From 17a9b0f0d158de70336b3c06d272a1dc6b72060c Mon Sep 17 00:00:00 2001 From: Daniele De Lorenzi Date: Thu, 31 Oct 2024 14:50:18 +0100 Subject: [PATCH] Revert "Revert "Enable CS on prod-k3s, disable AC and KSPM Collector"" --- clusters/common/sysdig-agent/release.yml | 4 +-- .../apps/sysdig-agent/manifests/release.yml | 26 ++++++++++++------- 2 files changed, 19 insertions(+), 11 deletions(-) diff --git a/clusters/common/sysdig-agent/release.yml b/clusters/common/sysdig-agent/release.yml index 35a0698e..de6b9cc6 100644 --- a/clusters/common/sysdig-agent/release.yml +++ b/clusters/common/sysdig-agent/release.yml @@ -30,7 +30,7 @@ spec: registry: quay.io admissionController: - enabled: true + enabled: false features: k8sAuditDetections: true kspmAdmissionController: false @@ -69,7 +69,7 @@ spec: kspmCollector: psp: - create: false + create: false rapidResponse: enabled: false diff --git a/clusters/k8s-vms-daniele/apps/sysdig-agent/manifests/release.yml b/clusters/k8s-vms-daniele/apps/sysdig-agent/manifests/release.yml index c9739fdc..d6d92dd9 100644 --- a/clusters/k8s-vms-daniele/apps/sysdig-agent/manifests/release.yml +++ b/clusters/k8s-vms-daniele/apps/sysdig-agent/manifests/release.yml @@ -19,9 +19,13 @@ spec: deploy: true kspmCollector: + enabled: false probes: initialDelay: 30 + admissionController: + enabled: false + agent: slim: resources: @@ -147,13 +151,17 @@ spec: enabled: true clusterScanner: + enabled: false + + clusterShield: enabled: true - eveEnabled: true - scannerMode: "local" - replicaCount: 1 - runtimeStatusIntegrator: - env: - USE_MAINDB_V2: "true" - imageSbomExtractor: - env: - USE_MAINDB_V2: "true" + cluster_shield: + features: + admission_control: + enabled: false + audit: + enabled: true + container_vulnerability_management: + enabled: true + posture: + enabled: true