diff --git a/charts/kubecollector/Chart.yaml b/charts/kubecollector/Chart.yaml index df17984..12e2649 100644 --- a/charts/kubecollector/Chart.yaml +++ b/charts/kubecollector/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: kubecollector description: A Helm chart for Lightspin Kuberenetes CSPM type: application -version: 0.1.14 +version: 0.1.15 appVersion: "2.0.0" home: https://lightspin.io/ maintainers: diff --git a/charts/kubecollector/README.md b/charts/kubecollector/README.md index 89346d7..69c1aed 100644 --- a/charts/kubecollector/README.md +++ b/charts/kubecollector/README.md @@ -1,6 +1,6 @@ # Lightspin KubeCollector -![Version: 0.1.14](https://img.shields.io/badge/Version-0.1.14-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.0.0](https://img.shields.io/badge/AppVersion-2.0.0-informational?style=flat-square) +![Version: 0.1.15](https://img.shields.io/badge/Version-0.1.15-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.0.0](https://img.shields.io/badge/AppVersion-2.0.0-informational?style=flat-square) [Lightspin](https://www.lightspin.io/) is a graph-based technology immediately visualizes, prioritizes, and dynamically remediates critical cloud risks with no custom configuration needed. This repository contains the Helm chart for the Lightspin KubeCollector application to be deployed on customers Kubernetes clusters. @@ -102,7 +102,7 @@ The following table lists the configurable parameters of the Lightspin KubeColle | apiUrl | string | `"https://k8sapi.lightspin.cloud"` | Lightspin API URL (override for non US customers) | | beat.affinity | object | `{}` | Allow the kubecollector beat Deployment to schedule using affinity rules | | beat.fullnameOverride | string | `"light-kubecollector-beat"` | fully qualified name of the beat service | -| beat.image.pullPolicy | string | `"Always"` | kubecollector beat docker image pullPolicy | +| beat.image.pullPolicy | string | `"IfNotPresent"` | kubecollector beat docker image pullPolicy | | beat.image.repository | string | `"public.ecr.aws/k7e6s3l5/light-kubecollector"` | kubecollector image repository | | beat.image.tag | string | `"latest"` | kubecollector beat image tag | | beat.name | string | `"beat"` | name of the beat service | @@ -135,6 +135,7 @@ The following table lists the configurable parameters of the Lightspin KubeColle | runtime.events.affinity | object | `{}` | Allow the runtime events Deployment to schedule using affinity rules | | runtime.events.config.log_level | string | `"INFO"` | logs severity level. | | runtime.events.fullnameOverride | string | `"light-kuberuntime-events"` | fully qualified name of the runtime events service | +| runtime.events.image.pullPolicy | string | `"IfNotPresent"` | kuberuntime events docker image pullPolicy | | runtime.events.image.repository | string | `"public.ecr.aws/k7e6s3l5/light-kuberuntime"` | kuberuntime events image repository | | runtime.events.image.tag | string | `"latest"` | kuberuntime events image tag | | runtime.events.name | string | `"events"` | name of the runtime events service | @@ -165,7 +166,7 @@ The following table lists the configurable parameters of the Lightspin KubeColle | worker.config.vuls_enabled | bool | `true` | enable vulnerability scanning. | | worker.config.vuls_private_repo | bool | `true` | enable vulnerability scanning on private repository images (uses pull secret). | | worker.fullnameOverride | string | `"light-kubecollector-worker"` | fully qualified name of the worker service | -| worker.image.pullPolicy | string | `"Always"` | kubecollector worker docker image pullPolicy | +| worker.image.pullPolicy | string | `"IfNotPresent"` | kubecollector worker docker image pullPolicy | | worker.image.repository | string | `"public.ecr.aws/k7e6s3l5/light-kubecollector"` | kubecollector image repository | | worker.image.tag | string | `"latest"` | kubecollector worker image tag | | worker.name | string | `"worker"` | name of the worker service | diff --git a/charts/kubecollector/templates/deployments/runtime-events.yaml b/charts/kubecollector/templates/deployments/runtime-events.yaml index 34730d6..b302c67 100644 --- a/charts/kubecollector/templates/deployments/runtime-events.yaml +++ b/charts/kubecollector/templates/deployments/runtime-events.yaml @@ -22,7 +22,7 @@ spec: spec: containers: - image: "{{ .Values.runtime.events.image.repository }}:{{ .Values.runtime.events.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: Always + imagePullPolicy: {{ .Values.runtime.events.image.pullPolicy }} name: worker command: ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "8080"] envFrom: diff --git a/charts/kubecollector/values.yaml b/charts/kubecollector/values.yaml index d8a9451..8267933 100644 --- a/charts/kubecollector/values.yaml +++ b/charts/kubecollector/values.yaml @@ -81,7 +81,7 @@ beat: # beat.image.tag -- kubecollector beat image tag tag: latest # beat.image.pullPolicy -- kubecollector beat docker image pullPolicy - pullPolicy: Always + pullPolicy: IfNotPresent # beat.replicaCount -- Specify the number of replicas for the beat service replicaCount: 1 # beat.resources -- kubecollector beat resource requests and limits. @@ -115,7 +115,7 @@ worker: # worker.image.tag -- kubecollector worker image tag tag: latest # worker.image.pullPolicy -- kubecollector worker docker image pullPolicy - pullPolicy: Always + pullPolicy: IfNotPresent # worker.replicaCount -- Specify the number of replicas for the worker service replicaCount: 1 # worker.resources -- kubecollector worker resource requests and limits. @@ -199,6 +199,8 @@ runtime: repository: public.ecr.aws/k7e6s3l5/light-kuberuntime # runtime.events.image.tag -- kuberuntime events image tag tag: latest + # runtime.events.image.pullPolicy -- kuberuntime events docker image pullPolicy + pullPolicy: IfNotPresent # runtime.events.podPriorityClassName -- Set pod priorityClassName podPriorityClassName: # runtime.events.nodeSelector -- Allow the runtime events Deployment to schedule on selected nodes