github/kubeshark
1
0
Fork 0
mirror of https://github.com/kubeshark/kubeshark.git synced 2026-05-28 03:54:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

🔖 Release v53.3.0 (#1937)

Browse Source 
* 🔖 Bump the Helm chart version to 53.3.0

* 🙈 Add .claude/ to .gitignore

* 🔥 Remove .claude/ and RELEASE_NOTES_v53.2.5.md

*  Revert changes to release-tag.yml

---------

Co-authored-by: Alon Girmonsky <alongir@Alons-MacBook-Air.local>
Co-authored-by: Alon Girmonsky <alongir@Alons-Mac-Studio.local>
This commit is contained in:
Alon Girmonsky
2026-05-19 02:00:17 -07:00
committed by GitHub
parent b2a0fb0cea
commit f97866f747
4 changed files with 77 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored
View File

@@ -66,4 +66,5 @@ scripts/
kubeshark.yaml
# Claude Code
CLAUDE.md
CLAUDE.md
.claude/

2
helm-chart/Chart.yaml
View File

@@ -1,6 +1,6 @@
apiVersion: v2
name: kubeshark
version: "53.2.5"
version: "53.3.0"
description: The API Traffic Analyzer for Kubernetes
home: https://kubeshark.com
keywords:

26
helm-chart/values.yaml
View File

@@ -152,30 +152,10 @@ tap:
front: []
auth:
enabled: false
# Valid values: saml, oidc (generic OIDC — Dex, Okta, Auth0, Keycloak,
# Azure AD, Google, …), dex (permanent alias of oidc), descope, default
# (also Descope). Was previously misnamed: prior releases routed `oidc`
# to Descope. See release notes for migration.
type: saml
# Name of the JWT claim (OIDC) or SAML attribute carrying role memberships.
rolesClaim: role
# Optional: role name inside `roles` applied as a fallback when an
# authenticated user has no matching role in their token/assertion.
# Empty string means no fallback (authenticated but no elevated permissions).
defaultRole: ""
# Backend-neutral role map shared by SAML and OIDC. Empty/unset grants
# nothing — admins opt into elevated access by populating this map.
#
# Per-role `namespaces` controls which Kubernetes namespaces the role's
# users are allowed to see traffic for. Comma-separated list:
# "" — deny all (explicit deny-default for this role).
# "*" — allow every namespace (no scope filter applied).
# "foo" — only the literal namespace "foo" (src or dst).
# "foo,bar" — OR over both literal namespaces.
# "foo-*" — glob expansion against the cluster's known namespaces.
roles:
admin:
namespaces: "*"
filter: ""
canDownloadPCAP: true
canUseScripting: true
scriptingPermissions:
@@ -186,6 +166,9 @@ tap:
canStopTrafficCapturing: true
canControlDissection: true
showAdminConsoleLink: true
rolesClaim: role
defaultRole: ""
defaultFilter: ""
saml:
idpMetadataUrl: ""
x509crt: ""
@@ -232,6 +215,7 @@ tap:
- postgresql
- redis
- ws
- tlsx
- ldap
- radius
- diameter

130
manifests/complete.yaml
View File

@@ -4,10 +4,10 @@ apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
labels:
helm.sh/chart: kubeshark-53.2.5
helm.sh/chart: kubeshark-53.3.0
app.kubernetes.io/name: kubeshark
app.kubernetes.io/instance: kubeshark
app.kubernetes.io/version: "53.2.5"
app.kubernetes.io/version: "53.3.0"
app.kubernetes.io/managed-by: Helm
name: kubeshark-hub-network-policy
namespace: default
@@ -33,10 +33,10 @@ apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
labels:
helm.sh/chart: kubeshark-53.2.5
helm.sh/chart: kubeshark-53.3.0
app.kubernetes.io/name: kubeshark
app.kubernetes.io/instance: kubeshark
app.kubernetes.io/version: "53.2.5"
app.kubernetes.io/version: "53.3.0"
app.kubernetes.io/managed-by: Helm
annotations:
name: kubeshark-front-network-policy
@@ -60,10 +60,10 @@ apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
labels:
helm.sh/chart: kubeshark-53.2.5
helm.sh/chart: kubeshark-53.3.0
app.kubernetes.io/name: kubeshark
app.kubernetes.io/instance: kubeshark
app.kubernetes.io/version: "53.2.5"
app.kubernetes.io/version: "53.3.0"
app.kubernetes.io/managed-by: Helm
annotations:
name: kubeshark-dex-network-policy
@@ -87,10 +87,10 @@ apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
labels:
helm.sh/chart: kubeshark-53.2.5
helm.sh/chart: kubeshark-53.3.0
app.kubernetes.io/name: kubeshark
app.kubernetes.io/instance: kubeshark
app.kubernetes.io/version: "53.2.5"
app.kubernetes.io/version: "53.3.0"
app.kubernetes.io/managed-by: Helm
annotations:
name: kubeshark-worker-network-policy
@@ -116,10 +116,10 @@ apiVersion: v1
kind: ServiceAccount
metadata:
labels:
helm.sh/chart: kubeshark-53.2.5
helm.sh/chart: kubeshark-53.3.0
app.kubernetes.io/name: kubeshark
app.kubernetes.io/instance: kubeshark
app.kubernetes.io/version: "53.2.5"
app.kubernetes.io/version: "53.3.0"
app.kubernetes.io/managed-by: Helm
name: kubeshark-service-account
namespace: default
@@ -132,10 +132,10 @@ metadata:
namespace: default
labels:
app.kubeshark.com/app: hub
helm.sh/chart: kubeshark-53.2.5
helm.sh/chart: kubeshark-53.3.0
app.kubernetes.io/name: kubeshark
app.kubernetes.io/instance: kubeshark
app.kubernetes.io/version: "53.2.5"
app.kubernetes.io/version: "53.3.0"
app.kubernetes.io/managed-by: Helm
stringData:
LICENSE: ''
@@ -151,10 +151,10 @@ metadata:
namespace: default
labels:
app.kubeshark.com/app: hub
helm.sh/chart: kubeshark-53.2.5
helm.sh/chart: kubeshark-53.3.0
app.kubernetes.io/name: kubeshark
app.kubernetes.io/instance: kubeshark
app.kubernetes.io/version: "53.2.5"
app.kubernetes.io/version: "53.3.0"
app.kubernetes.io/managed-by: Helm
stringData:
AUTH_SAML_X509_CRT: |
@@ -167,10 +167,10 @@ metadata:
namespace: default
labels:
app.kubeshark.com/app: hub
helm.sh/chart: kubeshark-53.2.5
helm.sh/chart: kubeshark-53.3.0
app.kubernetes.io/name: kubeshark
app.kubernetes.io/instance: kubeshark
app.kubernetes.io/version: "53.2.5"
app.kubernetes.io/version: "53.3.0"
app.kubernetes.io/managed-by: Helm
stringData:
AUTH_SAML_X509_KEY: |
@@ -182,10 +182,10 @@ metadata:
name: kubeshark-nginx-config-map
namespace: default
labels:
helm.sh/chart: kubeshark-53.2.5
helm.sh/chart: kubeshark-53.3.0
app.kubernetes.io/name: kubeshark
app.kubernetes.io/instance: kubeshark
app.kubernetes.io/version: "53.2.5"
app.kubernetes.io/version: "53.3.0"
app.kubernetes.io/managed-by: Helm
data:
default.conf: |
@@ -252,10 +252,10 @@ metadata:
namespace: default
labels:
app.kubeshark.com/app: hub
helm.sh/chart: kubeshark-53.2.5
helm.sh/chart: kubeshark-53.3.0
app.kubernetes.io/name: kubeshark
app.kubernetes.io/instance: kubeshark
app.kubernetes.io/version: "53.2.5"
app.kubernetes.io/version: "53.3.0"
app.kubernetes.io/managed-by: Helm
data:
POD_REGEX: '.*'
@@ -272,8 +272,9 @@ data:
AUTH_ENABLED: 'true'
AUTH_TYPE: 'default'
AUTH_SAML_IDP_METADATA_URL: ''
AUTH_SAML_ROLE_ATTRIBUTE: 'role'
AUTH_SAML_ROLES: '{"admin":{"canControlDissection":true,"canDownloadPCAP":true,"canStopTrafficCapturing":true,"canUpdateTargetedPods":true,"canUseScripting":true,"filter":"","scriptingPermissions":{"canActivate":true,"canDelete":true,"canSave":true},"showAdminConsoleLink":true}}'
AUTH_ROLES: '{"admin":{"canControlDissection":true,"canDownloadPCAP":true,"canStopTrafficCapturing":true,"canUpdateTargetedPods":true,"canUseScripting":true,"filter":"","scriptingPermissions":{"canActivate":true,"canDelete":true,"canSave":true},"showAdminConsoleLink":true}}'
AUTH_ROLES_CLAIM: 'role'
AUTH_DEFAULT_ROLE: ''
AUTH_OIDC_ISSUER: 'not set'
AUTH_OIDC_REFRESH_TOKEN_LIFETIME: '3960h'
AUTH_OIDC_STATE_PARAM_EXPIRY: '10m'
@@ -293,7 +294,7 @@ data:
TIMEZONE: ' '
CLOUD_LICENSE_ENABLED: 'true'
DUPLICATE_TIMEFRAME: '200ms'
ENABLED_DISSECTORS: 'amqp,dns,http,icmp,kafka,mongodb,mysql,postgresql,redis,ws,ldap,radius,diameter,udp-flow,tcp-flow,udp-conn,tcp-conn'
ENABLED_DISSECTORS: 'amqp,dns,http,icmp,kafka,mongodb,mysql,postgresql,redis,ws,tlsx,ldap,radius,diameter,udp-flow,tcp-flow,udp-conn,tcp-conn'
CUSTOM_MACROS: '{"https":"tls and (http or http2)"}'
DISSECTORS_UPDATING_ENABLED: 'true'
SNAPSHOTS_UPDATING_ENABLED: 'true'
@@ -312,10 +313,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
helm.sh/chart: kubeshark-53.2.5
helm.sh/chart: kubeshark-53.3.0
app.kubernetes.io/name: kubeshark
app.kubernetes.io/instance: kubeshark
app.kubernetes.io/version: "53.2.5"
app.kubernetes.io/version: "53.3.0"
app.kubernetes.io/managed-by: Helm
name: kubeshark-cluster-role-default
namespace: default
@@ -353,16 +354,22 @@ rules:
- create
- update
- delete
- apiGroups:
- authentication.k8s.io
resources:
- tokenreviews
verbs:
- create
---
# Source: kubeshark/templates/03-cluster-role-binding.yaml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
labels:
helm.sh/chart: kubeshark-53.2.5
helm.sh/chart: kubeshark-53.3.0
app.kubernetes.io/name: kubeshark
app.kubernetes.io/instance: kubeshark
app.kubernetes.io/version: "53.2.5"
app.kubernetes.io/version: "53.3.0"
app.kubernetes.io/managed-by: Helm
name: kubeshark-cluster-role-binding-default
namespace: default
@@ -380,10 +387,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
labels:
helm.sh/chart: kubeshark-53.2.5
helm.sh/chart: kubeshark-53.3.0
app.kubernetes.io/name: kubeshark
app.kubernetes.io/instance: kubeshark
app.kubernetes.io/version: "53.2.5"
app.kubernetes.io/version: "53.3.0"
app.kubernetes.io/managed-by: Helm
annotations:
name: kubeshark-self-config-role
@@ -439,10 +446,10 @@ apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
labels:
helm.sh/chart: kubeshark-53.2.5
helm.sh/chart: kubeshark-53.3.0
app.kubernetes.io/name: kubeshark
app.kubernetes.io/instance: kubeshark
app.kubernetes.io/version: "53.2.5"
app.kubernetes.io/version: "53.3.0"
app.kubernetes.io/managed-by: Helm
annotations:
name: kubeshark-self-config-role-binding
@@ -462,10 +469,10 @@ kind: Service
metadata:
labels:
app.kubeshark.com/app: hub
helm.sh/chart: kubeshark-53.2.5
helm.sh/chart: kubeshark-53.3.0
app.kubernetes.io/name: kubeshark
app.kubernetes.io/instance: kubeshark
app.kubernetes.io/version: "53.2.5"
app.kubernetes.io/version: "53.3.0"
app.kubernetes.io/managed-by: Helm
name: kubeshark-hub
namespace: default
@@ -483,10 +490,10 @@ apiVersion: v1
kind: Service
metadata:
labels:
helm.sh/chart: kubeshark-53.2.5
helm.sh/chart: kubeshark-53.3.0
app.kubernetes.io/name: kubeshark
app.kubernetes.io/instance: kubeshark
app.kubernetes.io/version: "53.2.5"
app.kubernetes.io/version: "53.3.0"
app.kubernetes.io/managed-by: Helm
name: kubeshark-front
namespace: default
@@ -504,10 +511,10 @@ kind: Service
apiVersion: v1
metadata:
labels:
helm.sh/chart: kubeshark-53.2.5
helm.sh/chart: kubeshark-53.3.0
app.kubernetes.io/name: kubeshark
app.kubernetes.io/instance: kubeshark
app.kubernetes.io/version: "53.2.5"
app.kubernetes.io/version: "53.3.0"
app.kubernetes.io/managed-by: Helm
annotations:
prometheus.io/scrape: 'true'
@@ -517,10 +524,10 @@ metadata:
spec:
selector:
app.kubeshark.com/app: worker
helm.sh/chart: kubeshark-53.2.5
helm.sh/chart: kubeshark-53.3.0
app.kubernetes.io/name: kubeshark
app.kubernetes.io/instance: kubeshark
app.kubernetes.io/version: "53.2.5"
app.kubernetes.io/version: "53.3.0"
app.kubernetes.io/managed-by: Helm
ports:
- name: metrics
@@ -533,10 +540,10 @@ kind: Service
apiVersion: v1
metadata:
labels:
helm.sh/chart: kubeshark-53.2.5
helm.sh/chart: kubeshark-53.3.0
app.kubernetes.io/name: kubeshark
app.kubernetes.io/instance: kubeshark
app.kubernetes.io/version: "53.2.5"
app.kubernetes.io/version: "53.3.0"
app.kubernetes.io/managed-by: Helm
annotations:
prometheus.io/scrape: 'true'
@@ -546,10 +553,10 @@ metadata:
spec:
selector:
app.kubeshark.com/app: hub
helm.sh/chart: kubeshark-53.2.5
helm.sh/chart: kubeshark-53.3.0
app.kubernetes.io/name: kubeshark
app.kubernetes.io/instance: kubeshark
app.kubernetes.io/version: "53.2.5"
app.kubernetes.io/version: "53.3.0"
app.kubernetes.io/managed-by: Helm
ports:
- name: metrics
@@ -564,10 +571,10 @@ metadata:
labels:
app.kubeshark.com/app: worker
sidecar.istio.io/inject: "false"
helm.sh/chart: kubeshark-53.2.5
helm.sh/chart: kubeshark-53.3.0
app.kubernetes.io/name: kubeshark
app.kubernetes.io/instance: kubeshark
app.kubernetes.io/version: "53.2.5"
app.kubernetes.io/version: "53.3.0"
app.kubernetes.io/managed-by: Helm
name: kubeshark-worker-daemon-set
namespace: default
@@ -581,10 +588,11 @@ spec:
metadata:
labels:
app.kubeshark.com/app: worker
helm.sh/chart: kubeshark-53.2.5
kubeshark.io/internal-auth: "true"
helm.sh/chart: kubeshark-53.3.0
app.kubernetes.io/name: kubeshark
app.kubernetes.io/instance: kubeshark
app.kubernetes.io/version: "53.2.5"
app.kubernetes.io/version: "53.3.0"
app.kubernetes.io/managed-by: Helm
name: kubeshark-worker-daemon-set
namespace: kubeshark
@@ -594,7 +602,7 @@ spec:
- /bin/sh
- -c
- mkdir -p /sys/fs/bpf && mount | grep -q '/sys/fs/bpf' || mount -t bpf bpf /sys/fs/bpf
image: 'docker.io/kubeshark/worker:v53.2'
image: 'docker.io/kubeshark/worker:v53.3'
imagePullPolicy: Always
name: mount-bpf
securityContext:
@@ -633,7 +641,7 @@ spec:
- '500Mi'
- -cloud-api-url
- 'https://api.kubeshark.com'
image: 'docker.io/kubeshark/worker:v53.2'
image: 'docker.io/kubeshark/worker:v53.3'
imagePullPolicy: Always
name: sniffer
ports:
@@ -709,7 +717,7 @@ spec:
- -disable-tls-log
- -loglevel
- 'warning'
image: 'docker.io/kubeshark/worker:v53.2'
image: 'docker.io/kubeshark/worker:v53.3'
imagePullPolicy: Always
name: tracer
env:
@@ -805,10 +813,10 @@ kind: Deployment
metadata:
labels:
app.kubeshark.com/app: hub
helm.sh/chart: kubeshark-53.2.5
helm.sh/chart: kubeshark-53.3.0
app.kubernetes.io/name: kubeshark
app.kubernetes.io/instance: kubeshark
app.kubernetes.io/version: "53.2.5"
app.kubernetes.io/version: "53.3.0"
app.kubernetes.io/managed-by: Helm
name: kubeshark-hub
namespace: default
@@ -823,10 +831,10 @@ spec:
metadata:
labels:
app.kubeshark.com/app: hub
helm.sh/chart: kubeshark-53.2.5
helm.sh/chart: kubeshark-53.3.0
app.kubernetes.io/name: kubeshark
app.kubernetes.io/instance: kubeshark
app.kubernetes.io/version: "53.2.5"
app.kubernetes.io/version: "53.3.0"
app.kubernetes.io/managed-by: Helm
spec:
dnsPolicy: ClusterFirstWithHostNet
@@ -844,7 +852,7 @@ spec:
- -snapshot-size-limit
- '20Gi'
- -dissector-image
- 'docker.io/kubeshark/worker:v53.2'
- 'docker.io/kubeshark/worker:v53.3'
- -dissector-cpu
- '1'
- -dissector-memory
@@ -868,7 +876,7 @@ spec:
value: 'production'
- name: PROFILING_ENABLED
value: 'false'
image: 'docker.io/kubeshark/hub:v53.2'
image: 'docker.io/kubeshark/hub:v53.3'
imagePullPolicy: Always
readinessProbe:
periodSeconds: 5
@@ -936,10 +944,10 @@ kind: Deployment
metadata:
labels:
app.kubeshark.com/app: front
helm.sh/chart: kubeshark-53.2.5
helm.sh/chart: kubeshark-53.3.0
app.kubernetes.io/name: kubeshark
app.kubernetes.io/instance: kubeshark
app.kubernetes.io/version: "53.2.5"
app.kubernetes.io/version: "53.3.0"
app.kubernetes.io/managed-by: Helm
name: kubeshark-front
namespace: default
@@ -954,10 +962,10 @@ spec:
metadata:
labels:
app.kubeshark.com/app: front
helm.sh/chart: kubeshark-53.2.5
helm.sh/chart: kubeshark-53.3.0
app.kubernetes.io/name: kubeshark
app.kubernetes.io/instance: kubeshark
app.kubernetes.io/version: "53.2.5"
app.kubernetes.io/version: "53.3.0"
app.kubernetes.io/managed-by: Helm
spec:
containers:
@@ -1012,7 +1020,7 @@ spec:
value: 'false'
- name: REACT_APP_SENTRY_ENVIRONMENT
value: 'production'
image: 'docker.io/kubeshark/front:v53.2'
image: 'docker.io/kubeshark/front:v53.3'
imagePullPolicy: Always
name: kubeshark-front
livenessProbe: