From c783e0fba114d30a419ce2aab490690aefb7ca1f Mon Sep 17 00:00:00 2001 From: Daniele De Lorenzi Date: Thu, 31 Oct 2024 14:17:26 +0100 Subject: [PATCH] Revert "Enable CS on prod-k3s, disable AC and KSPM Collector" --- clusters/common/sysdig-agent/release.yml | 4 +-- .../apps/sysdig-agent/manifests/release.yml | 26 +++++++------------ 2 files changed, 11 insertions(+), 19 deletions(-) diff --git a/clusters/common/sysdig-agent/release.yml b/clusters/common/sysdig-agent/release.yml index de6b9cc6..35a0698e 100644 --- a/clusters/common/sysdig-agent/release.yml +++ b/clusters/common/sysdig-agent/release.yml @@ -30,7 +30,7 @@ spec: registry: quay.io admissionController: - enabled: false + enabled: true features: k8sAuditDetections: true kspmAdmissionController: false @@ -69,7 +69,7 @@ spec: kspmCollector: psp: - create: false + create: false rapidResponse: enabled: false diff --git a/clusters/k8s-vms-daniele/apps/sysdig-agent/manifests/release.yml b/clusters/k8s-vms-daniele/apps/sysdig-agent/manifests/release.yml index d6d92dd9..c9739fdc 100644 --- a/clusters/k8s-vms-daniele/apps/sysdig-agent/manifests/release.yml +++ b/clusters/k8s-vms-daniele/apps/sysdig-agent/manifests/release.yml @@ -19,13 +19,9 @@ spec: deploy: true kspmCollector: - enabled: false probes: initialDelay: 30 - admissionController: - enabled: false - agent: slim: resources: @@ -151,17 +147,13 @@ spec: enabled: true clusterScanner: - enabled: false - - clusterShield: enabled: true - cluster_shield: - features: - admission_control: - enabled: false - audit: - enabled: true - container_vulnerability_management: - enabled: true - posture: - enabled: true + eveEnabled: true + scannerMode: "local" + replicaCount: 1 + runtimeStatusIntegrator: + env: + USE_MAINDB_V2: "true" + imageSbomExtractor: + env: + USE_MAINDB_V2: "true"