feat(falco-talon): Configure Talon pod to not rollout on configmap changes, allow user to input rules.yaml directly, configure Talon to rollout on secret change #774
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
@IgorEulalio: The label(s) In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
poiana
added
the
kind/chart-release
IgorEulalio
changed the title
IgorEulalio
changed the title
poiana
added
size/L
do-not-merge/contains-merge-commits
size/M
and removed
do-not-merge/contains-merge-commits
size/M
size/L
labels
…anges, allow user to input rules.yaml directly, configure Talon to rollout on secret change, bump appVersion v0.2.0 Signed-off-by: Igor Eulalio <[email protected]> feat: trigger rollout based on secret change Signed-off-by: Igor Eulalio <[email protected]> feat: remove rules_override.yaml file, add field so users can specify custom rules directly via values Signed-off-by: Igor Eulalio <[email protected]> chore: bump chart version, update CHANGELOG.md and make docs Signed-off-by: Igor Eulalio <[email protected]> feat: allow users to specify custom service accounts for deployment Signed-off-by: Igor Eulalio <[email protected]> chore: modify changelog.md Signed-off-by: Igor Eulalio <[email protected]> chore(deps): Bump lycheeverse/lychee-action from 2.0.2 to 2.1.0 Bumps [lycheeverse/lychee-action](https://github.com/lycheeverse/lychee-action) from 2.0.2 to 2.1.0. - [Release notes](https://github.com/lycheeverse/lychee-action/releases) - [Commits](lycheeverse/lychee-action@7cd0af4...f81112d) --- updated-dependencies: - dependency-name: lycheeverse/lychee-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> feat: remove helm-generated labels and timestamp so that pod isn't recycled with a new update Signed-off-by: Igor Eulalio <[email protected]> feat: trigger rollout based on secret change Signed-off-by: Igor Eulalio <[email protected]> feat: remove rules_override.yaml file, add field so users can specify custom rules directly via values Signed-off-by: Igor Eulalio <[email protected]> chore: bump chart version, update CHANGELOG.md and make docs Signed-off-by: Igor Eulalio <[email protected]> feat: allow users to specify custom service accounts for deployment Signed-off-by: Igor Eulalio <[email protected]> chore: modify changelog.md Signed-off-by: Igor Eulalio <[email protected]> chore(deps): Bump lycheeverse/lychee-action from 2.0.2 to 2.1.0 Bumps [lycheeverse/lychee-action](https://github.com/lycheeverse/lychee-action) from 2.0.2 to 2.1.0. - [Release notes](https://github.com/lycheeverse/lychee-action/releases) - [Commits](lycheeverse/lychee-action@7cd0af4...f81112d) --- updated-dependencies: - dependency-name: lycheeverse/lychee-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> change the key for the rulesfiles range Signed-off-by: Thomas Labarussias <[email protected]> chore(falco/k8smeta): bump plugin version Signed-off-by: Aldo Lacuku <[email protected]> chore(falco/test): update unit tests to reflect changes in k8smeta tag Signed-off-by: Aldo Lacuku <[email protected]> chore(falco/k8smeta): bump chart version Signed-off-by: Aldo Lacuku <[email protected]> fix(falco/dashboard): make pod variable independent of triggered rules CPU and memory are now visible for each pod, even when no rules have been triggered for that falco instance. Signed-off-by: Aldo Lacuku <[email protected]> chore(falco): bump chart version Signed-off-by: Aldo Lacuku <[email protected]> chore(falco): apply suggestions Co-authored-by: Thomas Labarussias <[email protected]> Signed-off-by: Aldo Lacuku <[email protected]> fix(falco/readme): use rules_files instead of deprecated rules_file in config snippet Using rules_file causes collision with rules_files and falco does not start ``` Tue Nov 12 14:23:17 2024: Using deprecated config key 'rules_file' (singular form). Please use new 'rules_files' config key (plural form). Error: Error reading config file (/etc/falco/falco.yaml): both 'rules_files' and 'rules_file' keys set ``` Signed-off-by: Robin Landström <[email protected]> chore(falco): bump chart version Signed-off-by: Robin Landström <[email protected]> update(falco): bump falco version to 0.39.2 and falcoctl to 0.10.1 Signed-off-by: Aldo Lacuku <[email protected]> chore: bump chart version Signed-off-by: Igor Eulalio <[email protected]> chore: update docs Signed-off-by: Igor Eulalio <[email protected]> chore(deps): Bump lycheeverse/lychee-action from 2.0.2 to 2.1.0 Bumps [lycheeverse/lychee-action](https://github.com/lycheeverse/lychee-action) from 2.0.2 to 2.1.0. - [Release notes](https://github.com/lycheeverse/lychee-action/releases) - [Commits](lycheeverse/lychee-action@7cd0af4...f81112d) --- updated-dependencies: - dependency-name: lycheeverse/lychee-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> change the key for the rulesfiles range Signed-off-by: Thomas Labarussias <[email protected]> chore(falco/k8smeta): bump plugin version Signed-off-by: Aldo Lacuku <[email protected]> chore(falco/test): update unit tests to reflect changes in k8smeta tag Signed-off-by: Aldo Lacuku <[email protected]> chore(falco/k8smeta): bump chart version Signed-off-by: Aldo Lacuku <[email protected]> fix(falco/dashboard): make pod variable independent of triggered rules CPU and memory are now visible for each pod, even when no rules have been triggered for that falco instance. Signed-off-by: Aldo Lacuku <[email protected]> chore(falco): bump chart version Signed-off-by: Aldo Lacuku <[email protected]> chore(falco): apply suggestions Co-authored-by: Thomas Labarussias <[email protected]> Signed-off-by: Aldo Lacuku <[email protected]> fix(falco/readme): use rules_files instead of deprecated rules_file in config snippet Using rules_file causes collision with rules_files and falco does not start ``` Tue Nov 12 14:23:17 2024: Using deprecated config key 'rules_file' (singular form). Please use new 'rules_files' config key (plural form). Error: Error reading config file (/etc/falco/falco.yaml): both 'rules_files' and 'rules_file' keys set ``` Signed-off-by: Robin Landström <[email protected]> chore(falco): bump chart version Signed-off-by: Robin Landström <[email protected]> update(falco): bump falco version to 0.39.2 and falcoctl to 0.10.1 Signed-off-by: Aldo Lacuku <[email protected]> chore: bump appVersion to match talon version Signed-off-by: Igor Eulalio <[email protected]>
Signed-off-by: Igor Eulalio <[email protected]>
Signed-off-by: Igor Eulalio <[email protected]>
Signed-off-by: Thomas Labarussias <[email protected]>
Signed-off-by: Igor Eulalio <[email protected]>
Signed-off-by: Igor Eulalio <[email protected]>
Issif
approved these changes
Nov 27, 2024
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: IgorEulalio, Issif The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
LGTM label has been added. Git tree hash: 16a97dd04eccd051e27e37d3d89d21c6e1ef6e43
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What type of PR is this?
/kind feature
/kind chart-release
Any specific area of the project related to this PR?
/area falco-talon
What this PR does / why we need it:
Which issue(s) this PR fixes:
There's no issue open for this fix.
Special notes for your reviewer:
Checklist