chore(sydig-deploy,cluster-shield): bump deps

charts/cluster-shield/Chart.yaml

@@ -2,8 +2,8 @@ apiVersion: v2
 name: cluster-shield
 description: Cluster Shield Helm Chart for Kubernetes
 type: application
-version: 1.20.0
-appVersion: 1.20.0
+version: 1.21.0
+appVersion: 1.21.0
 
 maintainers:
   - name: AlbertoBarba

charts/node-analyzer/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 name: node-analyzer
 description: Sysdig Node Analyzer
 # currently matching Sysdig's appVersion 1.14.34
-version: 1.42.3
+version: 1.42.4
 appVersion: 12.9.2
 keywords:
   - monitoring

charts/node-analyzer/templates/role-node-analyzer.yaml

@@ -8,7 +8,7 @@ metadata:
   labels:
 {{ include "nodeAnalyzer.labels" . | indent 4 }}
 rules:
-{{- if and .Values.global.kspm.deploy (eq .Values.nodeAnalyzer.kspmAnalyzer.transportLayer "http") }}
+{{- if .Values.global.kspm.deploy }}
 - apiGroups: ["", "coordination.k8s.io"]
   resources:
     - "leases"

charts/node-analyzer/tests/role_test.yaml

@@ -44,28 +44,13 @@ tests:
       - isNullOrEmpty:
           path: rules
 
-  - it: Should not create rules if transportLayer is not http
+  - it: Should grant permissions to create lease if kspm is deployed
     set:
       global:
         kspm:
           deploy: true
       nodeAnalyzer:
         deploy: true
-        kspmAnalyzer:
-          transportLayer: nats
-    asserts:
-      - isNullOrEmpty:
-          path: rules
-
-  - it: Should grant permissions to create lease if transport is http
-    set:
-      global:
-        kspm:
-          deploy: true
-      nodeAnalyzer:
-        deploy: true
-        kspmAnalyzer:
-          transportLayer: http
     asserts:
       - contains:
           path: rules
@@ -75,15 +60,13 @@ tests:
               - "leases"
             verbs: ["create"]
 
-  - it: Should grant all permissions on kspm-analyzer lease if transport is http
+  - it: Should grant all permissions on kspm-analyzer lease if kspm is deployed
     set:
       global:
         kspm:
           deploy: true
       nodeAnalyzer:
         deploy: true
-        kspmAnalyzer:
-          transportLayer: http
     asserts:
       - contains:
           path: rules

charts/sysdig-deploy/Chart.yaml

@@ -2,7 +2,7 @@ apiVersion: v2
 name: sysdig-deploy
 description: A chart with various Sysdig components for Kubernetes
 type: application
-version: 1.106.1
+version: 1.107.0
 maintainers:
   - name: AlbertoBarba
     email: alberto.barba@sysdig.com
@@ -36,7 +36,7 @@ dependencies:
   - name: node-analyzer
     # repository: https://charts.sysdig.com
     repository: file://../node-analyzer
-    version: ~1.42.0
+    version: ~1.42.4
     alias: nodeAnalyzer
     condition: nodeAnalyzer.enabled
   - name: cluster-scanner
@@ -60,6 +60,6 @@ dependencies:
   - name: cluster-shield
     # repository: https://charts.sysdig.com
     repository: file://../cluster-shield
-    version: ~1.20.0
+    version: ~1.21.0
     alias: clusterShield
     condition: clusterShield.enabled

charts/sysdig-deploy/ci/test-enable-all-subcharts-values.yaml.template

@@ -8,12 +8,7 @@ global:
   kspm:
     deploy: true
 admissionController:
-  enabled: true
-  webhook:
-    resources:
-      requests:
-        cpu: 25m
-        memory: 200Mi
+  enabled: false
 agent:
   resources:
     requests:
@@ -37,6 +32,9 @@ kspmCollector:
       cpu: 25m
       memory: 200Mi
 nodeAnalyzer:
+  secure:
+    vulnerabilityManagement:
+      newEngineOnly: true
   nodeAnalyzer:
     benchmarkRunner:
       deploy: false