diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 3e81d57..261ecd8 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -8,7 +8,7 @@ on:
jobs:
call-terraform-ci-pipeline:
- uses: terraform-ibm-modules/common-pipeline-assets/.github/workflows/common-terraform-module-ci-v2.yml@v1.23.1
+ uses: terraform-ibm-modules/common-pipeline-assets/.github/workflows/common-terraform-module-ci-v2.yml@v1.23.2
secrets: inherit
with:
craSCCv2: true
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 8ae9c0a..a6421eb 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -8,5 +8,5 @@ on:
jobs:
call-terraform-release-pipeline:
- uses: terraform-ibm-modules/common-pipeline-assets/.github/workflows/common-release.yml@v1.23.1
+ uses: terraform-ibm-modules/common-pipeline-assets/.github/workflows/common-release.yml@v1.23.2
secrets: inherit
diff --git a/README.md b/README.md
index 3f3cd8d..d109c83 100644
--- a/README.md
+++ b/README.md
@@ -120,13 +120,13 @@ No modules.
| [blacklisted\_ports](#input\_blacklisted\_ports) | To block network traffic and metrics from network ports, pass the list of ports from which you want to filter out any data. For more info, see https://cloud.ibm.com/docs/monitoring?topic=monitoring-change_agent#ports | `list(number)` | `[]` | no |
| [chart](#input\_chart) | The name of the Helm chart to deploy. Use `chart_location` to specify helm chart location. | `string` | `"sysdig-deploy"` | no |
| [chart\_location](#input\_chart\_location) | The location of the agent helm chart. | `string` | `"https://charts.sysdig.com"` | no |
-| [chart\_version](#input\_chart\_version) | The version of the agent helm chart to deploy. | `string` | `"1.93.6"` | no |
+| [chart\_version](#input\_chart\_version) | The version of the agent helm chart to deploy. | `string` | `"1.95.2"` | no |
| [cluster\_config\_endpoint\_type](#input\_cluster\_config\_endpoint\_type) | Specify which type of endpoint to use for for cluster config access: 'default', 'private', 'vpe', 'link'. 'default' value will use the default endpoint of the cluster. | `string` | `"default"` | no |
| [cluster\_id](#input\_cluster\_id) | The ID of the cluster you wish to deploy the agent in. | `string` | n/a | yes |
| [cluster\_resource\_group\_id](#input\_cluster\_resource\_group\_id) | The resource group ID of the cluster. | `string` | n/a | yes |
| [cluster\_shield\_deploy](#input\_cluster\_shield\_deploy) | Deploy the Cluster Shield component to provide runtime detection and policy enforcement for Kubernetes workloads. If enabled, a Kubernetes Deployment will be deployed to your cluster using helm. | `bool` | `true` | no |
| [cluster\_shield\_image\_repository](#input\_cluster\_shield\_image\_repository) | The image repository to pull the Cluster Shield image from. | `string` | `"cluster-shield"` | no |
-| [cluster\_shield\_image\_tag\_digest](#input\_cluster\_shield\_image\_tag\_digest) | The image tag or digest to pull for the Cluster Shield component. If using digest, it must be in the format of `X.Y.Z@sha256:xxxxx`. | `string` | `"1.15.0@sha256:a8a733fe8e06fcba0eaeff3d078db74e40197d6e03608efba3bbe3c11990bfe6"` | no |
+| [cluster\_shield\_image\_tag\_digest](#input\_cluster\_shield\_image\_tag\_digest) | The image tag or digest to pull for the Cluster Shield component. If using digest, it must be in the format of `X.Y.Z@sha256:xxxxx`. | `string` | `"1.16.0@sha256:3379ee88221885d75913d1e6b9bece8363ac3645194fb0b515b45f5b20add1fa"` | no |
| [cluster\_shield\_limits\_cpu](#input\_cluster\_shield\_limits\_cpu) | Specify CPU resource limits for the cluster shield pods. | `string` | `"1500m"` | no |
| [cluster\_shield\_limits\_memory](#input\_cluster\_shield\_limits\_memory) | Specify memory resource limits for the cluster shield pods. | `string` | `"1536Mi"` | no |
| [cluster\_shield\_requests\_cpu](#input\_cluster\_shield\_requests\_cpu) | Specify CPU resource requests for the cluster shield pods. | `string` | `"500m"` | no |
diff --git a/examples/obs-agent-iks/main.tf b/examples/obs-agent-iks/main.tf
index 1ae0ec7..ebbc0ef 100644
--- a/examples/obs-agent-iks/main.tf
+++ b/examples/obs-agent-iks/main.tf
@@ -108,7 +108,7 @@ resource "time_sleep" "wait_operators" {
module "cloud_monitoring" {
source = "terraform-ibm-modules/cloud-monitoring/ibm"
- version = "1.7.2"
+ version = "1.8.1"
instance_name = "${var.prefix}-cloud-monitoring"
resource_group_id = module.resource_group.resource_group_id
resource_tags = var.resource_tags
@@ -122,7 +122,7 @@ module "cloud_monitoring" {
module "scc_wp" {
source = "terraform-ibm-modules/scc-workload-protection/ibm"
- version = "1.12.1"
+ version = "1.13.0"
name = "${var.prefix}-scc-wp"
resource_group_id = module.resource_group.resource_group_id
region = var.region
diff --git a/examples/obs-agent-ocp/main.tf b/examples/obs-agent-ocp/main.tf
index a43cb0a..287a6d4 100644
--- a/examples/obs-agent-ocp/main.tf
+++ b/examples/obs-agent-ocp/main.tf
@@ -71,7 +71,7 @@ locals {
module "ocp_base" {
source = "terraform-ibm-modules/base-ocp-vpc/ibm"
- version = "3.61.0"
+ version = "3.63.1"
resource_group_id = module.resource_group.resource_group_id
region = var.region
tags = var.resource_tags
@@ -95,7 +95,7 @@ data "ibm_container_cluster_config" "cluster_config" {
module "cloud_monitoring" {
source = "terraform-ibm-modules/cloud-monitoring/ibm"
- version = "1.7.2"
+ version = "1.8.1"
instance_name = "${var.prefix}-cloud-monitoring"
resource_group_id = module.resource_group.resource_group_id
resource_tags = var.resource_tags
@@ -109,7 +109,7 @@ module "cloud_monitoring" {
module "scc_wp" {
source = "terraform-ibm-modules/scc-workload-protection/ibm"
- version = "1.12.1"
+ version = "1.13.0"
name = "${var.prefix}-scc-wp"
resource_group_id = module.resource_group.resource_group_id
region = var.region
diff --git a/solutions/fully-configurable/variables.tf b/solutions/fully-configurable/variables.tf
index 50b9c35..1b6e594 100644
--- a/solutions/fully-configurable/variables.tf
+++ b/solutions/fully-configurable/variables.tf
@@ -186,7 +186,7 @@ variable "chart_version" {
description = "The version of the agent helm chart to deploy."
type = string
# This version is automatically managed by renovate automation - do not remove the registryUrl comment on next line
- default = "1.93.6" # registryUrl: charts.sysdig.com
+ default = "1.95.2" # registryUrl: charts.sysdig.com
nullable = false
}
@@ -355,7 +355,7 @@ variable "cluster_shield_image_tag_digest" {
description = "The image tag or digest to pull for the Cluster Shield component. If using digest, it must be in the format of `X.Y.Z@sha256:xxxxx`."
type = string
# This version is automatically managed by renovate automation - do not remove the datasource comment on next line
- default = "1.15.0@sha256:a8a733fe8e06fcba0eaeff3d078db74e40197d6e03608efba3bbe3c11990bfe6" # datasource: icr.io/ext/sysdig/cluster-shield
+ default = "1.16.0@sha256:3379ee88221885d75913d1e6b9bece8363ac3645194fb0b515b45f5b20add1fa" # datasource: icr.io/ext/sysdig/cluster-shield
}
variable "cluster_shield_image_repository" {
diff --git a/solutions/fully-configurable/version.tf b/solutions/fully-configurable/version.tf
index b261b68..6f1dd4c 100644
--- a/solutions/fully-configurable/version.tf
+++ b/solutions/fully-configurable/version.tf
@@ -6,7 +6,7 @@ terraform {
# Lock DA into an exact provider version - renovate automation will keep it updated
ibm = {
source = "ibm-cloud/ibm"
- version = "1.82.1"
+ version = "1.83.1"
}
helm = {
source = "hashicorp/helm"
diff --git a/tests/go.mod b/tests/go.mod
index d3caed2..2e90e1e 100644
--- a/tests/go.mod
+++ b/tests/go.mod
@@ -5,9 +5,10 @@ go 1.24.0
toolchain go1.25.1
require (
+ github.com/IBM/go-sdk-core v1.1.0
github.com/gruntwork-io/terratest v0.51.0
github.com/stretchr/testify v1.11.1
- github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.6
+ github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.10
)
require (
@@ -15,7 +16,6 @@ require (
github.com/IBM-Cloud/bluemix-go v0.0.0-20240719075425-078fcb3a55be // indirect
github.com/IBM-Cloud/power-go-client v1.12.0 // indirect
github.com/IBM/cloud-databases-go-sdk v0.8.0 // indirect
- github.com/IBM/go-sdk-core v1.1.0 // indirect
github.com/IBM/go-sdk-core/v5 v5.21.0 // indirect
github.com/IBM/platform-services-go-sdk v0.86.1 // indirect
github.com/IBM/project-go-sdk v0.3.6 // indirect
diff --git a/tests/go.sum b/tests/go.sum
index 4bda21e..7f12dda 100644
--- a/tests/go.sum
+++ b/tests/go.sum
@@ -302,8 +302,8 @@ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO
github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U=
github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U=
-github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.6 h1:Tr7AlrQ+s1Nc9VOwB+It8sItnDOXhfXTxKqI2KtdyFA=
-github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.6/go.mod h1:YBrRYc+5y5Pr9CXmY35lOqTQdlIjA4x4+3iVObXGOCE=
+github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.10 h1:dOH4lHp8/wtXDNJA2SGI2NOuMp/EDoWFw1uVWf5HJ88=
+github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper v1.60.10/go.mod h1:YBrRYc+5y5Pr9CXmY35lOqTQdlIjA4x4+3iVObXGOCE=
github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk=
github.com/tmccombs/hcl2json v0.6.4 h1:/FWnzS9JCuyZ4MNwrG4vMrFrzRgsWEOVi+1AyYUVLGw=
github.com/tmccombs/hcl2json v0.6.4/go.mod h1:+ppKlIW3H5nsAsZddXPy2iMyvld3SHxyjswOZhavRDk=
@@ -518,6 +518,7 @@ gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
+gopkg.in/go-playground/assert.v1 v1.2.1 h1:xoYuJVE7KT85PYWrN730RguIQO0ePzVRfFMXadIrXTM=
gopkg.in/go-playground/assert.v1 v1.2.1/go.mod h1:9RXL0bg/zibRAgZUYszZSwO/z8Y/a8bDuhia5mkpMnE=
gopkg.in/go-playground/validator.v9 v9.30.0/go.mod h1:+c9/zcJMFNgbLvly1L1V+PpxWdVbfP1avr/N00E2vyQ=
gopkg.in/go-playground/validator.v9 v9.31.0 h1:bmXmP2RSNtFES+bn4uYuHT7iJFJv7Vj+an+ZQdDaD1M=
diff --git a/tests/resources/main.tf b/tests/resources/main.tf
index 89674bc..5703a40 100644
--- a/tests/resources/main.tf
+++ b/tests/resources/main.tf
@@ -71,7 +71,7 @@ locals {
module "ocp_base" {
source = "terraform-ibm-modules/base-ocp-vpc/ibm"
- version = "3.61.0"
+ version = "3.63.1"
resource_group_id = module.resource_group.resource_group_id
region = var.region
tags = var.resource_tags
@@ -90,7 +90,7 @@ module "ocp_base" {
module "cloud_monitoring" {
source = "terraform-ibm-modules/cloud-monitoring/ibm"
- version = "1.7.2"
+ version = "1.8.1"
instance_name = "${var.prefix}-cloud-monitoring"
resource_group_id = module.resource_group.resource_group_id
resource_tags = var.resource_tags
diff --git a/variables.tf b/variables.tf
index a251eb9..b962966 100644
--- a/variables.tf
+++ b/variables.tf
@@ -162,7 +162,7 @@ variable "chart_version" {
description = "The version of the agent helm chart to deploy."
type = string
# This version is automatically managed by renovate automation - do not remove the registryUrl comment on next line
- default = "1.93.6" # registryUrl: charts.sysdig.com
+ default = "1.95.2" # registryUrl: charts.sysdig.com
nullable = false
}
@@ -360,7 +360,7 @@ variable "cluster_shield_image_tag_digest" {
description = "The image tag or digest to pull for the Cluster Shield component. If using digest, it must be in the format of `X.Y.Z@sha256:xxxxx`."
type = string
# This version is automatically managed by renovate automation - do not remove the datasource comment on next line
- default = "1.15.0@sha256:a8a733fe8e06fcba0eaeff3d078db74e40197d6e03608efba3bbe3c11990bfe6" # datasource: icr.io/ext/sysdig/cluster-shield
+ default = "1.16.0@sha256:3379ee88221885d75913d1e6b9bece8363ac3645194fb0b515b45f5b20add1fa" # datasource: icr.io/ext/sysdig/cluster-shield
}
variable "cluster_shield_image_repository" {