From 9f509a263a48ddfffc323928b33037c490b19bdc Mon Sep 17 00:00:00 2001 From: Rafael Melo de Oliveira Date: Thu, 19 Dec 2024 16:30:21 +0100 Subject: [PATCH 1/6] [release]: Synthetics Private Location 1.54.0 (#1646) --- charts/synthetics-private-location/CHANGELOG.md | 4 ++++ charts/synthetics-private-location/Chart.yaml | 4 ++-- charts/synthetics-private-location/README.md | 4 ++-- charts/synthetics-private-location/values.yaml | 2 +- 4 files changed, 9 insertions(+), 5 deletions(-) diff --git a/charts/synthetics-private-location/CHANGELOG.md b/charts/synthetics-private-location/CHANGELOG.md index a8bc6cf18..c63b178cd 100644 --- a/charts/synthetics-private-location/CHANGELOG.md +++ b/charts/synthetics-private-location/CHANGELOG.md @@ -1,5 +1,9 @@ # Datadog changelog +## 0.17.5 + +* Update private location image version to `1.54.0`. + ## 0.17.4 * Update private location image version to `1.53.0`. diff --git a/charts/synthetics-private-location/Chart.yaml b/charts/synthetics-private-location/Chart.yaml index 1effbb319..bea5e9485 100644 --- a/charts/synthetics-private-location/Chart.yaml +++ b/charts/synthetics-private-location/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 name: synthetics-private-location -version: 0.17.4 -appVersion: 1.53.0 +version: 0.17.5 +appVersion: 1.54.0 description: Datadog Synthetics Private Location keywords: - monitoring diff --git a/charts/synthetics-private-location/README.md b/charts/synthetics-private-location/README.md index 7ea53f254..1396ee637 100644 --- a/charts/synthetics-private-location/README.md +++ b/charts/synthetics-private-location/README.md @@ -1,6 +1,6 @@ # Datadog Synthetics Private Location -![Version: 0.17.4](https://img.shields.io/badge/Version-0.17.4-informational?style=flat-square) ![AppVersion: 1.53.0](https://img.shields.io/badge/AppVersion-1.53.0-informational?style=flat-square) +![Version: 0.17.5](https://img.shields.io/badge/Version-0.17.4-informational?style=flat-square) ![AppVersion: 1.54.0](https://img.shields.io/badge/AppVersion-1.54.0-informational?style=flat-square) [Datadog](https://www.datadoghq.com/) is a hosted infrastructure monitoring platform. This chart adds a Datadog Synthetics Private Location Deployment. For more information about synthetics monitoring with Datadog, please refer to the [Datadog documentation website](https://docs.datadoghq.com/synthetics/private_locations/?tab=helmchart). @@ -41,7 +41,7 @@ helm install datadog/synthetics-private-location --set-file confi | hostAliases | list | `[]` | Add entries to Datadog Synthetics Private Location PODs' /etc/hosts | | image.pullPolicy | string | `"IfNotPresent"` | Define the pullPolicy for Datadog Synthetics Private Location image | | image.repository | string | `"gcr.io/datadoghq/synthetics-private-location-worker"` | Repository to use for Datadog Synthetics Private Location image | -| image.tag | string | `"1.53.0"` | Define the Datadog Synthetics Private Location version to use | +| image.tag | string | `"1.54.0"` | Define the Datadog Synthetics Private Location version to use | | imagePullSecrets | list | `[]` | Datadog Synthetics Private Location repository pullSecret (ex: specify docker registry credentials) | | nameOverride | string | `""` | Override name of app | | nodeSelector | object | `{}` | Allows to schedule Datadog Synthetics Private Location on specific nodes | diff --git a/charts/synthetics-private-location/values.yaml b/charts/synthetics-private-location/values.yaml index e1bb1e48c..fa6a5c5df 100644 --- a/charts/synthetics-private-location/values.yaml +++ b/charts/synthetics-private-location/values.yaml @@ -15,7 +15,7 @@ image: # image.pullPolicy -- Define the pullPolicy for Datadog Synthetics Private Location image pullPolicy: IfNotPresent # image.tag -- Define the Datadog Synthetics Private Location version to use - tag: 1.53.0 + tag: 1.54.0 # dnsPolicy -- DNS Policy to set to the Datadog Synthetics Private Location PODs dnsPolicy: ClusterFirst From 43b876a1de1cd7b84b72caa9f821cc22f555e9a8 Mon Sep 17 00:00:00 2001 From: Lout Philipps Date: Thu, 19 Dec 2024 16:35:27 +0100 Subject: [PATCH 2/6] Update README.md (#1647) --- charts/synthetics-private-location/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/synthetics-private-location/README.md b/charts/synthetics-private-location/README.md index 1396ee637..7826f5972 100644 --- a/charts/synthetics-private-location/README.md +++ b/charts/synthetics-private-location/README.md @@ -1,6 +1,6 @@ # Datadog Synthetics Private Location -![Version: 0.17.5](https://img.shields.io/badge/Version-0.17.4-informational?style=flat-square) ![AppVersion: 1.54.0](https://img.shields.io/badge/AppVersion-1.54.0-informational?style=flat-square) +![Version: 0.17.5](https://img.shields.io/badge/Version-0.17.5-informational?style=flat-square) ![AppVersion: 1.54.0](https://img.shields.io/badge/AppVersion-1.54.0-informational?style=flat-square) [Datadog](https://www.datadoghq.com/) is a hosted infrastructure monitoring platform. This chart adds a Datadog Synthetics Private Location Deployment. For more information about synthetics monitoring with Datadog, please refer to the [Datadog documentation website](https://docs.datadoghq.com/synthetics/private_locations/?tab=helmchart). From 2c10d22acc48a5f5f36dac9c3efa03ebb644dbe8 Mon Sep 17 00:00:00 2001 From: aquiladayc <56868556+aquiladayc@users.noreply.github.com> Date: Fri, 20 Dec 2024 03:06:11 +0900 Subject: [PATCH 3/6] Remove deployments.apps example for resources tag option (#1615) * Remove deployments.apps example for resources tag option * Update README * update readme --- charts/datadog/CHANGELOG.md | 4 ++++ charts/datadog/Chart.yaml | 2 +- charts/datadog/README.md | 2 +- charts/datadog/values.yaml | 4 ---- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/datadog/CHANGELOG.md b/charts/datadog/CHANGELOG.md index a950a35c5..7db2d99fa 100644 --- a/charts/datadog/CHANGELOG.md +++ b/charts/datadog/CHANGELOG.md @@ -1,5 +1,9 @@ # Datadog changelog +## 3.84.1 + +* Remove deployments.apps example of `datadog.kubernetesResourcesLabelsAsTags` and `datadog.kubernetesResourcesAnnotationsAsTags` since it's not implemented yet + ## 3.84.0 * Set the default value of `datadog.processAgent.runInCoreAgent` to `true`. diff --git a/charts/datadog/Chart.yaml b/charts/datadog/Chart.yaml index 3130a881a..a4357b730 100644 --- a/charts/datadog/Chart.yaml +++ b/charts/datadog/Chart.yaml @@ -1,7 +1,7 @@ --- apiVersion: v1 name: datadog -version: 3.84.0 +version: 3.84.1 appVersion: "7" description: Datadog Agent keywords: diff --git a/charts/datadog/README.md b/charts/datadog/README.md index 83a3d6d4e..cad18efbf 100644 --- a/charts/datadog/README.md +++ b/charts/datadog/README.md @@ -1,6 +1,6 @@ # Datadog -![Version: 3.84.0](https://img.shields.io/badge/Version-3.84.0-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square) +![Version: 3.84.1](https://img.shields.io/badge/Version-3.84.1-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square) [Datadog](https://www.datadoghq.com/) is a hosted infrastructure monitoring platform. This chart adds the Datadog Agent to all nodes in your cluster via a DaemonSet. It also optionally depends on the [kube-state-metrics chart](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics). For more information about monitoring Kubernetes with Datadog, please refer to the [Datadog documentation website](https://docs.datadoghq.com/agent/basic_agent_usage/kubernetes/). diff --git a/charts/datadog/values.yaml b/charts/datadog/values.yaml index 8de044eec..a3b72aa89 100644 --- a/charts/datadog/values.yaml +++ b/charts/datadog/values.yaml @@ -257,8 +257,6 @@ datadog: # datadog.kubernetesResourcesLabelsAsTags -- Provide a mapping of Kubernetes Resources Labels to Datadog Tags kubernetesResourcesLabelsAsTags: {} - # deployments.apps: - # x-team: team-from-label # pods: # x-ref: reference # namespaces: @@ -268,8 +266,6 @@ datadog: # datadog.kubernetesResourcesAnnotationsAsTags -- Provide a mapping of Kubernetes Resources Annotations to Datadog Tags kubernetesResourcesAnnotationsAsTags: {} - # deployments.apps: - # x-team: team-from-annotation # pods: # x-ann: annotation-reference # namespaces: From 9ac1574321787b917eecc8a5e1e12ef013fc26e2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timoth=C3=A9e=20Bavelier?= <97530782+tbavelier@users.noreply.github.com> Date: Fri, 20 Dec 2024 13:54:11 +0100 Subject: [PATCH 4/6] [datadog-operator] Update operator version to 1.11.1 (#1641) * before running baseline tests * baseline test * 1.11.1 --- charts/datadog-operator/CHANGELOG.md | 4 + charts/datadog-operator/Chart.lock | 6 +- charts/datadog-operator/Chart.yaml | 6 +- charts/datadog-operator/README.md | 4 +- .../datadog-operator/templates/_helpers.tpl | 2 +- .../templates/clusterrole.yaml | 427 +----------------- charts/datadog-operator/values.yaml | 2 +- .../baseline/DatadogAgent_CRD_default.yaml | 363 ++++++++++++++- .../baseline/Operator_Deployment_default.yaml | 6 +- .../operator_deployment_test.go | 2 +- 10 files changed, 391 insertions(+), 431 deletions(-) diff --git a/charts/datadog-operator/CHANGELOG.md b/charts/datadog-operator/CHANGELOG.md index c0e157a71..f906c0f5f 100644 --- a/charts/datadog-operator/CHANGELOG.md +++ b/charts/datadog-operator/CHANGELOG.md @@ -1,5 +1,9 @@ # Changelog +## 2.5.0 + +* Update Datadog Operator version to 1.11.1. + ## 2.4.0 * Add configuration to grant the necessary RBAC to the operator for the CWS Instrumentation Admission Controller feature in the Cluster-Agent. diff --git a/charts/datadog-operator/Chart.lock b/charts/datadog-operator/Chart.lock index 41fd2ccbd..e5aa3049e 100644 --- a/charts/datadog-operator/Chart.lock +++ b/charts/datadog-operator/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: datadog-crds repository: https://helm.datadoghq.com - version: 2.2.0 -digest: sha256:42b9b7296f565f17f11adea26fa8cb003c0f01551a84793873a3ae6c73efedc2 -generated: "2024-11-08T14:03:54.721912-05:00" + version: 2.3.0 +digest: sha256:67db7e15aa50bde3e2e62273b71402d2e4302c71f13201c3646ee5865e236106 +generated: "2024-12-18T14:19:32.327237+01:00" diff --git a/charts/datadog-operator/Chart.yaml b/charts/datadog-operator/Chart.yaml index 1c88e1898..775805d90 100644 --- a/charts/datadog-operator/Chart.yaml +++ b/charts/datadog-operator/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 name: datadog-operator -version: 2.4.0 -appVersion: 1.10.0 +version: 2.5.0 +appVersion: 1.11.1 description: Datadog Operator keywords: - monitoring @@ -17,7 +17,7 @@ maintainers: email: support@datadoghq.com dependencies: - name: datadog-crds - version: "=2.2.0" + version: "=2.3.0" alias: datadogCRDs repository: https://helm.datadoghq.com condition: installCRDs diff --git a/charts/datadog-operator/README.md b/charts/datadog-operator/README.md index 91a76093e..3ceba5808 100644 --- a/charts/datadog-operator/README.md +++ b/charts/datadog-operator/README.md @@ -1,6 +1,6 @@ # Datadog Operator -![Version: 2.4.0](https://img.shields.io/badge/Version-2.4.0-informational?style=flat-square) ![AppVersion: 1.10.0](https://img.shields.io/badge/AppVersion-1.10.0-informational?style=flat-square) +![Version: 2.5.0](https://img.shields.io/badge/Version-2.5.0-informational?style=flat-square) ![AppVersion: 1.11.1](https://img.shields.io/badge/AppVersion-1.11.1-informational?style=flat-square) ## Values @@ -33,7 +33,7 @@ | image.doNotCheckTag | bool | `false` | Permit skipping operator image tag compatibility with the chart. | | image.pullPolicy | string | `"IfNotPresent"` | Define the pullPolicy for Datadog Operator image | | image.repository | string | `"gcr.io/datadoghq/operator"` | Repository to use for Datadog Operator image | -| image.tag | string | `"1.10.0"` | Define the Datadog Operator version to use | +| image.tag | string | `"1.11.1"` | Define the Datadog Operator version to use | | imagePullSecrets | list | `[]` | Datadog Operator repository pullSecret (ex: specify docker registry credentials) | | installCRDs | bool | `true` | Set to true to deploy the Datadog's CRDs | | introspection.enabled | bool | `false` | If true, enables introspection feature (beta). Requires v1.4.0+ | diff --git a/charts/datadog-operator/templates/_helpers.tpl b/charts/datadog-operator/templates/_helpers.tpl index afc48dc57..50dc92353 100644 --- a/charts/datadog-operator/templates/_helpers.tpl +++ b/charts/datadog-operator/templates/_helpers.tpl @@ -85,6 +85,6 @@ Check operator image tag version. {{- if not .Values.image.doNotCheckTag -}} {{- .Values.image.tag -}} {{- else -}} -{{ "1.10.0" }} +{{ "1.11.1" }} {{- end -}} {{- end -}} diff --git a/charts/datadog-operator/templates/clusterrole.yaml b/charts/datadog-operator/templates/clusterrole.yaml index 1b7f4b2c4..79c245eb6 100644 --- a/charts/datadog-operator/templates/clusterrole.yaml +++ b/charts/datadog-operator/templates/clusterrole.yaml @@ -8,9 +8,6 @@ metadata: rules: - nonResourceURLs: - /metrics - verbs: - - get -- nonResourceURLs: - /metrics/slis verbs: - get @@ -18,26 +15,8 @@ rules: - "" resources: - componentstatuses - verbs: - - get - - list - - watch -- apiGroups: - - "" - resources: - - configmaps - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - "" - resources: - deployments + - namespaces verbs: - get - list @@ -45,19 +24,13 @@ rules: - apiGroups: - "" resources: + - configmaps - endpoints - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - "" - resources: - events + - pods + - secrets + - serviceaccounts + - services verbs: - create - delete @@ -70,17 +43,13 @@ rules: - "" resources: - limitranges + - persistentvolumeclaims + - persistentvolumes + - replicationcontrollers + - resourcequotas verbs: - list - watch -- apiGroups: - - "" - resources: - - namespaces - verbs: - - get - - list - - watch - apiGroups: - "" resources: @@ -93,102 +62,11 @@ rules: - "" resources: - nodes/metrics - verbs: - - get -- apiGroups: - - "" - resources: - nodes/proxy - verbs: - - get -- apiGroups: - - "" - resources: - nodes/spec - verbs: - - get -- apiGroups: - - "" - resources: - nodes/stats verbs: - get -- apiGroups: - - "" - resources: - - persistentvolumeclaims - verbs: - - list - - watch -- apiGroups: - - "" - resources: - - persistentvolumes - verbs: - - list - - watch -- apiGroups: - - "" - resources: - - pods - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - "" - resources: - - replicationcontrollers - verbs: - - list - - watch -- apiGroups: - - "" - resources: - - resourcequotas - verbs: - - list - - watch -- apiGroups: - - "" - resources: - - secrets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - "" - resources: - - serviceaccounts - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - "" - resources: - - services - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - apiGroups: - '*' resources: @@ -205,6 +83,7 @@ rules: - '*' - apiGroups: - apiextensions.k8s.io + - extensions resources: - customresourcedefinitions verbs: @@ -222,17 +101,6 @@ rules: - apps resources: - daemonsets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - apps - resources: - deployments verbs: - create @@ -246,6 +114,7 @@ rules: - apps resources: - replicasets + - statefulsets verbs: - get - list @@ -257,14 +126,6 @@ rules: verbs: - list - watch -- apiGroups: - - apps - resources: - - statefulsets - verbs: - - get - - list - - watch - apiGroups: - apps - extensions @@ -285,48 +146,18 @@ rules: - apiGroups: - authorization.k8s.io resources: - - clusterrolebindings + - subjectaccessreviews verbs: - create - - delete - get - - list - - patch - - update - - watch - apiGroups: - authorization.k8s.io + - rbac.authorization.k8s.io + - roles.rbac.authorization.k8s.io resources: + - clusterrolebindings - clusterroles - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - authorization.k8s.io - resources: - - pods/exec - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - rolebindings - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - authorization.k8s.io - resources: - roles verbs: - create @@ -336,13 +167,6 @@ rules: - patch - update - watch -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create - - get - apiGroups: - autoscaling resources: @@ -361,13 +185,6 @@ rules: - batch resources: - cronjobs - verbs: - - get - - list - - watch -- apiGroups: - - batch - resources: - jobs verbs: - get @@ -408,18 +225,12 @@ rules: - datadoghq.com resources: - datadogagents - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - datadoghq.com - resources: - datadogagents/finalizers + - datadogmonitors + - datadogmonitors/finalizers + - datadogslos + - datadogslos/finalizers + - extendeddaemonsets verbs: - create - delete @@ -432,19 +243,12 @@ rules: - datadoghq.com resources: - datadogagents/status + - datadogmonitors/status + - datadogslos/status verbs: - get - patch - update -- apiGroups: - - datadoghq.com - resources: - - datadogmetrics - verbs: - - create - - delete - - list - - watch - apiGroups: - datadoghq.com resources: @@ -454,97 +258,25 @@ rules: - apiGroups: - datadoghq.com resources: - - datadogmonitors - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - datadoghq.com - resources: - - datadogmonitors/finalizers + - datadogmetrics verbs: - create - delete - - get - list - - patch - - update - watch -- apiGroups: - - datadoghq.com - resources: - - datadogmonitors/status - verbs: - - get - - patch - - update - apiGroups: - datadoghq.com resources: - datadogpodautoscalers - verbs: - - '*' -- apiGroups: - - datadoghq.com - resources: - datadogpodautoscalers/status verbs: - '*' -- apiGroups: - - datadoghq.com - resources: - - datadogslos - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - datadoghq.com - resources: - - datadogslos/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - datadoghq.com - resources: - - datadogslos/status - verbs: - - get - - patch - - update - apiGroups: - datadoghq.com resources: - extendeddaemonsetreplicasets verbs: - get -- apiGroups: - - datadoghq.com - resources: - - extendeddaemonsets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - apiGroups: - datadoghq.com resources: @@ -553,13 +285,6 @@ rules: - get - list - watch -- apiGroups: - - extensions - resources: - - customresourcedefinitions - verbs: - - list - - watch - apiGroups: - external.metrics.k8s.io resources: @@ -599,14 +324,6 @@ rules: - patch - update - watch -- apiGroups: - - policy - resources: - - podsecuritypolicies - verbs: - - get - - list - - watch - apiGroups: - quota.openshift.io resources: @@ -614,102 +331,6 @@ rules: verbs: - get - list -- apiGroups: - - rbac.authorization.k8s.io - resources: - - clusterrolebindings - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - rbac.authorization.k8s.io - resources: - - clusterroles - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - rbac.authorization.k8s.io - resources: - - rolebindings - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - rbac.authorization.k8s.io - resources: - - roles - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - roles.rbac.authorization.k8s.io - resources: - - clusterrolebindings - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - roles.rbac.authorization.k8s.io - resources: - - clusterroles - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - roles.rbac.authorization.k8s.io - resources: - - rolebindings - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - roles.rbac.authorization.k8s.io - resources: - - roles - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - apiGroups: - security.openshift.io resourceNames: diff --git a/charts/datadog-operator/values.yaml b/charts/datadog-operator/values.yaml index 31f8ecd9c..9881b8687 100644 --- a/charts/datadog-operator/values.yaml +++ b/charts/datadog-operator/values.yaml @@ -47,7 +47,7 @@ image: # image.repository -- Repository to use for Datadog Operator image repository: gcr.io/datadoghq/operator # image.tag -- Define the Datadog Operator version to use - tag: 1.10.0 + tag: 1.11.1 # image.pullPolicy -- Define the pullPolicy for Datadog Operator image pullPolicy: IfNotPresent # image.doNotCheckTag -- Permit skipping operator image tag compatibility with the chart. diff --git a/test/datadog-operator/baseline/DatadogAgent_CRD_default.yaml b/test/datadog-operator/baseline/DatadogAgent_CRD_default.yaml index 2b46bb5d6..0a364f99e 100644 --- a/test/datadog-operator/baseline/DatadogAgent_CRD_default.yaml +++ b/test/datadog-operator/baseline/DatadogAgent_CRD_default.yaml @@ -4,10 +4,10 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.14.0 + controller-gen.kubebuilder.io/version: v0.16.3 name: datadogagents.datadoghq.com labels: - helm.sh/chart: 'datadogCRDs-2.2.0' + helm.sh/chart: 'datadogCRDs-2.3.0' app.kubernetes.io/managed-by: 'Helm' app.kubernetes.io/name: 'datadogCRDs' app.kubernetes.io/instance: 'datadog-operator' @@ -71,6 +71,7 @@ spec: items: properties: name: + default: "" type: string type: object x-kubernetes-map-type: atomic @@ -95,6 +96,7 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean @@ -133,6 +135,7 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean @@ -155,6 +158,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -202,11 +207,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -226,11 +233,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -254,10 +263,20 @@ spec: type: string mutateUnlabelled: type: boolean + mutation: + properties: + enabled: + type: boolean + type: object registry: type: string serviceName: type: string + validation: + properties: + enabled: + type: boolean + type: object webhookName: type: string type: object @@ -778,6 +797,11 @@ spec: type: boolean type: object type: object + serviceDiscovery: + properties: + enabled: + type: boolean + type: object tcpQueueLength: properties: enabled: @@ -791,6 +815,8 @@ spec: type: object global: properties: + checksTagCardinality: + type: string clusterAgentToken: type: string clusterAgentTokenSecret: @@ -881,6 +907,7 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean @@ -919,6 +946,7 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean @@ -978,6 +1006,7 @@ spec: items: properties: name: + default: "" type: string type: object x-kubernetes-map-type: atomic @@ -1000,6 +1029,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -1038,6 +1069,7 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean @@ -1076,6 +1108,7 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean @@ -1136,11 +1169,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -1171,6 +1206,8 @@ spec: type: object registry: type: string + runProcessChecksInCoreAgent: + type: boolean secretBackend: properties: args: @@ -1189,6 +1226,9 @@ spec: type: string type: array x-kubernetes-list-type: set + required: + - namespace + - secrets type: object type: array x-kubernetes-list-type: atomic @@ -1227,11 +1267,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchFields: items: properties: @@ -1243,11 +1285,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic type: object x-kubernetes-map-type: atomic weight: @@ -1258,6 +1302,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: properties: nodeSelectorTerms: @@ -1274,11 +1319,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchFields: items: properties: @@ -1290,14 +1337,17 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic type: object x-kubernetes-map-type: atomic type: array + x-kubernetes-list-type: atomic required: - nodeSelectorTerms type: object @@ -1323,17 +1373,29 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: @@ -1347,11 +1409,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -1362,6 +1426,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: type: string required: @@ -1375,6 +1440,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -1391,17 +1457,29 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: @@ -1415,11 +1493,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -1430,12 +1510,14 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: type: string required: - topologyKey type: object type: array + x-kubernetes-list-type: atomic type: object podAntiAffinity: properties: @@ -1457,17 +1539,29 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: @@ -1481,11 +1575,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -1496,6 +1592,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: type: string required: @@ -1509,6 +1606,7 @@ spec: - weight type: object type: array + x-kubernetes-list-type: atomic requiredDuringSchedulingIgnoredDuringExecution: items: properties: @@ -1525,17 +1623,29 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string type: object type: object x-kubernetes-map-type: atomic + matchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic + mismatchLabelKeys: + items: + type: string + type: array + x-kubernetes-list-type: atomic namespaceSelector: properties: matchExpressions: @@ -1549,11 +1659,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -1564,12 +1676,14 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic topologyKey: type: string required: - topologyKey type: object type: array + x-kubernetes-list-type: atomic type: object type: object annotations: @@ -1605,6 +1719,7 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean @@ -1643,6 +1758,7 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean @@ -1669,6 +1785,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 @@ -1679,6 +1796,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -1699,6 +1817,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -1751,6 +1870,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic type: object failureThreshold: format: int32 @@ -1761,6 +1881,7 @@ spec: format: int32 type: integer service: + default: "" type: string required: - port @@ -1781,6 +1902,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic path: type: string port: @@ -1828,6 +1950,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -1889,16 +2013,27 @@ spec: properties: allowPrivilegeEscalation: type: boolean + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object capabilities: properties: add: items: type: string type: array + x-kubernetes-list-type: atomic drop: items: type: string type: array + x-kubernetes-list-type: atomic type: object privileged: type: boolean @@ -1946,6 +2081,87 @@ spec: type: string type: object type: object + startupProbe: + properties: + exec: + properties: + command: + items: + type: string + type: array + x-kubernetes-list-type: atomic + type: object + failureThreshold: + format: int32 + type: integer + grpc: + properties: + port: + format: int32 + type: integer + service: + default: "" + type: string + required: + - port + type: object + httpGet: + properties: + host: + type: string + httpHeaders: + items: + properties: + name: + type: string + value: + type: string + required: + - name + - value + type: object + type: array + x-kubernetes-list-type: atomic + path: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + scheme: + type: string + required: + - port + type: object + initialDelaySeconds: + format: int32 + type: integer + periodSeconds: + format: int32 + type: integer + successThreshold: + format: int32 + type: integer + tcpSocket: + properties: + host: + type: string + port: + anyOf: + - type: integer + - type: string + x-kubernetes-int-or-string: true + required: + - port + type: object + terminationGracePeriodSeconds: + format: int64 + type: integer + timeoutSeconds: + format: int32 + type: integer + type: object volumeMounts: items: properties: @@ -1957,6 +2173,8 @@ spec: type: string readOnly: type: boolean + recursiveReadOnly: + type: string subPath: type: string subPathExpr: @@ -1972,6 +2190,8 @@ spec: x-kubernetes-list-type: map type: object type: object + createPodDisruptionBudget: + type: boolean createRbac: type: boolean customConfigurations: @@ -2012,6 +2232,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic options: items: properties: @@ -2021,10 +2242,12 @@ spec: type: string type: object type: array + x-kubernetes-list-type: atomic searches: items: type: string type: array + x-kubernetes-list-type: atomic type: object dnsPolicy: type: string @@ -2042,6 +2265,7 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean @@ -2080,6 +2304,7 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean @@ -2101,6 +2326,7 @@ spec: configMapRef: properties: name: + default: "" type: string optional: type: boolean @@ -2111,6 +2337,7 @@ spec: secretRef: properties: name: + default: "" type: string optional: type: boolean @@ -2194,6 +2421,7 @@ spec: items: properties: name: + default: "" type: string type: object x-kubernetes-map-type: atomic @@ -2218,6 +2446,15 @@ spec: type: integer securityContext: properties: + appArmorProfile: + properties: + localhostProfile: + type: string + type: + type: string + required: + - type + type: object fsGroup: format: int64 type: integer @@ -2256,6 +2493,9 @@ spec: format: int64 type: integer type: array + x-kubernetes-list-type: atomic + supplementalGroupsPolicy: + type: string sysctls: items: properties: @@ -2268,6 +2508,7 @@ spec: - value type: object type: array + x-kubernetes-list-type: atomic windowsOptions: properties: gmsaCredentialSpec: @@ -2347,10 +2588,12 @@ spec: diskURI: type: string fsType: + default: ext4 type: string kind: type: string readOnly: + default: false type: boolean required: - diskName @@ -2374,6 +2617,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic path: type: string readOnly: @@ -2383,6 +2627,7 @@ spec: secretRef: properties: name: + default: "" type: string type: object x-kubernetes-map-type: atomic @@ -2400,6 +2645,7 @@ spec: secretRef: properties: name: + default: "" type: string type: object x-kubernetes-map-type: atomic @@ -2428,7 +2674,9 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic name: + default: "" type: string optional: type: boolean @@ -2443,6 +2691,7 @@ spec: nodePublishSecretRef: properties: name: + default: "" type: string type: object x-kubernetes-map-type: atomic @@ -2498,6 +2747,7 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic type: object emptyDir: properties: @@ -2522,6 +2772,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic dataSource: properties: apiGroup: @@ -2551,18 +2802,6 @@ spec: type: object resources: properties: - claims: - items: - properties: - name: - type: string - required: - - name - type: object - type: array - x-kubernetes-list-map-keys: - - name - x-kubernetes-list-type: map limits: additionalProperties: anyOf: @@ -2593,11 +2832,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -2606,6 +2847,8 @@ spec: x-kubernetes-map-type: atomic storageClassName: type: string + volumeAttributesClassName: + type: string volumeMode: type: string volumeName: @@ -2628,10 +2871,12 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic wwids: items: type: string type: array + x-kubernetes-list-type: atomic type: object flexVolume: properties: @@ -2648,6 +2893,7 @@ spec: secretRef: properties: name: + default: "" type: string type: object x-kubernetes-map-type: atomic @@ -2707,6 +2953,13 @@ spec: required: - path type: object + image: + properties: + pullPolicy: + type: string + reference: + type: string + type: object iscsi: properties: chapAuthDiscovery: @@ -2720,6 +2973,7 @@ spec: iqn: type: string iscsiInterface: + default: default type: string lun: format: int32 @@ -2728,11 +2982,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic readOnly: type: boolean secretRef: properties: name: + default: "" type: string type: object x-kubernetes-map-type: atomic @@ -2794,6 +3050,45 @@ spec: sources: items: properties: + clusterTrustBundle: + properties: + labelSelector: + properties: + matchExpressions: + items: + properties: + key: + type: string + operator: + type: string + values: + items: + type: string + type: array + x-kubernetes-list-type: atomic + required: + - key + - operator + type: object + type: array + x-kubernetes-list-type: atomic + matchLabels: + additionalProperties: + type: string + type: object + type: object + x-kubernetes-map-type: atomic + name: + type: string + optional: + type: boolean + path: + type: string + signerName: + type: string + required: + - path + type: object configMap: properties: items: @@ -2811,7 +3106,9 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic name: + default: "" type: string optional: type: boolean @@ -2857,6 +3154,7 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic type: object secret: properties: @@ -2875,7 +3173,9 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic name: + default: "" type: string optional: type: boolean @@ -2895,6 +3195,7 @@ spec: type: object type: object type: array + x-kubernetes-list-type: atomic type: object quobyte: properties: @@ -2921,22 +3222,27 @@ spec: image: type: string keyring: + default: /etc/ceph/keyring type: string monitors: items: type: string type: array + x-kubernetes-list-type: atomic pool: + default: rbd type: string readOnly: type: boolean secretRef: properties: name: + default: "" type: string type: object x-kubernetes-map-type: atomic user: + default: admin type: string required: - image @@ -2945,6 +3251,7 @@ spec: scaleIO: properties: fsType: + default: xfs type: string gateway: type: string @@ -2955,12 +3262,14 @@ spec: secretRef: properties: name: + default: "" type: string type: object x-kubernetes-map-type: atomic sslEnabled: type: boolean storageMode: + default: ThinProvisioned type: string storagePool: type: string @@ -2993,6 +3302,7 @@ spec: - path type: object type: array + x-kubernetes-list-type: atomic optional: type: boolean secretName: @@ -3007,6 +3317,7 @@ spec: secretRef: properties: name: + default: "" type: string type: object x-kubernetes-map-type: atomic @@ -3240,6 +3551,7 @@ spec: items: properties: name: + default: "" type: string type: object x-kubernetes-map-type: atomic @@ -3264,6 +3576,7 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean @@ -3302,6 +3615,7 @@ spec: key: type: string name: + default: "" type: string optional: type: boolean @@ -3324,6 +3638,8 @@ spec: properties: name: type: string + request: + type: string required: - name type: object @@ -3371,11 +3687,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -3395,11 +3713,13 @@ spec: items: type: string type: array + x-kubernetes-list-type: atomic required: - key - operator type: object type: array + x-kubernetes-list-type: atomic matchLabels: additionalProperties: type: string @@ -3423,10 +3743,20 @@ spec: type: string mutateUnlabelled: type: boolean + mutation: + properties: + enabled: + type: boolean + type: object registry: type: string serviceName: type: string + validation: + properties: + enabled: + type: boolean + type: object webhookName: type: string type: object @@ -3947,6 +4277,11 @@ spec: type: boolean type: object type: object + serviceDiscovery: + properties: + enabled: + type: boolean + type: object tcpQueueLength: properties: enabled: diff --git a/test/datadog-operator/baseline/Operator_Deployment_default.yaml b/test/datadog-operator/baseline/Operator_Deployment_default.yaml index cd52a9683..882c74159 100644 --- a/test/datadog-operator/baseline/Operator_Deployment_default.yaml +++ b/test/datadog-operator/baseline/Operator_Deployment_default.yaml @@ -7,9 +7,9 @@ metadata: namespace: datadog-agent labels: app.kubernetes.io/name: datadog-operator - helm.sh/chart: datadog-operator-2.3.0 + helm.sh/chart: datadog-operator-2.5.0 app.kubernetes.io/instance: datadog-operator - app.kubernetes.io/version: "1.10.0" + app.kubernetes.io/version: "1.11.1" app.kubernetes.io/managed-by: Helm spec: replicas: 1 @@ -35,7 +35,7 @@ spec: serviceAccountName: datadog-operator containers: - name: datadog-operator - image: "gcr.io/datadoghq/operator:1.10.0" + image: "gcr.io/datadoghq/operator:1.11.1" imagePullPolicy: IfNotPresent env: - name: WATCH_NAMESPACE diff --git a/test/datadog-operator/operator_deployment_test.go b/test/datadog-operator/operator_deployment_test.go index d97cad2a5..47184d4ad 100644 --- a/test/datadog-operator/operator_deployment_test.go +++ b/test/datadog-operator/operator_deployment_test.go @@ -104,7 +104,7 @@ func verifyDeployment(t *testing.T, manifest string) { assert.Equal(t, 1, len(deployment.Spec.Template.Spec.Containers)) operatorContainer := deployment.Spec.Template.Spec.Containers[0] assert.Equal(t, v1.PullPolicy("IfNotPresent"), operatorContainer.ImagePullPolicy) - assert.Equal(t, "gcr.io/datadoghq/operator:1.10.0", operatorContainer.Image) + assert.Equal(t, "gcr.io/datadoghq/operator:1.11.1", operatorContainer.Image) assert.NotContains(t, operatorContainer.Args, "-webhookEnabled=false") assert.NotContains(t, operatorContainer.Args, "-webhookEnabled=true") } From 4e863bcdf063dc25b2f6cb8a98909970a0d57d94 Mon Sep 17 00:00:00 2001 From: Ethan Wood-Thomas Date: Fri, 20 Dec 2024 10:55:00 -0500 Subject: [PATCH 5/6] Add helm option to enable kubernetesUseEndpointSlices and add endpointslices to DCA RBAC (#1636) * Added kubernetesUseEndpointSlices config option and endpointslices to DCA RBAC * Removed DS_Store from tracked files * Version bump in readme * Set endpointslices as default in RBAC --- charts/datadog/CHANGELOG.md | 5 +++++ charts/datadog/Chart.yaml | 2 +- charts/datadog/README.md | 3 ++- charts/datadog/templates/cluster-agent-deployment.yaml | 2 ++ charts/datadog/templates/cluster-agent-rbac.yaml | 8 ++++++++ charts/datadog/values.yaml | 3 +++ 6 files changed, 21 insertions(+), 2 deletions(-) diff --git a/charts/datadog/CHANGELOG.md b/charts/datadog/CHANGELOG.md index 7db2d99fa..c4d6d3a9b 100644 --- a/charts/datadog/CHANGELOG.md +++ b/charts/datadog/CHANGELOG.md @@ -1,5 +1,10 @@ # Datadog changelog +## 3.84.2 + +* Add `endpointslices.discovery.k8s.io` to the list of resources to collect in the Cluster Agent RBAC. +* Add configuration option for `datadog.kubernetesUseEndpointSlices` to map Kubernetes services to endpoint slices instead of endpoints. Disabled by default. + ## 3.84.1 * Remove deployments.apps example of `datadog.kubernetesResourcesLabelsAsTags` and `datadog.kubernetesResourcesAnnotationsAsTags` since it's not implemented yet diff --git a/charts/datadog/Chart.yaml b/charts/datadog/Chart.yaml index a4357b730..6f16cf41d 100644 --- a/charts/datadog/Chart.yaml +++ b/charts/datadog/Chart.yaml @@ -1,7 +1,7 @@ --- apiVersion: v1 name: datadog -version: 3.84.1 +version: 3.84.2 appVersion: "7" description: Datadog Agent keywords: diff --git a/charts/datadog/README.md b/charts/datadog/README.md index cad18efbf..8a8bde5fd 100644 --- a/charts/datadog/README.md +++ b/charts/datadog/README.md @@ -1,6 +1,6 @@ # Datadog -![Version: 3.84.1](https://img.shields.io/badge/Version-3.84.1-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square) +![Version: 3.84.2](https://img.shields.io/badge/Version-3.84.2-informational?style=flat-square) ![AppVersion: 7](https://img.shields.io/badge/AppVersion-7-informational?style=flat-square) [Datadog](https://www.datadoghq.com/) is a hosted infrastructure monitoring platform. This chart adds the Datadog Agent to all nodes in your cluster via a DaemonSet. It also optionally depends on the [kube-state-metrics chart](https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-state-metrics). For more information about monitoring Kubernetes with Datadog, please refer to the [Datadog documentation website](https://docs.datadoghq.com/agent/basic_agent_usage/kubernetes/). @@ -775,6 +775,7 @@ helm install \ | datadog.kubernetesEvents.unbundleEvents | bool | `false` | Allow unbundling kubernetes events, 1:1 mapping between Kubernetes and Datadog events. (Requires Cluster Agent 7.42.0+). | | datadog.kubernetesResourcesAnnotationsAsTags | object | `{}` | Provide a mapping of Kubernetes Resources Annotations to Datadog Tags | | datadog.kubernetesResourcesLabelsAsTags | object | `{}` | Provide a mapping of Kubernetes Resources Labels to Datadog Tags | +| datadog.kubernetesUseEndpointSlices | bool | `false` | Enable this to map Kubernetes services to endpointslices instead of endpoints. (Requires Cluster Agent 7.62.0+). | | datadog.leaderElection | bool | `true` | Enables leader election mechanism for event collection | | datadog.leaderElectionResource | string | `"configmap"` | Selects the default resource to use for leader election. Can be: * "lease" / "leases". Only supported in agent 7.47+ * "configmap" / "configmaps". "" to automatically detect which one to use. | | datadog.leaderLeaseDuration | string | `nil` | Set the lease time for leader election in second | diff --git a/charts/datadog/templates/cluster-agent-deployment.yaml b/charts/datadog/templates/cluster-agent-deployment.yaml index 1eb9c4fbb..ba12cf523 100644 --- a/charts/datadog/templates/cluster-agent-deployment.yaml +++ b/charts/datadog/templates/cluster-agent-deployment.yaml @@ -324,6 +324,8 @@ spec: - name: DD_COLLECT_KUBERNETES_EVENTS value: {{ .Values.datadog.collectEvents | quote }} {{- end }} + - name: DD_KUBERNETES_USE_ENDPOINT_SLICES + value: {{ .Values.datadog.kubernetesUseEndpointSlices | quote }} - name: DD_KUBERNETES_EVENTS_SOURCE_DETECTION_ENABLED value: {{ .Values.datadog.kubernetesEvents.sourceDetectionEnabled | quote }} - name: DD_CLUSTER_AGENT_KUBERNETES_SERVICE_NAME diff --git a/charts/datadog/templates/cluster-agent-rbac.yaml b/charts/datadog/templates/cluster-agent-rbac.yaml index 2da18ea9b..c434827f4 100644 --- a/charts/datadog/templates/cluster-agent-rbac.yaml +++ b/charts/datadog/templates/cluster-agent-rbac.yaml @@ -29,6 +29,14 @@ rules: - list - watch - create +- apiGroups: + - "discovery.k8s.io" + resources: + - endpointslices + verbs: + - get + - list + - watch - apiGroups: ["quota.openshift.io"] resources: - clusterresourcequotas diff --git a/charts/datadog/values.yaml b/charts/datadog/values.yaml index a3b72aa89..882a8fb52 100644 --- a/charts/datadog/values.yaml +++ b/charts/datadog/values.yaml @@ -386,6 +386,9 @@ datadog: ## ref: https://docs.datadoghq.com/agent/kubernetes/#event-collection collectEvents: true + # datadog.kubernetesUseEndpointSlices -- Enable this to map Kubernetes services to endpointslices instead of endpoints. (Requires Cluster Agent 7.62.0+). + kubernetesUseEndpointSlices: false + # Configure Kubernetes events collection kubernetesEvents: # datadog.kubernetesEvents.sourceDetectionEnabled -- Enable this to map Kubernetes events to integration sources based on controller names. (Requires Cluster Agent 7.56.0+). From 406d5f0b649804fa6931c754ab9929fa7beb97eb Mon Sep 17 00:00:00 2001 From: Gabriel Dos Santos <91925154+gabedos@users.noreply.github.com> Date: Fri, 20 Dec 2024 14:19:27 -0500 Subject: [PATCH 6/6] [CONTP-519] Support K8s admin events (#1639) * Support K8s admin events * Bump conflict * Undo formatting * Update README.md * Update CHANGELOG.md * Update version --- charts/datadog/CHANGELOG.md | 4 ++++ charts/datadog/README.md | 1 + charts/datadog/templates/cluster-agent-deployment.yaml | 4 ++++ charts/datadog/values.yaml | 4 ++++ 4 files changed, 13 insertions(+) diff --git a/charts/datadog/CHANGELOG.md b/charts/datadog/CHANGELOG.md index c4d6d3a9b..4c65aedd6 100644 --- a/charts/datadog/CHANGELOG.md +++ b/charts/datadog/CHANGELOG.md @@ -1,5 +1,9 @@ # Datadog changelog +## 3.84.3 + +* Added the configuration value `clusterAgent.admissionController.kubernetes_admission_events.enabled` to enabled/disable the Kubernetes Admission Events feature. + ## 3.84.2 * Add `endpointslices.discovery.k8s.io` to the list of resources to collect in the Cluster Agent RBAC. diff --git a/charts/datadog/README.md b/charts/datadog/README.md index 8a8bde5fd..43ebfd355 100644 --- a/charts/datadog/README.md +++ b/charts/datadog/README.md @@ -575,6 +575,7 @@ helm install \ | clusterAgent.admissionController.cwsInstrumentation.mode | string | `"remote_copy"` | Mode defines how the CWS Instrumentation should behave. Options are "remote_copy" or "init_container" | | clusterAgent.admissionController.enabled | bool | `true` | Enable the admissionController to be able to inject APM/Dogstatsd config and standard tags (env, service, version) automatically into your pods | | clusterAgent.admissionController.failurePolicy | string | `"Ignore"` | Set the failure policy for dynamic admission control.' | +| clusterAgent.admissionController.kubernetesAdmissionEvents.enabled | bool | `false` | Enable the Kubernetes Admission Events feature. | | clusterAgent.admissionController.mutateUnlabelled | bool | `false` | Enable injecting config without having the pod label 'admission.datadoghq.com/enabled="true"' | | clusterAgent.admissionController.mutation | object | `{"enabled":true}` | Mutation Webhook configuration options | | clusterAgent.admissionController.mutation.enabled | bool | `true` | Enabled enables the Admission Controller mutation webhook. Default: true. (Requires Agent 7.59.0+). | diff --git a/charts/datadog/templates/cluster-agent-deployment.yaml b/charts/datadog/templates/cluster-agent-deployment.yaml index ba12cf523..36233b62d 100644 --- a/charts/datadog/templates/cluster-agent-deployment.yaml +++ b/charts/datadog/templates/cluster-agent-deployment.yaml @@ -258,6 +258,10 @@ spec: - name: DD_ADMISSION_CONTROLLER_CWS_INSTRUMENTATION_MODE value: {{ .Values.clusterAgent.admissionController.cwsInstrumentation.mode | quote }} {{- end }} + {{- if .Values.clusterAgent.admissionController.kubernetesAdmissionEvents.enabled }} + - name: DD_ADMISSION_CONTROLLER_KUBERNETES_ADMISSION_EVENTS_ENABLED + value: "true" + {{- end }} {{ include "ac-agent-sidecar-env" . | nindent 10 }} - name: DD_REMOTE_CONFIGURATION_ENABLED value: {{ include "clusterAgent-remoteConfiguration-enabled" . | quote }} diff --git a/charts/datadog/values.yaml b/charts/datadog/values.yaml index 882a8fb52..647fc43d9 100644 --- a/charts/datadog/values.yaml +++ b/charts/datadog/values.yaml @@ -1215,6 +1215,10 @@ clusterAgent: # Options are "remote_copy" or "init_container" mode: remote_copy + kubernetesAdmissionEvents: + # clusterAgent.admissionController.kubernetesAdmissionEvents.enabled -- Enable the Kubernetes Admission Events feature. + enabled: false + agentSidecarInjection: # clusterAgent.admissionController.agentSidecarInjection.enabled -- Enables Datadog Agent sidecar injection.