Skip to content

Commit efa8afe

Browse files
author
Daniele De Lorenzi
authored
feat(node-analyzer): Enable debug flag per single VM component(new engine only) and KSPM (#1401)
Signed-off-by: Daniele De Lorenzi <[email protected]>
1 parent 0884f7d commit efa8afe

File tree

8 files changed

+132
-6
lines changed

8 files changed

+132
-6
lines changed

charts/node-analyzer/Chart.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ name: node-analyzer
33
description: Sysdig Node Analyzer
44

55
# currently matching Sysdig's appVersion 1.14.34
6-
version: 1.18.0
6+
version: 1.18.1
77
appVersion: 12.8.0
88
keywords:
99
- monitoring

charts/node-analyzer/README.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -186,6 +186,7 @@ The following table lists the configurable parameters of the Sysdig Node Analyze
186186
| `nodeAnalyzer.benchmarkRunner.resources.limits.cpu` | Specifies the Benchmark Runner CPU limit per node. | `500m` |
187187
| `nodeAnalyzer.benchmarkRunner.resources.limits.memory` | Specifies the Benchmark Runner memory limit per node. | `256Mi` |
188188
| `nodeAnalyzer.benchmarkRunner.env` | Specifies the extra environment variables that will be passed onto pods. | `{}` |
189+
| `nodeAnalyzer.hostScanner.debug` | Set to `true` to show debug logging, which is useful for troubleshooting. | `false` |
189190
| `nodeAnalyzer.hostScanner.deploy` | Deploys the Host Scanner. | unset |
190191
| `nodeAnalyzer.hostScanner.dirsToScan` | Specifies the list of directories to inspect during the scan. | `/etc,/var/lib/dpkg,/var/lib/rpm,/lib/apk/db,/bin,/sbin,/usr/bin,/usr/sbin,/usr/share,/usr/local,/usr/lib,/usr/lib64,/var/lib/google,/var/lib/toolbox,/var/lib/cloud` |
191192
| `nodeAnalyzer.hostScanner.additionalDirsToScan` | Sets the optional comma-separated list of directories in addition to the default ones. | ` ` |
@@ -204,6 +205,7 @@ The following table lists the configurable parameters of the Sysdig Node Analyze
204205
| `nodeAnalyzer.hostScanner.resources.limits.memory` | Specifies the Host Scanner memory limit per node. | `1Gi` |
205206
| `nodeAnalyzer.hostScanner.resources.limits.ephemeral-storage` | Specifies the Host Scanner Storage limit per node. | `1Gi` |
206207
| `nodeAnalyzer.hostScanner.probesPort` | Specifies the port where readiness and liveness probes are exposed. | `7001` |
208+
| `nodeAnalyzer.runtimeScanner.debug` | Set to `true` to show debug logging, which is useful for troubleshooting. | `false` |
207209
| `nodeAnalyzer.runtimeScanner.deploy` | Deploys the Runtime Scanner. | `false` |
208210
| `nodeAnalyzer.runtimeScanner.extraMounts` | Specifies a container engine custom socket path (docker, containerd, CRI-O). | |
209211
| `nodeAnalyzer.runtimeScanner.storageClassName` | Specifies the Runtime Scanner storage class to use instead of emptyDir for ephemeral storage. | `` |

charts/node-analyzer/templates/configmap-host-scanner.yaml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,9 @@ data:
2626
{{- if hasKey .Values.nodeAnalyzer "sslVerifyCertificate" }}
2727
ssl_verify_certificate: "{{ .Values.nodeAnalyzer.sslVerifyCertificate }}"
2828
{{- end }}
29-
debug: "{{ .Values.nodeAnalyzer.debug | default false }}"
29+
{{- if (.Values.nodeAnalyzer.hostScanner.debug | default .Values.nodeAnalyzer.debug) }}
30+
debug: "{{ .Values.nodeAnalyzer.hostScanner.debug | default .Values.nodeAnalyzer.debug }}"
31+
{{- end }}
3032
{{- if (.Values.nodeAnalyzer.hostScanner.httpProxy | default .Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy) }}
3133
http_proxy: {{ .Values.nodeAnalyzer.hostScanner.httpProxy | default .Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy }}
3234
{{- end -}}

charts/node-analyzer/templates/configmap-kspm-analyzer.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ metadata:
99
{{ include "nodeAnalyzer.labels" . | indent 4 }}
1010
data:
1111
{{- $env := "PRODUCTION" -}}
12-
{{ if .Values.nodeAnalyzer.kspmAnalyzer.debug }}
12+
{{ if (.Values.nodeAnalyzer.kspmAnalyzer.debug | default .Values.nodeAnalyzer.debug) }}
1313
{{- $env = "DEVELOPMENT" -}}
1414
{{ end}}
1515
environment: {{ $env }}

charts/node-analyzer/templates/runtimeScanner/runtime-scanner-configmap.yaml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,9 @@ data:
1111
{{- if hasKey .Values.nodeAnalyzer "sslVerifyCertificate" }}
1212
ssl_verify_certificate: "{{ .Values.nodeAnalyzer.sslVerifyCertificate }}"
1313
{{- end }}
14-
debug: "{{ .Values.nodeAnalyzer.debug | default false }}"
14+
{{- if (.Values.nodeAnalyzer.runtimeScanner.debug | default .Values.nodeAnalyzer.debug) }}
15+
debug: "{{ .Values.nodeAnalyzer.runtimeScanner.debug | default .Values.nodeAnalyzer.debug }}"
16+
{{- end }}
1517
{{- if (.Values.nodeAnalyzer.runtimeScanner.httpProxy | default .Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy) }}
1618
http_proxy: {{ .Values.nodeAnalyzer.runtimeScanner.httpProxy | default .Values.nodeAnalyzer.httpProxy | default .Values.global.proxy.httpProxy }}
1719
{{- end -}}

charts/node-analyzer/tests/debug_override_test.yaml

Lines changed: 113 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,113 @@
1+
suite: Test overrides of global nodeAnalyzer.debug flag
2+
templates:
3+
- templates/configmap-host-scanner.yaml
4+
- templates/configmap-kspm-analyzer.yaml
5+
- templates/runtimeScanner/runtime-scanner-configmap.yaml
6+
tests:
7+
- it: check value of debug for runtimeScanner - local value provided
8+
set:
9+
clusterName: test-k8s
10+
nodeAnalyzer:
11+
runtimeScanner:
12+
deploy: true
13+
debug: true
14+
asserts:
15+
- equal:
16+
path: data.debug
17+
value: "true"
18+
template: templates/runtimeScanner/runtime-scanner-configmap.yaml
19+
20+
- it: check value of debug (trace level) for runtimeScanner - local value provided
21+
set:
22+
clusterName: test-k8s
23+
nodeAnalyzer:
24+
runtimeScanner:
25+
deploy: true
26+
debug: trace
27+
asserts:
28+
- equal:
29+
path: data.debug
30+
value: "trace"
31+
template: templates/runtimeScanner/runtime-scanner-configmap.yaml
32+
33+
- it: check value of debug for runtimeScanner - global (nodeAnalyzer.debug) value provided
34+
set:
35+
clusterName: test-k8s
36+
nodeAnalyzer:
37+
debug: true
38+
runtimeScanner:
39+
deploy: true
40+
asserts:
41+
- equal:
42+
path: data.debug
43+
value: "true"
44+
template: templates/runtimeScanner/runtime-scanner-configmap.yaml
45+
46+
- it: check value of debug for hostScanner - local value provided
47+
set:
48+
clusterName: test-k8s
49+
nodeAnalyzer:
50+
hostScanner:
51+
deploy: true
52+
debug: true
53+
asserts:
54+
- equal:
55+
path: data.debug
56+
value: "true"
57+
template: templates/configmap-host-scanner.yaml
58+
59+
- it: check value of debug (trace level) for hostScanner - local value provided
60+
set:
61+
clusterName: test-k8s
62+
nodeAnalyzer:
63+
hostScanner:
64+
deploy: true
65+
debug: trace
66+
asserts:
67+
- equal:
68+
path: data.debug
69+
value: "trace"
70+
template: templates/configmap-host-scanner.yaml
71+
72+
- it: check value of debug for hostScanner - global (nodeAnalyzer.debug) value provided
73+
set:
74+
clusterName: test-k8s
75+
nodeAnalyzer:
76+
debug: true
77+
hostScanner:
78+
deploy: true
79+
asserts:
80+
- equal:
81+
path: data.debug
82+
value: "true"
83+
template: templates/configmap-host-scanner.yaml
84+
85+
- it: check value of debug for kspmAnalyzer - local value provided
86+
set:
87+
global:
88+
kspm:
89+
deploy: true
90+
clusterName: test-k8s
91+
nodeAnalyzer:
92+
kspmAnalyzer:
93+
debug: true
94+
asserts:
95+
- equal:
96+
path: data.environment
97+
value: "DEVELOPMENT"
98+
template: templates/configmap-kspm-analyzer.yaml
99+
100+
- it: check value of debug for kspmAnalyzer - global (nodeAnalyzer.debug) value provided
101+
set:
102+
global:
103+
kspm:
104+
deploy: true
105+
clusterName: test-k8s
106+
nodeAnalyzer:
107+
deploy: true
108+
debug: true
109+
asserts:
110+
- equal:
111+
path: data.environment
112+
value: "DEVELOPMENT"
113+
template: templates/configmap-kspm-analyzer.yaml

charts/node-analyzer/values.yaml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -301,6 +301,10 @@ nodeAnalyzer:
301301
# Note: deploy has been commented so that it will be used as hard override to newEngineOnly flag
302302
# but when not set, newEngineOnly will win. Desiderata examples in ./tests/runtimescanner_test.yaml
303303
# deploy: false
304+
305+
# Can be set to "true" to show debug logging or "trace" to show trace logging, useful for troubleshooting.
306+
debug: false
307+
304308
probesPort: 7002
305309
image:
306310
repository: sysdig/vuln-runtime-scanner
@@ -369,6 +373,9 @@ nodeAnalyzer:
369373
# but when not set, newEngineOnly will win. Desiderata examples in ./tests/hostscanner_test.yaml
370374
# deploy: false
371375

376+
# Can be set to "true" to show debug logging or "trace" to show trace logging, useful for troubleshooting.
377+
debug: false
378+
372379
# scanOnStart will make a scan happen at startup.
373380
# scanOnStart: true
374381
#

charts/sysdig-deploy/Chart.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@ apiVersion: v2
22
name: sysdig-deploy
33
description: A chart with various Sysdig components for Kubernetes
44
type: application
5-
version: 1.29.0
5+
version: 1.29.1
66
maintainers:
77
- name: AlbertoBarba
88
email: [email protected]
@@ -36,7 +36,7 @@ dependencies:
3636
- name: node-analyzer
3737
# repository: https://charts.sysdig.com
3838
repository: file://../node-analyzer
39-
version: ~1.18.0
39+
version: ~1.18.1
4040
alias: nodeAnalyzer
4141
condition: nodeAnalyzer.enabled
4242
- name: cluster-scanner

0 commit comments

Comments
 (0)