code explaining the purpose and usage of the new global configurations. This can help other developers understand the code more easily. [medium]
  relevant line	{{- if .Values.nodeAgent.volumes }}

  ---

  relevant file	charts/kubescape-operator/templates/node-agent/daemonset.yaml
  suggestion	It would be beneficial to add a fallback mechanism in case the global configurations fail to apply. This can help ensure the stability and reliability of the system. [important]
  relevant line	{{- if .Values.volumes }}

  ---

How to use

Instructions

To invoke the PR-Agent, add a comment using one of the following commands:
/review: Request a review of your Pull Request.
/describe: Update the PR title and description based on the contents of the PR.
/improve [--extended]: Suggest code improvements. Extended mode provides a higher quality feedback.
/ask <QUESTION>: Ask a question about the PR.
/update_changelog: Update the changelog based on the PR's contents.
/add_docs: Generate docstring for new components introduced in the PR.
/generate_labels: Generate labels for the PR based on the PR's contents.
see the tools guide for more details.

To edit any configuration parameter from the configuration.toml, add --config_path=new_value.
For example: /review --pr_reviewer.extra_instructions="focus on the file: ..."
To list the possible configuration parameters, add a /config comment.

[matthyx]

is it OK to have null like that?

[dwertent]

Yup