github/kubeshark
1
0
Fork 0
mirror of https://github.com/kubeshark/kubeshark.git synced 2026-05-06 01:07:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,144 Commits 12 Branches 965 Tags
bd10e035ff46bb8a33279cd6bb4d76ccfa10b7dc
Commit Graph

279 Commits

Author SHA1 Message Date
Volodymyr Stoiko
25832ce596 Make host-network in worker daemonset configurable (#1803) 
Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2025-11-24 16:43:48 -08:00
Serhii Ponomarenko
38a13d19e1 Revert "🔨 Add -save-objects-pcaps worker command flag (#1794)" (#1802) 
This reverts commit dcb84e0520.
 2025-11-20 08:41:32 -08:00
Volodymyr Stoiko
a7b9e09f2b Add volume for snapshots in hub (#1801) 
* Add hub snapshots volume

* Add snapshot limit into env

* fix
 2025-11-17 10:45:41 -08:00
Serhii Ponomarenko
dcb84e0520 🔨 Add -save-objects-pcaps worker command flag (#1794) 
Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2025-11-07 08:14:54 -08:00
Volodymyr Stoiko
fabf30c039 Add note about setting license in helm notes (#1791) 2025-09-30 16:09:05 -07:00
Volodymyr Stoiko
e55b62491a Add raw capture config parameters (#1789) 
* Add raw capture config parameters

* upd

* upd
 2025-09-30 08:26:42 -07:00
Volodymyr Stoiko
f5167cbb2a Pass db storage size and ration to calculate for badger db (#1788) 
* Pass db storage size and ration to calculate for badger db

* Use badger max db size option
 2025-09-25 08:17:21 -07:00
Serhii Ponomarenko
349d8b07df 🔨 Add tap.dashboard.streamingType helm value (#1783) 
* 🔨 Add `tap.dashboard.streamingType` helm value

* 🔨 Add `streamingType` to tap config

* 🔨 Adjust `REACT_APP_STREAMING_TYPE` front env value

* 🔨 Use default empty string for `streamingType` value
 2025-09-02 10:43:38 -07:00
Serhii Ponomarenko
88f43b94d9 🔨 Add tap.ingress.path helm value (#1782) 
Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2025-08-26 13:01:55 -07:00
Volodymyr Stoiko
cf867fe701 Do not create hostroot volume if no tracer deployed (#1780) 
Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2025-08-26 13:01:13 -07:00
Volodymyr Stoiko
635fcabecd Treat 0 value as 0s for dorman timeout (#1781) 2025-08-26 13:00:01 -07:00
Volodymyr Stoiko
56b936b8b8 Add stopAfter option to disable capture when inactive (#1778) 
* Add stopAfter option to disable capture when inactive

* Use 5m dorman

* Add capture stop after flag in hub
 2025-08-12 11:23:16 -07:00
Volodymyr Stoiko
eee3030410 Add priority class configuration for Kubeshark components (#1775) 
* Add priority class into templates

* upd readme

* upd

---------

Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2025-07-28 12:18:45 -07:00
Serhii Ponomarenko
d845bb18a3 🔨 Add api2BetaEnabled helm value (#1770) 
* 🔨 Add `api2BetaEnabled` helm value

* 🔨 Change `api2BetaEnabled` to `betaEnabled`

---------

Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2025-07-28 12:17:08 -07:00
cloudclaim
efe6b0e7b7 chore: fix some minor issues in the comments (#1767) 
Signed-off-by: cloudclaim <824973921@qq.com>
 2025-07-28 12:10:50 -07:00
Volodymyr Stoiko
bedecdb080 Fix bugs in helm chart (#1765) 2025-06-18 08:45:17 -07:00
Volodymyr Stoiko
8c9473626e Use chart minor version for dockertag (#1762) 
* Revert "Set tap.docker.tag to minor version of release (#1761)"

This reverts commit 6d2b0676f6.

* Fix condition for default image tag
 2025-06-04 14:24:23 -07:00
Ilya Gavrilov
f9dd99af1b eBPF capture didn't work in case of persistent storage (#1757) 
* cleanup data directory in init container

* cleanup data directory in init container

---------

Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2025-05-29 18:27:17 -07:00
Volodymyr Stoiko
ed0fb34888 Add secret names to inject env variables from (#1756) 
* Add secrets for inject into hub deployment

* Update notes

* upd

---------

Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2025-05-29 18:24:46 -07:00
Volodymyr Stoiko
7618795fdf Add optional gitops mode (#1748) 2025-04-16 10:18:53 -07:00
Volodymyr Stoiko
4ca9bc8fc0 Run cleanup program instead of kubectl (#1745) 2025-04-16 09:07:31 -07:00
Volodymyr Stoiko
2bee926b4b Add kubeshark cm and secret -default suffix (#1704) 
* Add kubeshark cm and secret -default suffix

* Add cleanup job

* Add cleanup job

* update cleanup

---------

Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2025-04-08 13:24:34 -07:00
Alon Girmonsky
ac5bf9b276 Make changes in default values (#1735) 
* Disable Intercom support by default.
Support can be enabled using a helm flag.

* updated the license notification
as a result of a successful helm installation.

* GenAI assistant enabled by default
 2025-04-07 08:47:37 -07:00
Volodymyr Stoiko
59026d4ad4 Add pvc volumeMode (#1739) 
Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2025-04-07 08:25:27 -07:00
Serhii Ponomarenko
a6eabbbdee 🔨 Add tap.auth.dexOidc.bypassSslCaCheck flag (#1737) 
* 🔨 Add `tap.auth.dexOidc.bypassSslCaCheck` flag

* 📝 Update docs for Dex SSL CA bypass

* 🔨 Bring back deleted Dex node-selector-terms
 2025-04-04 10:07:02 -07:00
Volodymyr Stoiko
a914733078 Allow reading logs (#1734) 
Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2025-04-01 13:29:04 -07:00
Serhii Ponomarenko
59ef0f8f80 🔨 Add tap.dashboard.completeStreamingEnabled flag (#1733) 2025-04-01 13:08:46 -07:00
Serhii Ponomarenko
453d27af43 🔨 Create tap.routing.front.basePath flag (#1726) 
* 🔨 Add `tap.routing.front.basePath` helm value

* 🔨 Use `tap.routing.front.basePath` to adjust nginx blocks

* 🔨 Set `front` base path to empty string

* 📝 Update `front` base path docs

* 📝 Add `front` base path example

* 📝 Add base-path to Kubeshark URL in instructions

---------

Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2025-03-24 14:23:41 -07:00
Serhii Ponomarenko
f85c7dfb4b OIDC support (Dex IdP) (#1722) 
* 🔧 Create dex config-map

* 🔧 Create dex deployment

* 🔧 Create dex service

* 🔧 Create dex network policy

* 🔧 Create dex network policy

* 🔧 Add dex node selector terms

* 🔧 Add a kubeshark-hub static client to dex config

* 🐛 Use correct redirect URI for `kubeshark-hub` client

* 🎨 Remove unused/commented dex config options

* 🔨 Create a helper template to pick Kubeshark client secret

* 🔧 Adjust front deployment env to allow `dex` auth type

* 🔧 Adjust configmap to allow `dex` auth type

* 🔧 Create k8s secret to store dex yaml config

* 🔧 Mount dex-yaml-conf secret into `dex-config.yaml`

* 🔥 Remove sample env var

* 🔧 Create k8s config keys for Dex expiry settings

* 🔧 Create k8s secret key for Dex client secret

* 🔧 Deploy Dex resources if Dex auth is enabled

* 🔧 Move `oauth2StateParamExpiry` under `customSettings`

* 📝 Add basic helm-values docs to set up Dex auth

*  Separate Dex OIDC app settings from configuration

* 📝 Update Dex documentation

* 📝 Update Dex IdP documentation

* 🦺 Add fallback value for OIDC issuer config

* 🦺 Add fallback values for OIDC client ID/secret

* 📝 Update Dex IdP documentation

* 📝 Update Dex IdP documentation

* 📝 Add reference to OIDC docs at `docs.kubeshark.co`

---------

Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2025-03-24 14:05:38 -07:00
Volodymyr Stoiko
0386e57906 Add watchdog option (#1723) 
* add watchdog

* Enable watchdog on sniffer
 2025-03-24 11:02:57 -07:00
Volodymyr Stoiko
e47a665d68 Update structs and docs (#1710) 
Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2025-02-21 09:07:17 -08:00
Serhii Ponomarenko
f656acea64 🔧 Add aiAssistantEnabled helm value (#1717) 
* 🔧 Add `aiAssistantEnabled` helm value

* 🐛 Add quotes to `AI_ASSISTANT_ENABLED` config val

---------

Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2025-02-21 08:53:27 -08:00
Serhii Ponomarenko
000fb91461 🔧 Enable BPF-override on tap.packetCapture: af_packet (#1712) 
Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2025-02-20 17:34:54 -08:00
Serhii Ponomarenko
631e5f2d24 🔨 Add demoModeEnabled helm value (#1714) 
* 🔨 Add `demoModeEnabled` helm value

* 🐛 Fix `demoModeEnabled` ternary expressions

* 🦺 Check `demoModeEnabled` existence
 2025-02-20 17:25:58 -08:00
Volodymyr Stoiko
3d4606d439 Worker component security context refactoring (#1707) 
* Add new security context config

* Fine-grained template for securityContext

---------

Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2025-02-03 13:38:41 -08:00
Ilya Gavrilov
46ca7e3ad7 Remove init container; remove -disable-ebpf option (#1706) 
* Remove init container; remove -disable-ebpf option

* Remove init container; remove -disable-ebpf option
 2025-02-03 08:58:32 -08:00
Volodymyr Stoiko
ce7913ce2e Fix pull secret aligning (#1703) 
* Fix pull secret aligning

* align
 2025-01-29 08:34:43 -08:00
M. Mert Yildiran
f2e60cdee1 Add PortMapping to TapConfig for port number based dissector prioritization (#1700) 2025-01-25 12:10:53 -08:00
Alon Girmonsky
818a9e2bec Moving to eBPF as a default packet capture method. 
Making default packet capture method eBPF, defaulting to AF_PACKET in case eBPF is not available
 2025-01-24 14:24:02 -08:00
Volodymyr Stoiko
ad10212ba5 Add dns config (#1698) 
* Add dnsconfig

* Update templates

* Add dns configuration values

* readme
 2025-01-24 09:14:08 -08:00
Volodymyr Stoiko
ef17eb9fbe Make node selector component specific (#1694) 
* Make node selector component specific

* Update templates

---------

Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2025-01-22 12:50:17 -08:00
Alon Girmonsky
aa7c8f36f5 added -disable-tracer option (#1695) 
to the worker daemon set, when `tap.tls=false` is set.
 2025-01-22 12:32:05 -08:00
bogdanvbalan
c92f509863 #528 Remove pcap src from configMap (#1693) 
* Remove pcap src from configMap

* change folder name

keep it simple and short

---------

Co-authored-by: bogdan.balan1 <bogdanvalentin.balan@1nce.com>
Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2025-01-22 10:10:44 -08:00
Serhii Ponomarenko
0d5bbd53aa 🔧 Add helm variable to disable live config-map user actions (#1689) 
* 🔧 Add helm variable to disable live config-map user actions

* 🐛 Fix ternary for `PRESET_FILTERS_CHANGING_ENABLED` config

---------

Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2025-01-18 13:15:46 +02:00
Volodymyr Stoiko
f9c66df528 Update worker liveness/readiness config (#1684) 
* Increase worker init delay to 30s

* Update values

* fix

* Make probe values configurable

* upd

---------

Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2025-01-08 13:09:51 -08:00
Alon Girmonsky
46ad335446 updated the notes (#1681) 2025-01-06 18:42:17 -08:00
M. Mert Yildiran
639f1deb51 Add CUSTOM_MACROS to ConfigMap (#1674) 
Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>
 2024-12-25 16:45:03 -08:00
Alon Girmonsky
b377bfe35f Revert "Revert "Initialize kubeshark pinned eBPF resources inside init container (#1665)" (#1676)" (#1678) 
This reverts commit 12f8883052.
 2024-12-25 16:21:08 -08:00
M. Mert Yildiran
12f8883052 Revert "Initialize kubeshark pinned eBPF resources inside init container (#1665)" (#1676) 
This reverts commit 29de008f22.
 2024-12-25 11:21:51 -08:00
Alon Girmonsky
7eef5efcd9 Added security capabilities, especially IPC_LOCK (#1671) 
to Sniffer in case eBPF traffic capture mechanism is used.
 2024-12-23 16:49:54 -08:00