update zora chart

undistro · Mar 17, 2023 · 5e334ad · 5e334ad
1 parent 669d27a
commit 5e334ad
Show file tree

Hide file tree

Showing 11 changed files with 32 additions and 86 deletions.
diff --git a/charts/zora/Chart.yaml b/charts/zora/Chart.yaml
@@ -17,7 +17,7 @@ name: zora
 description: Zora scans multiple Kubernetes clusters and reports potential issues.
 icon: https://zora-docs.undistro.io/assets/logo.png
 type: application
-version: 0.4.4
-appVersion: "v0.4.4"
+version: 0.4.5-alpha1
+appVersion: "v0.4.5-alpha1"
 sources:
   - https://github.com/undistro/zora
diff --git a/charts/zora/README.md b/charts/zora/README.md
@@ -1,6 +1,6 @@
 # Zora Helm Chart
 
-![Version: 0.4.4](https://img.shields.io/badge/Version-0.4.4-informational?style=flat-square&color=3CA9DD) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square&color=3CA9DD) ![AppVersion: v0.4.4](https://img.shields.io/badge/AppVersion-v0.4.4-informational?style=flat-square&color=3CA9DD)
+![Version: 0.4.5-alpha1](https://img.shields.io/badge/Version-0.4.5--alpha1-informational?style=flat-square&color=3CA9DD) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square&color=3CA9DD) ![AppVersion: v0.4.5-alpha1](https://img.shields.io/badge/AppVersion-v0.4.5--alpha1-informational?style=flat-square&color=3CA9DD)
 
 Zora scans multiple Kubernetes clusters and reports potential issues.
 
@@ -12,7 +12,7 @@ To install the chart with the release name `zora`:
 helm repo add undistro https://charts.undistro.io --force-update
 helm upgrade --install zora undistro/zora \
   -n zora-system \
-  --version 0.4.4 \
+  --version 0.4.5-alpha1 \
   --create-namespace --wait
 ```
 
@@ -56,8 +56,8 @@ The following table lists the configurable parameters of the Zora chart and thei
 | fullnameOverride | string | `""` | String to fully override fullname template with a string |
 | saas.workspaceID | string | `""` | Your SaaS workspace ID |
 | saas.server | string | `"https://zora-dashboard.undistro.io"` | SaaS server URL |
-| saas.hooks.image.repository | string | `"radial/busyboxplus"` | SaaS hooks image repository |
-| saas.hooks.image.tag | string | `"curl"` | SaaS hooks image tag |
+| saas.hooks.image.repository | string | `"curlimages/curl"` | SaaS hooks image repository |
+| saas.hooks.image.tag | string | `"7.88.1"` | SaaS hooks image tag |
 | saas.hooks.installURL | string | `"{{.Values.saas.server}}/zora/api/v1alpha1/workspaces/{{.Values.saas.workspaceID}}/helmreleases"` | SaaS install hook URL template |
 | imageCredentials.create | bool | `false` | Specifies whether the secret should be created by providing credentials |
 | imageCredentials.registry | string | `"ghcr.io"` | Docker registry host |
@@ -96,11 +96,9 @@ The following table lists the configurable parameters of the Zora chart and thei
 | scan.defaultPlugins | list | `["popeye"]` | Names of the default plugins |
 | scan.plugins.popeye.enabled | bool | `true` |  |
 | scan.plugins.popeye.skipInternalResources | bool | `false` | Specifies whether the following resources should be skipped by `popeye` scans. 1. resources from `kube-system`, `kube-public` and `kube-node-lease` namespaces; 2. kubernetes system reserved RBAC (prefixed with `system:`); 3. `kube-root-ca.crt` configmaps; 4. `default` namespace; 5. `default` serviceaccounts; 6. Helm secrets (prefixed with `sh.helm.release`); 7. Zora components. See `popeye` configuration file that is used for this case: https://github.com/undistro/zora/blob/main/charts/zora/templates/plugins/popeye-config.yaml |
+| scan.plugins.popeye.resources | object | `{"limits":{"cpu":"500m","memory":"500Mi"},"requests":{"cpu":"250m","memory":"256Mi"}}` | [Resources](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers) to add to `popeye` container |
 | scan.plugins.popeye.image.repository | string | `"ghcr.io/undistro/popeye"` | popeye plugin image repository |
-| scan.plugins.popeye.image.tag | string | `"nonroot"` | popeye plugin image tag |
-| scan.plugins.kubescape.enabled | bool | `false` |  |
-| scan.plugins.kubescape.image.repository | string | `"quay.io/armosec/kubescape"` | kubescape plugin image repository |
-| scan.plugins.kubescape.image.tag | string | `"v2.0.163"` | kubescape plugin image tag |
+| scan.plugins.popeye.image.tag | string | `"v0.11.1-cross"` | popeye plugin image tag |
 
 Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
 

diff --git a/charts/zora/crds/zora.undistro.io_clusterissues.yaml b/charts/zora/crds/zora.undistro.io_clusterissues.yaml
@@ -1,10 +1,10 @@
-# Copyright 2022 Undistro Authors
+# Copyright 2023 Undistro Authors
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
-#      http://www.apache.org/licenses/LICENSE-2.0
+#     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,

diff --git a/charts/zora/crds/zora.undistro.io_clusters.yaml b/charts/zora/crds/zora.undistro.io_clusters.yaml
@@ -1,10 +1,10 @@
-# Copyright 2022 Undistro Authors
+# Copyright 2023 Undistro Authors
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
-#      http://www.apache.org/licenses/LICENSE-2.0
+#     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,

diff --git a/charts/zora/crds/zora.undistro.io_clusterscans.yaml b/charts/zora/crds/zora.undistro.io_clusterscans.yaml
@@ -1,10 +1,10 @@
-# Copyright 2022 Undistro Authors
+# Copyright 2023 Undistro Authors
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
-#      http://www.apache.org/licenses/LICENSE-2.0
+#     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,

diff --git a/charts/zora/crds/zora.undistro.io_plugins.yaml b/charts/zora/crds/zora.undistro.io_plugins.yaml
@@ -1,10 +1,10 @@
-# Copyright 2022 Undistro Authors
+# Copyright 2023 Undistro Authors
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
-#      http://www.apache.org/licenses/LICENSE-2.0
+#     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,

diff --git a/charts/zora/templates/operator/rbac.yaml b/charts/zora/templates/operator/rbac.yaml
@@ -1,10 +1,10 @@
-# Copyright 2022 Undistro Authors
+# Copyright 2023 Undistro Authors
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
-#      http://www.apache.org/licenses/LICENSE-2.0
+#     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,

diff --git a/charts/zora/templates/plugins/kubescape.yaml b/charts/zora/templates/plugins/kubescape.yaml
diff --git a/charts/zora/templates/plugins/popeye.yaml b/charts/zora/templates/plugins/popeye.yaml
@@ -20,10 +20,10 @@ metadata:
     {{- include "zora.labels" . | nindent 4 }}
 spec:
   image: "{{ .Values.scan.plugins.popeye.image.repository }}:{{ .Values.scan.plugins.popeye.image.tag }}"
+  {{- if .Values.scan.plugins.popeye.resources }}
   resources:
-    limits:
-      cpu: 500m
-      memory: 100Mi
+    {{- toYaml .Values.scan.plugins.popeye.resources | nindent 4 }}
+  {{- end }}
 {{- if .Values.scan.plugins.popeye.skipInternalResources }}
   envFrom:
     - configMapRef:

diff --git a/charts/zora/values-hml.yaml b/charts/zora/values-hml.yaml
@@ -15,7 +15,6 @@
 scan:
   defaultPlugins:
     - popeye
-    - kubescape
 ui:
   image:
     # UI private repository

diff --git a/charts/zora/values.yaml b/charts/zora/values.yaml
@@ -25,9 +25,9 @@ saas:
   hooks:
     image:
       # -- SaaS hooks image repository
-      repository: radial/busyboxplus
+      repository: curlimages/curl
       # -- SaaS hooks image tag
-      tag: curl
+      tag: '7.88.1'
     # -- SaaS install hook URL template
     installURL: "{{.Values.saas.server}}/zora/api/v1alpha1/workspaces/{{.Values.saas.workspaceID}}/helmreleases"
 
@@ -153,15 +153,16 @@ scan:
       # 7. Zora components.
       # See `popeye` configuration file that is used for this case: https://github.com/undistro/zora/blob/main/charts/zora/templates/plugins/popeye-config.yaml
       skipInternalResources: false
+      # -- [Resources](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers) to add to `popeye` container
+      resources:
+        requests:
+          cpu: 250m
+          memory: 256Mi
+        limits:
+          cpu: 500m
+          memory: 500Mi
       image:
         # -- popeye plugin image repository
         repository: ghcr.io/undistro/popeye
         # -- popeye plugin image tag
-        tag: nonroot
-    kubescape:
-      enabled: false
-      image:
-        # -- kubescape plugin image repository
-        repository: quay.io/armosec/kubescape
-        # -- kubescape plugin image tag
-        tag: v2.0.163
+        tag: v0.11.1-cross
-Original file line number
+Diff line change
@@ Expand Up / @@ -15,7 +15,6 @@ @@
     scan:
       defaultPlugins:
         - popeye
-        - kubescape
     ui:
       image:
         # UI private repository
@@ Expand Down @@