diff --git a/README.md b/README.md
index da659ee..0a535d1 100644
--- a/README.md
+++ b/README.md
@@ -111,7 +111,7 @@ No modules.
| [access\_key](#input\_access\_key) | Access key used by the agent to communicate with the instance. Either `access_key` or `existing_access_key_secret_name` is required. This value will be stored in a new secret on the cluster if passed. If you want to use this agent for only metrics or metrics with security and compliance, use a manager key scoped to the IBM Cloud Monitoring instance. If you only want to use the agent for security and compliance use a manager key scoped to the Security and Compliance Center Workload Protection instance. | `string` | `null` | no |
| [add\_cluster\_name](#input\_add\_cluster\_name) | If true, configure the agent to associate a tag containing the cluster name. This tag is added in the format `ibm-containers-kubernetes-cluster-name: cluster_name`. | `bool` | `true` | no |
| [agent\_image\_repository](#input\_agent\_image\_repository) | The image repository to pull the agent image from. | `string` | `"agent-slim"` | no |
-| [agent\_image\_tag\_digest](#input\_agent\_image\_tag\_digest) | The image tag or digest of agent image to use. If using digest, it must be in the format of `X.Y.Z@sha256:xxxxx`. | `string` | `"14.2.2@sha256:8b9768427392315619c9f14a365e7461bb06c0b8b606a9dfee2e87dd32380c4b"` | no |
+| [agent\_image\_tag\_digest](#input\_agent\_image\_tag\_digest) | The image tag or digest of agent image to use. If using digest, it must be in the format of `X.Y.Z@sha256:xxxxx`. | `string` | `"14.2.3@sha256:cb2c437afde546554e04dbc018c125c6ffb60a9878ce6b45a29d769d91782c4b"` | no |
| [agent\_limits\_cpu](#input\_agent\_limits\_cpu) | Specify CPU resource limits for the agent. For more info, see https://cloud.ibm.com/docs/monitoring?topic=monitoring-resource_requirements | `string` | `"1"` | no |
| [agent\_limits\_memory](#input\_agent\_limits\_memory) | Specify memory resource limits for the agent. For more info, see https://cloud.ibm.com/docs/monitoring?topic=monitoring-resource_requirements | `string` | `"1024Mi"` | no |
| [agent\_requests\_cpu](#input\_agent\_requests\_cpu) | Specify CPU resource requests for the agent. For more info, see https://cloud.ibm.com/docs/monitoring?topic=monitoring-resource_requirements | `string` | `"1"` | no |
@@ -120,13 +120,13 @@ No modules.
| [blacklisted\_ports](#input\_blacklisted\_ports) | To block network traffic and metrics from network ports, pass the list of ports from which you want to filter out any data. For more info, see https://cloud.ibm.com/docs/monitoring?topic=monitoring-change_agent#ports | `list(number)` | `[]` | no |
| [chart](#input\_chart) | The name of the Helm chart to deploy. Use `chart_location` to specify helm chart location. | `string` | `"sysdig-deploy"` | no |
| [chart\_location](#input\_chart\_location) | The location of the agent helm chart. | `string` | `"https://charts.sysdig.com"` | no |
-| [chart\_version](#input\_chart\_version) | The version of the agent helm chart to deploy. | `string` | `"1.95.5"` | no |
+| [chart\_version](#input\_chart\_version) | The version of the agent helm chart to deploy. | `string` | `"1.96.0"` | no |
| [cluster\_config\_endpoint\_type](#input\_cluster\_config\_endpoint\_type) | Specify which type of endpoint to use for for cluster config access: 'default', 'private', 'vpe', 'link'. 'default' value will use the default endpoint of the cluster. | `string` | `"default"` | no |
| [cluster\_id](#input\_cluster\_id) | The ID of the cluster you wish to deploy the agent in. | `string` | n/a | yes |
| [cluster\_resource\_group\_id](#input\_cluster\_resource\_group\_id) | The resource group ID of the cluster. | `string` | n/a | yes |
| [cluster\_shield\_deploy](#input\_cluster\_shield\_deploy) | Deploy the Cluster Shield component to provide runtime detection and policy enforcement for Kubernetes workloads. If enabled, a Kubernetes Deployment will be deployed to your cluster using helm. | `bool` | `true` | no |
| [cluster\_shield\_image\_repository](#input\_cluster\_shield\_image\_repository) | The image repository to pull the Cluster Shield image from. | `string` | `"cluster-shield"` | no |
-| [cluster\_shield\_image\_tag\_digest](#input\_cluster\_shield\_image\_tag\_digest) | The image tag or digest to pull for the Cluster Shield component. If using digest, it must be in the format of `X.Y.Z@sha256:xxxxx`. | `string` | `"1.16.1@sha256:a9263bff3bbf22dc3594f83029562e3a0036f08d3978b1bd3f7ddeeb397921c7"` | no |
+| [cluster\_shield\_image\_tag\_digest](#input\_cluster\_shield\_image\_tag\_digest) | The image tag or digest to pull for the Cluster Shield component. If using digest, it must be in the format of `X.Y.Z@sha256:xxxxx`. | `string` | `"1.17.0@sha256:17953e937ad83d427f641412e4dda63f88e1fcb8932453bb618192abfec5c633"` | no |
| [cluster\_shield\_limits\_cpu](#input\_cluster\_shield\_limits\_cpu) | Specify CPU resource limits for the cluster shield pods. | `string` | `"1500m"` | no |
| [cluster\_shield\_limits\_memory](#input\_cluster\_shield\_limits\_memory) | Specify memory resource limits for the cluster shield pods. | `string` | `"1536Mi"` | no |
| [cluster\_shield\_requests\_cpu](#input\_cluster\_shield\_requests\_cpu) | Specify CPU resource requests for the cluster shield pods. | `string` | `"500m"` | no |
@@ -142,7 +142,7 @@ No modules.
| [instance\_region](#input\_instance\_region) | The region of the IBM Cloud Monitoring instance that you want to send metrics to. The region value is used to construct the ingestion and api endpoints. If you are only using the agent for security and compliance monitoring, set this to the region of your IBM Cloud Security and Compliance Center Workload Protection instance. If you have both Cloud Monitoring and Security and Compliance Center Workload Protection instances, the instances must be connected and must be in the same region to use the same agent. | `string` | n/a | yes |
| [is\_vpc\_cluster](#input\_is\_vpc\_cluster) | Specify true if the target cluster is a VPC cluster, false if it is a classic cluster. | `bool` | `true` | no |
| [kernal\_module\_image\_repository](#input\_kernal\_module\_image\_repository) | The image repository to pull the agent kernal module initContainer image from. | `string` | `"agent-kmodule"` | no |
-| [kernel\_module\_image\_tag\_digest](#input\_kernel\_module\_image\_tag\_digest) | The image tag or digest to use for the agent kernel module used by the initContainer. If using digest, it must be in the format of `X.Y.Z@sha256:xxxxx` | `string` | `"14.2.2@sha256:934c151ccc3bb12e2d5764ea2211afd052717a70628e7f4ca164ea553e38b373"` | no |
+| [kernel\_module\_image\_tag\_digest](#input\_kernel\_module\_image\_tag\_digest) | The image tag or digest to use for the agent kernel module used by the initContainer. If using digest, it must be in the format of `X.Y.Z@sha256:xxxxx` | `string` | `"14.2.3@sha256:78c87643d1336efa62f4af8af80290f76097fde51c8d8204a5eb38d73363489d"` | no |
| [max\_surge](#input\_max\_surge) | The number of pods that can be created above the desired amount of daemonset pods during an update. If `max_surge` is set to null, the `max_surge` setting is ignored. The variable accepts absolute number or percentage value(e.g., '1' or '10%'). | `string` | `null` | no |
| [max\_unavailable](#input\_max\_unavailable) | The maximum number of pods that can be unavailable during a DaemonSet rolling update. Accepts absolute number or percentage (e.g., '1' or '10%'). | `string` | `"1"` | no |
| [metrics\_filter](#input\_metrics\_filter) | To filter custom metrics you can specify which metrics to include and exclude. For more info, see https://cloud.ibm.com/docs/monitoring?topic=monitoring-change_kube_agent#change_kube_agent_inc_exc_metrics | list(object({
include = optional(string)
exclude = optional(string)
})) | `[]` | no |
diff --git a/common-dev-assets b/common-dev-assets
index e69bd8d..c432877 160000
--- a/common-dev-assets
+++ b/common-dev-assets
@@ -1 +1 @@
-Subproject commit e69bd8dff2b1305cd376f2549667743320c7a9b9
+Subproject commit c4328778ce1a62bc85f641d9249adaac0493cfc9
diff --git a/examples/obs-agent-ocp/main.tf b/examples/obs-agent-ocp/main.tf
index ccad488..6216159 100644
--- a/examples/obs-agent-ocp/main.tf
+++ b/examples/obs-agent-ocp/main.tf
@@ -71,7 +71,7 @@ locals {
module "ocp_base" {
source = "terraform-ibm-modules/base-ocp-vpc/ibm"
- version = "3.69.0"
+ version = "3.69.1"
resource_group_id = module.resource_group.resource_group_id
region = var.region
tags = var.resource_tags
diff --git a/solutions/fully-configurable/variables.tf b/solutions/fully-configurable/variables.tf
index 048e150..1d6ebb6 100644
--- a/solutions/fully-configurable/variables.tf
+++ b/solutions/fully-configurable/variables.tf
@@ -186,7 +186,7 @@ variable "chart_version" {
description = "The version of the agent helm chart to deploy."
type = string
# This version is automatically managed by renovate automation - do not remove the registryUrl comment on next line
- default = "1.95.5" # registryUrl: charts.sysdig.com
+ default = "1.96.0" # registryUrl: charts.sysdig.com
nullable = false
}
@@ -215,7 +215,7 @@ variable "agent_image_tag_digest" {
description = "The image tag or digest of agent image to use. If using digest, it must be in the format of `X.Y.Z@sha256:xxxxx`."
type = string
# This version is automatically managed by renovate automation - do not remove the datasource comment on next line
- default = "14.2.2@sha256:8b9768427392315619c9f14a365e7461bb06c0b8b606a9dfee2e87dd32380c4b" # datasource: icr.io/ext/sysdig/agent-slim
+ default = "14.2.3@sha256:cb2c437afde546554e04dbc018c125c6ffb60a9878ce6b45a29d769d91782c4b" # datasource: icr.io/ext/sysdig/agent-slim
nullable = false
}
@@ -223,7 +223,7 @@ variable "kernel_module_image_tag_digest" {
description = "The image tag or digest to use for the agent kernel module used by the initContainer. If using digest, it must be in the format of `X.Y.Z@sha256:xxxxx`"
type = string
# This version is automatically managed by renovate automation - do not remove the datasource comment on next line
- default = "14.2.2@sha256:934c151ccc3bb12e2d5764ea2211afd052717a70628e7f4ca164ea553e38b373" # datasource: icr.io/ext/sysdig/agent-kmodule
+ default = "14.2.3@sha256:78c87643d1336efa62f4af8af80290f76097fde51c8d8204a5eb38d73363489d" # datasource: icr.io/ext/sysdig/agent-kmodule
nullable = false
}
@@ -355,7 +355,7 @@ variable "cluster_shield_image_tag_digest" {
description = "The image tag or digest to pull for the Cluster Shield component. If using digest, it must be in the format of `X.Y.Z@sha256:xxxxx`."
type = string
# This version is automatically managed by renovate automation - do not remove the datasource comment on next line
- default = "1.16.1@sha256:a9263bff3bbf22dc3594f83029562e3a0036f08d3978b1bd3f7ddeeb397921c7" # datasource: icr.io/ext/sysdig/cluster-shield
+ default = "1.17.0@sha256:17953e937ad83d427f641412e4dda63f88e1fcb8932453bb618192abfec5c633" # datasource: icr.io/ext/sysdig/cluster-shield
}
variable "cluster_shield_image_repository" {
diff --git a/tests/resources/main.tf b/tests/resources/main.tf
index cc7e20e..7dd02b5 100644
--- a/tests/resources/main.tf
+++ b/tests/resources/main.tf
@@ -71,7 +71,7 @@ locals {
module "ocp_base" {
source = "terraform-ibm-modules/base-ocp-vpc/ibm"
- version = "3.69.0"
+ version = "3.69.1"
resource_group_id = module.resource_group.resource_group_id
region = var.region
tags = var.resource_tags
diff --git a/variables.tf b/variables.tf
index 4077d91..4545832 100644
--- a/variables.tf
+++ b/variables.tf
@@ -162,7 +162,7 @@ variable "chart_version" {
description = "The version of the agent helm chart to deploy."
type = string
# This version is automatically managed by renovate automation - do not remove the registryUrl comment on next line
- default = "1.95.5" # registryUrl: charts.sysdig.com
+ default = "1.96.0" # registryUrl: charts.sysdig.com
nullable = false
}
@@ -191,7 +191,7 @@ variable "agent_image_tag_digest" {
description = "The image tag or digest of agent image to use. If using digest, it must be in the format of `X.Y.Z@sha256:xxxxx`."
type = string
# This version is automatically managed by renovate automation - do not remove the datasource comment on next line
- default = "14.2.2@sha256:8b9768427392315619c9f14a365e7461bb06c0b8b606a9dfee2e87dd32380c4b" # datasource: icr.io/ext/sysdig/agent-slim
+ default = "14.2.3@sha256:cb2c437afde546554e04dbc018c125c6ffb60a9878ce6b45a29d769d91782c4b" # datasource: icr.io/ext/sysdig/agent-slim
nullable = false
}
@@ -199,7 +199,7 @@ variable "kernel_module_image_tag_digest" {
description = "The image tag or digest to use for the agent kernel module used by the initContainer. If using digest, it must be in the format of `X.Y.Z@sha256:xxxxx`"
type = string
# This version is automatically managed by renovate automation - do not remove the datasource comment on next line
- default = "14.2.2@sha256:934c151ccc3bb12e2d5764ea2211afd052717a70628e7f4ca164ea553e38b373" # datasource: icr.io/ext/sysdig/agent-kmodule
+ default = "14.2.3@sha256:78c87643d1336efa62f4af8af80290f76097fde51c8d8204a5eb38d73363489d" # datasource: icr.io/ext/sysdig/agent-kmodule
nullable = false
}
@@ -360,7 +360,7 @@ variable "cluster_shield_image_tag_digest" {
description = "The image tag or digest to pull for the Cluster Shield component. If using digest, it must be in the format of `X.Y.Z@sha256:xxxxx`."
type = string
# This version is automatically managed by renovate automation - do not remove the datasource comment on next line
- default = "1.16.1@sha256:a9263bff3bbf22dc3594f83029562e3a0036f08d3978b1bd3f7ddeeb397921c7" # datasource: icr.io/ext/sysdig/cluster-shield
+ default = "1.17.0@sha256:17953e937ad83d427f641412e4dda63f88e1fcb8932453bb618192abfec5c633" # datasource: icr.io/ext/sysdig/cluster-shield
}
variable "cluster_shield_image_repository" {