🔖 Bump the Helm chart version to 52.2.1

⏪ Revert srvPort to 30001
⏪ Bring back the packet-capture flag
2026-02-19 20:40:17 +00:00 · 2024-03-28 03:55:03 +03:00 · 2024-03-28 03:54:06 +03:00 · 2024-03-28 01:42:16 +03:00 · 2024-03-27 12:24:35 -07:00 · 2024-03-27 21:50:27 +03:00
17 changed files with 276 additions and 130 deletions
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -14,6 +14,8 @@ jobs:
  release:
    name: Build and publish a new release
    runs-on: ubuntu-latest
+    outputs:
+      version: ${{ steps.version.outputs.tag }}
    steps:
      - name: Check out the repo
        uses: actions/checkout@v3
@@ -50,40 +52,16 @@ jobs:
          prerelease: false
          bodyFile: 'bin/README.md'

-      - name: Checkout
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-          repository: kubeshark/homebrew-kubeshark
-          token: ${{ secrets.HOMEBREW_TOKEN }}
-          path: homebrew-kubeshark
-
+  brew:
+    name: Publish a new Homebrew formulae
+    needs: [release]
+    runs-on: ubuntu-latest
+    steps:
      - name: Bump core homebrew formula
        uses: mislav/bump-homebrew-formula-action@v3
        with:
          # A PR will be sent to github.com/Homebrew/homebrew-core to update this formula:
          formula-name: kubeshark
+          push-to: kubeshark/homebrew-core
        env:
          COMMITTER_TOKEN: ${{ secrets.COMMITTER_TOKEN }}
-
-      - name: Generate Homebrew formulae
-        shell: bash
-        run: |
-          export FULL_VERSION=${{ steps.version.outputs.tag }}
-          export CLEAN_VERSION=$(echo $FULL_VERSION | sed 's/^v//')
-          export DARWIN_AMD64_SHA256=$(shasum -a 256 bin/kubeshark_darwin_amd64 | awk '{print $1}')
-          export DARWIN_ARM64_SHA256=$(shasum -a 256 bin/kubeshark_darwin_arm64 | awk '{print $1}')
-          export LINUX_AMD64_SHA256=$(shasum -a 256 bin/kubeshark_linux_amd64 | awk '{print $1}')
-          export LINUX_ARM64_SHA256=$(shasum -a 256 bin/kubeshark_linux_arm64 | awk '{print $1}')
-          envsubst < .github/static/kubeshark.rb.tmpl > homebrew-kubeshark/kubeshark.rb
-
-          cat homebrew-kubeshark/kubeshark.rb
-
-      - name: Commit and push Homebrew formulae
-        working-directory: homebrew-kubeshark
-        run: |
-          git config --global user.email "bot@kubeshark.io"
-          git config --global user.name "Kubeshark Bot"
-          git add kubeshark.rb
-          git commit -m "Release ${{ steps.version.outputs.tag }}"
-          git push
--- a/9
+++ b/9
@@ -49,6 +49,12 @@ build-brew: ## Build binary for brew/core CI
 					-X 'github.com/kubeshark/kubeshark/misc.Ver=$(VER)'" \
 					-o kubeshark kubeshark.go

+build-windows-amd64:
+	$(MAKE) build GOOS=windows GOARCH=amd64 && \
+	mv ./bin/kubeshark_windows_amd64 ./bin/kubeshark.exe && \
+	rm bin/kubeshark_windows_amd64.sha256 && \
+	cd bin && shasum -a 256 kubeshark.exe > kubeshark.exe.sha256
+
 build-all: ## Build for all supported platforms.
 	export CGO_ENABLED=0
 	echo "Compiling for every OS and Platform" && \
@@ -57,8 +63,7 @@ build-all: ## Build for all supported platforms.
 	$(MAKE) build GOOS=linux GOARCH=arm64 && \
 	$(MAKE) build GOOS=darwin GOARCH=amd64 && \
 	$(MAKE) build GOOS=darwin GOARCH=arm64 && \
-	$(MAKE) build GOOS=windows GOARCH=amd64 && \
-	mv ./bin/kubeshark_windows_amd64 ./bin/kubeshark.exe && \
+	$(MAKE) build-windows-amd64 && \
 	echo "---------" && \
 	find ./bin -ls

--- a/RELEASE.md.TEMPLATE
+++ b/RELEASE.md.TEMPLATE
@@ -1,5 +1,5 @@
 # Kubeshark release _VER_
-Kubeshark CHANGELOG is now part of [Kubeshark wiki](https://github.com/kubeshark/kubeshark/wiki/CHANGELOG)
+Release notes coming soon ..

 ## Download Kubeshark for your platform

--- a/config/configStruct.go
+++ b/config/configStruct.go
@@ -96,6 +96,7 @@ type ConfigStruct struct {
 	License      string                        `yaml:"license" json:"license" default:""`
 	Scripting    configStructs.ScriptingConfig `yaml:"scripting" json:"scripting"`
 	Manifests    ManifestsConfig               `yaml:"manifests,omitempty" json:"manifests,omitempty"`
+	Timezone     string                        `yaml:"timezone" json:"timezone"`
 }

 func (config *ConfigStruct) ImagePullPolicy() v1.PullPolicy {
--- a/config/configStructs/tapConfig.go
+++ b/config/configStructs/tapConfig.go
@@ -147,38 +147,42 @@ type MiscConfig struct {
 }

 type TapConfig struct {
-	Docker                    DockerConfig          `yaml:"docker" json:"docker"`
-	Proxy                     ProxyConfig           `yaml:"proxy" json:"proxy"`
-	PodRegexStr               string                `yaml:"regex" json:"regex" default:".*"`
-	Namespaces                []string              `yaml:"namespaces" json:"namespaces" default:"[]"`
-	Release                   ReleaseConfig         `yaml:"release" json:"release"`
-	PersistentStorage         bool                  `yaml:"persistentStorage" json:"persistentStorage" default:"false"`
-	PersistentStorageStatic   bool                  `yaml:"persistentStorageStatic" json:"persistentStorageStatic" default:"false"`
-	EfsFileSytemIdAndPath     string                `yaml:"efsFileSytemIdAndPath" json:"efsFileSytemIdAndPath" default:""`
-	StorageLimit              string                `yaml:"storageLimit" json:"storageLimit" default:"500Mi"`
-	StorageClass              string                `yaml:"storageClass" json:"storageClass" default:"standard"`
-	DryRun                    bool                  `yaml:"dryRun" json:"dryRun" default:"false"`
-	Resources                 ResourcesConfig       `yaml:"resources" json:"resources"`
-	ServiceMesh               bool                  `yaml:"serviceMesh" json:"serviceMesh" default:"true"`
-	Tls                       bool                  `yaml:"tls" json:"tls" default:"true"`
-	IgnoreTainted             bool                  `yaml:"ignoreTainted" json:"ignoreTainted" default:"false"`
-	Labels                    map[string]string     `yaml:"labels" json:"labels" default:"{}"`
-	Annotations               map[string]string     `yaml:"annotations" json:"annotations" default:"{}"`
-	NodeSelectorTerms         []v1.NodeSelectorTerm `yaml:"nodeSelectorTerms" json:"nodeSelectorTerms" default:"[]"`
-	Auth                      AuthConfig            `yaml:"auth" json:"auth"`
-	Ingress                   IngressConfig         `yaml:"ingress" json:"ingress"`
-	IPv6                      bool                  `yaml:"ipv6" json:"ipv6" default:"true"`
-	Debug                     bool                  `yaml:"debug" json:"debug" default:"false"`
-	KernelModule              KernelModuleConfig    `yaml:"kernelModule" json:"kernelModule"`
-	Telemetry                 TelemetryConfig       `yaml:"telemetry" json:"telemetry"`
-	DefaultFilter             string                `yaml:"defaultFilter" json:"defaultFilter"`
-	ReplayDisabled            bool                  `yaml:"replayDisabled" json:"replayDisabled" default:"false"`
-	Capabilities              CapabilitiesConfig    `yaml:"capabilities" json:"capabilities"`
-	GlobalFilter              string                `yaml:"globalFilter" json:"globalFilter"`
-	Metrics                   MetricsConfig         `yaml:"metrics" json:"metrics"`
-	TrafficSampleRate         int                   `yaml:"trafficSampleRate" json:"trafficSampleRate" default:"100"`
-	TcpStreamChannelTimeoutMs int                   `yaml:"tcpStreamChannelTimeoutMs" json:"tcpStreamChannelTimeoutMs" default:"10000"`
-	Misc                      MiscConfig            `yaml:"misc" json:"misc"`
+	Docker                     DockerConfig          `yaml:"docker" json:"docker"`
+	Proxy                      ProxyConfig           `yaml:"proxy" json:"proxy"`
+	PodRegexStr                string                `yaml:"regex" json:"regex" default:".*"`
+	Namespaces                 []string              `yaml:"namespaces" json:"namespaces" default:"[]"`
+	Release                    ReleaseConfig         `yaml:"release" json:"release"`
+	PersistentStorage          bool                  `yaml:"persistentStorage" json:"persistentStorage" default:"false"`
+	PersistentStorageStatic    bool                  `yaml:"persistentStorageStatic" json:"persistentStorageStatic" default:"false"`
+	EfsFileSytemIdAndPath      string                `yaml:"efsFileSytemIdAndPath" json:"efsFileSytemIdAndPath" default:""`
+	StorageLimit               string                `yaml:"storageLimit" json:"storageLimit" default:"500Mi"`
+	StorageClass               string                `yaml:"storageClass" json:"storageClass" default:"standard"`
+	DryRun                     bool                  `yaml:"dryRun" json:"dryRun" default:"false"`
+	Resources                  ResourcesConfig       `yaml:"resources" json:"resources"`
+	ServiceMesh                bool                  `yaml:"serviceMesh" json:"serviceMesh" default:"true"`
+	Tls                        bool                  `yaml:"tls" json:"tls" default:"true"`
+	PacketCapture              string                `yaml:"packetCapture" json:"packetCapture" default:"best"`
+	IgnoreTainted              bool                  `yaml:"ignoreTainted" json:"ignoreTainted" default:"false"`
+	Labels                     map[string]string     `yaml:"labels" json:"labels" default:"{}"`
+	Annotations                map[string]string     `yaml:"annotations" json:"annotations" default:"{}"`
+	NodeSelectorTerms          []v1.NodeSelectorTerm `yaml:"nodeSelectorTerms" json:"nodeSelectorTerms" default:"[]"`
+	Auth                       AuthConfig            `yaml:"auth" json:"auth"`
+	Ingress                    IngressConfig         `yaml:"ingress" json:"ingress"`
+	IPv6                       bool                  `yaml:"ipv6" json:"ipv6" default:"true"`
+	Debug                      bool                  `yaml:"debug" json:"debug" default:"false"`
+	KernelModule               KernelModuleConfig    `yaml:"kernelModule" json:"kernelModule"`
+	Telemetry                  TelemetryConfig       `yaml:"telemetry" json:"telemetry"`
+	DefaultFilter              string                `yaml:"defaultFilter" json:"defaultFilter"`
+	ReplayDisabled             bool                  `yaml:"replayDisabled" json:"replayDisabled" default:"false"`
+	ScriptingDisabled          bool                  `yaml:"scriptingDisabled" json:"scriptingDisabled" default:"false"`
+	TargetedPodsUpdateDisabled bool                  `yaml:"targetedPodsUpdateDisabled" json:"targetedPodsUpdateDisabled" default:"false"`
+	RecordingDisabled          bool                  `yaml:"recordingDisabled" json:"recordingDisabled" default:"false"`
+	Capabilities               CapabilitiesConfig    `yaml:"capabilities" json:"capabilities"`
+	GlobalFilter               string                `yaml:"globalFilter" json:"globalFilter"`
+	Metrics                    MetricsConfig         `yaml:"metrics" json:"metrics"`
+	TrafficSampleRate          int                   `yaml:"trafficSampleRate" json:"trafficSampleRate" default:"100"`
+	TcpStreamChannelTimeoutMs  int                   `yaml:"tcpStreamChannelTimeoutMs" json:"tcpStreamChannelTimeoutMs" default:"10000"`
+	Misc                       MiscConfig            `yaml:"misc" json:"misc"`
 }

 func (config *TapConfig) PodRegex() *regexp.Regexp {
--- a/helm-chart/Chart.yaml
+++ b/helm-chart/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v2
 name: kubeshark
-version: "52.1.66"
+version: "52.2.1"
 description: The API Traffic Analyzer for Kubernetes
 home: https://kubeshark.co
 keywords:
--- a/helm-chart/README.md
+++ b/helm-chart/README.md
@@ -173,6 +173,7 @@ Please refer to [metrics](./metrics.md) documentation for details.
 | `scripting.source`                        | Source directory of the scripts                | `""`                                                    |
 | `scripting.watchScripts`                  | Enable watch mode for the scripts in source directory          | `true`                                                  |
 | `tap.metrics.port`                  | Pod port used to expose Prometheus metrics          | `49100`                                                  |
+| `timezone`                                | IANA time zone applied to time shown in the front-end | `""` (local time zone applies) |

 KernelMapping pairs kernel versions with a
                            DriverContainer image. Kernel versions can be matched
--- a/helm-chart/templates/04-hub-deployment.yaml
+++ b/helm-chart/templates/04-hub-deployment.yaml
@@ -29,6 +29,8 @@ spec:
        - name: kubeshark-hub
          command:
            - ./hub
+            - -port
+            - "8080"
          {{- if .Values.tap.debug }}
            - -debug
          {{- end }}
@@ -51,14 +53,14 @@ spec:
            successThreshold: 1
            initialDelaySeconds: 3
            tcpSocket:
-              port: 80
+              port: 8080
          livenessProbe:
            periodSeconds: 1
            failureThreshold: 3
            successThreshold: 1
            initialDelaySeconds: 3
            tcpSocket:
-              port: 80
+              port: 8080
          resources:
            limits:
              cpu: {{ .Values.tap.resources.hub.limits.cpu }}
--- a/helm-chart/templates/05-hub-service.yaml
+++ b/helm-chart/templates/05-hub-service.yaml
@@ -15,7 +15,7 @@ spec:
  ports:
    - name: kubeshark-hub
      port: 80
-      targetPort: 80
+      targetPort: 8080
  selector:
    app.kubeshark.co/app: hub
  type: ClusterIP
--- a/helm-chart/templates/06-front-deployment.yaml
+++ b/helm-chart/templates/06-front-deployment.yaml
@@ -32,8 +32,16 @@ spec:
              value: '{{ not (eq .Values.tap.auth.type "") | ternary .Values.tap.auth.type " " }}'
            - name: REACT_APP_AUTH_SAML_IDP_METADATA_URL
              value: '{{ not (eq .Values.tap.auth.saml.idpMetadataUrl "") | ternary .Values.tap.auth.saml.idpMetadataUrl " " }}'
+            - name: REACT_APP_TIMEZONE
+              value: '{{ not (eq .Values.timezone "") | ternary .Values.timezone " " }}'
            - name: REACT_APP_REPLAY_DISABLED
              value: '{{ .Values.tap.replayDisabled }}'
+            - name: REACT_APP_SCRIPTING_DISABLED
+              value: '{{ .Values.tap.scriptingDisabled }}'
+            - name: REACT_APP_TARGETED_PODS_UPDATE_DISABLED
+              value: '{{ .Values.tap.targetedPodsUpdateDisabled }}'
+            - name: REACT_APP_RECORDING_DISABLED
+              value: '{{ .Values.tap.recordingDisabled }}'
          image: '{{ .Values.tap.docker.registry }}/front:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (printf "v%s" .Chart.Version) }}'
          imagePullPolicy: {{ .Values.tap.docker.imagePullPolicy }}
          name: kubeshark-front
@@ -43,14 +51,14 @@ spec:
            successThreshold: 1
            initialDelaySeconds: 3
            tcpSocket:
-              port: 80
+              port: 8080
          readinessProbe:
            periodSeconds: 1
            failureThreshold: 3
            successThreshold: 1
            initialDelaySeconds: 3
            tcpSocket:
-              port: 80
+              port: 8080
            timeoutSeconds: 1
          resources:
            limits:
--- a/helm-chart/templates/07-front-service.yaml
+++ b/helm-chart/templates/07-front-service.yaml
@@ -14,7 +14,7 @@ spec:
  ports:
    - name: kubeshark-front
      port: 80
-      targetPort: 80
+      targetPort: 8080
  selector:
    app.kubeshark.co/app: front
  type: ClusterIP
--- a/helm-chart/templates/09-worker-daemon-set.yaml
+++ b/helm-chart/templates/09-worker-daemon-set.yaml
@@ -51,6 +51,8 @@ spec:
            - '{{ .Values.tap.proxy.worker.srvPort }}'
            - -metrics-port
            - '{{ .Values.tap.metrics.port }}'
+            - -packet-capture
+            - '{{ .Values.tap.packetCapture }}'
            - -unixsocket
          {{- if .Values.tap.serviceMesh }}
            - -servicemesh
--- a/helm-chart/templates/11-nginx-config-map.yaml
+++ b/helm-chart/templates/11-nginx-config-map.yaml
@@ -9,9 +9,9 @@ metadata:
 data:
  default.conf: |
    server {
-      listen 80;
+      listen 8080;
 {{- if .Values.tap.ipv6 }}
-      listen [::]:80;
+      listen [::]:8080;
 {{- end }}
      access_log /dev/stdout;
      error_log /dev/stdout;
--- a/helm-chart/templates/12-config-map.yaml
+++ b/helm-chart/templates/12-config-map.yaml
@@ -20,8 +20,12 @@ data:
    AUTH_SAML_ROLES: '{{ .Values.tap.auth.saml.roles | toJson }}'
    TELEMETRY_DISABLED: '{{ not .Values.tap.telemetry.enabled | ternary "true" "" }}'
    REPLAY_DISABLED: '{{ .Values.tap.replayDisabled | ternary "true" "" }}'
+    SCRIPTING_DISABLED: '{{ .Values.tap.scriptingDisabled | ternary "true" "" }}'
+    TARGETED_PODS_UPDATE_DISABLED: '{{ .Values.tap.targetedPodsUpdateDisabled | ternary "true" "" }}'
+    RECORDING_DISABLED: '{{ .Values.tap.recordingDisabled | ternary "true" "" }}'
    GLOBAL_FILTER: {{ include "kubeshark.escapeDoubleQuotes" .Values.tap.globalFilter | quote }}
    TRAFFIC_SAMPLE_RATE: '{{ .Values.tap.trafficSampleRate }}'
    JSON_TTL: '{{ .Values.tap.misc.jsonTTL }}'
    PCAP_TTL: '{{ .Values.tap.misc.pcapTTL }}'
    PCAP_ERROR_TTL: '{{ .Values.tap.misc.pcapErrorTTL }}'
+    TIMEZONE: '{{ not (eq .Values.timezone "") | ternary .Values.timezone " " }}'
--- a/helm-chart/templates/16-network-policies.yaml
+++ b/helm-chart/templates/16-network-policies.yaml
@@ -0,0 +1,58 @@
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: kubeshark-hub-network-policy
+  namespace: {{ .Release.Namespace }}
+spec:
+  podSelector:
+    matchLabels:
+      app.kubeshark.co/app: hub
+  policyTypes:
+    - Ingress
+    - Egress
+  ingress:
+    - ports:
+        - protocol: TCP
+          port: 8080
+  egress:
+    - {}
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: kubeshark-front-network-policy
+  namespace: {{ .Release.Namespace }}
+spec:
+  podSelector:
+    matchLabels:
+      app.kubeshark.co/app: front
+  policyTypes:
+    - Ingress
+    - Egress
+  ingress:
+    - ports:
+        - protocol: TCP
+          port: 8080
+  egress:
+    - {}
+---
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: kubeshark-worker-network-policy
+  namespace: {{ .Release.Namespace }}
+spec:
+  podSelector:
+    matchLabels:
+      app.kubeshark.co/app: worker
+  policyTypes:
+    - Ingress
+    - Egress
+  ingress:
+    - ports:
+        - protocol: TCP
+          port: {{ .Values.tap.proxy.worker.srvPort }}
+        - protocol: TCP
+          port: {{ .Values.tap.metrics.port }}
+  egress:
+    - {}
--- a/helm-chart/values.yaml
+++ b/helm-chart/values.yaml
@@ -48,6 +48,7 @@ tap:
        memory: 50Mi
  serviceMesh: true
  tls: true
+  packetCapture: best
  ignoreTainted: false
  labels: {}
  annotations: {}
@@ -89,6 +90,9 @@ tap:
    enabled: true
  defaultFilter: ""
  replayDisabled: false
+  scriptingDisabled: false
+  targetedPodsUpdateDisabled: false
+  recordingDisabled: false
  capabilities:
    networkCapture:
    - NET_RAW
@@ -125,3 +129,4 @@ scripting:
  env: {}
  source: ""
  watchScripts: true
+timezone: ""
--- a/manifests/complete.yaml
+++ b/manifests/complete.yaml
@@ -1,13 +1,75 @@
 ---
+# Source: kubeshark/templates/16-network-policies.yaml
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: kubeshark-hub-network-policy
+  namespace: default
+spec:
+  podSelector:
+    matchLabels:
+      app.kubeshark.co/app: hub
+  policyTypes:
+    - Ingress
+    - Egress
+  ingress:
+    - ports:
+        - protocol: TCP
+          port: 8080
+  egress:
+    - {}
+---
+# Source: kubeshark/templates/16-network-policies.yaml
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: kubeshark-front-network-policy
+  namespace: default
+spec:
+  podSelector:
+    matchLabels:
+      app.kubeshark.co/app: front
+  policyTypes:
+    - Ingress
+    - Egress
+  ingress:
+    - ports:
+        - protocol: TCP
+          port: 8080
+  egress:
+    - {}
+---
+# Source: kubeshark/templates/16-network-policies.yaml
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: kubeshark-worker-network-policy
+  namespace: default
+spec:
+  podSelector:
+    matchLabels:
+      app.kubeshark.co/app: worker
+  policyTypes:
+    - Ingress
+    - Egress
+  ingress:
+    - ports:
+        - protocol: TCP
+          port: 30001
+        - protocol: TCP
+          port: 49100
+  egress:
+    - {}
+---
 # Source: kubeshark/templates/01-service-account.yaml
 apiVersion: v1
 kind: ServiceAccount
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.1.66
+    helm.sh/chart: kubeshark-52.2.1
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.66"
+    app.kubernetes.io/version: "52.2.1"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-service-account
@@ -21,10 +83,10 @@ metadata:
  namespace: default
  labels:
    app.kubeshark.co/app: hub
-    helm.sh/chart: kubeshark-52.1.66
+    helm.sh/chart: kubeshark-52.2.1
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.66"
+    app.kubernetes.io/version: "52.2.1"
    app.kubernetes.io/managed-by: Helm
 stringData:
    LICENSE: ''
@@ -38,10 +100,10 @@ metadata:
  namespace: default
  labels:
    app.kubeshark.co/app: hub
-    helm.sh/chart: kubeshark-52.1.66
+    helm.sh/chart: kubeshark-52.2.1
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.66"
+    app.kubernetes.io/version: "52.2.1"
    app.kubernetes.io/managed-by: Helm
 stringData:
  AUTH_SAML_X509_CRT: |
@@ -54,10 +116,10 @@ metadata:
  namespace: default
  labels:
    app.kubeshark.co/app: hub
-    helm.sh/chart: kubeshark-52.1.66
+    helm.sh/chart: kubeshark-52.2.1
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.66"
+    app.kubernetes.io/version: "52.2.1"
    app.kubernetes.io/managed-by: Helm
 stringData:
  AUTH_SAML_X509_KEY: |
@@ -69,16 +131,16 @@ metadata:
  name: kubeshark-nginx-config-map
  namespace: default
  labels:
-    helm.sh/chart: kubeshark-52.1.66
+    helm.sh/chart: kubeshark-52.2.1
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.66"
+    app.kubernetes.io/version: "52.2.1"
    app.kubernetes.io/managed-by: Helm
 data:
  default.conf: |
    server {
-      listen 80;
-      listen [::]:80;
+      listen 8080;
+      listen [::]:8080;
      access_log /dev/stdout;
      error_log /dev/stdout;

@@ -133,10 +195,10 @@ metadata:
  namespace: default
  labels:
    app.kubeshark.co/app: hub
-    helm.sh/chart: kubeshark-52.1.66
+    helm.sh/chart: kubeshark-52.2.1
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.66"
+    app.kubernetes.io/version: "52.2.1"
    app.kubernetes.io/managed-by: Helm
 data:
    POD_REGEX: '.*'
@@ -152,21 +214,25 @@ data:
    AUTH_SAML_ROLES: '{"admin":{"canDownloadPCAP":true,"canReplayTraffic":true,"canUpdateTargetedPods":true,"canUseScripting":true,"filter":"","showAdminConsoleLink":true}}'
    TELEMETRY_DISABLED: ''
    REPLAY_DISABLED: ''
+    SCRIPTING_DISABLED: ''
+    TARGETED_PODS_UPDATE_DISABLED: ''
+    RECORDING_DISABLED: ''
    GLOBAL_FILTER: ""
    TRAFFIC_SAMPLE_RATE: '100'
    JSON_TTL: '5m'
    PCAP_TTL: '10s'
    PCAP_ERROR_TTL: '60s'
+    TIMEZONE: ' '
 ---
 # Source: kubeshark/templates/02-cluster-role.yaml
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.1.66
+    helm.sh/chart: kubeshark-52.2.1
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.66"
+    app.kubernetes.io/version: "52.2.1"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-cluster-role-default
@@ -191,10 +257,10 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.1.66
+    helm.sh/chart: kubeshark-52.2.1
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.66"
+    app.kubernetes.io/version: "52.2.1"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-cluster-role-binding-default
@@ -213,10 +279,10 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.1.66
+    helm.sh/chart: kubeshark-52.2.1
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.66"
+    app.kubernetes.io/version: "52.2.1"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-self-config-role
@@ -242,10 +308,10 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.1.66
+    helm.sh/chart: kubeshark-52.2.1
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.66"
+    app.kubernetes.io/version: "52.2.1"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-self-config-role-binding
@@ -265,10 +331,10 @@ kind: Service
 metadata:
  labels:
    app.kubeshark.co/app: hub
-    helm.sh/chart: kubeshark-52.1.66
+    helm.sh/chart: kubeshark-52.2.1
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.66"
+    app.kubernetes.io/version: "52.2.1"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-hub
@@ -277,7 +343,7 @@ spec:
  ports:
    - name: kubeshark-hub
      port: 80
-      targetPort: 80
+      targetPort: 8080
  selector:
    app.kubeshark.co/app: hub
  type: ClusterIP
@@ -287,10 +353,10 @@ apiVersion: v1
 kind: Service
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.1.66
+    helm.sh/chart: kubeshark-52.2.1
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.66"
+    app.kubernetes.io/version: "52.2.1"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-front
@@ -299,7 +365,7 @@ spec:
  ports:
    - name: kubeshark-front
      port: 80
-      targetPort: 80
+      targetPort: 8080
  selector:
    app.kubeshark.co/app: front
  type: ClusterIP
@@ -316,10 +382,10 @@ metadata:
 spec:
  selector:
    app.kubeshark.co/app: worker
-    helm.sh/chart: kubeshark-52.1.66
+    helm.sh/chart: kubeshark-52.2.1
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.66"
+    app.kubernetes.io/version: "52.2.1"
    app.kubernetes.io/managed-by: Helm
  ports:
  - name: metrics
@@ -334,10 +400,10 @@ metadata:
  labels:
    app.kubeshark.co/app: worker
    sidecar.istio.io/inject: "false"
-    helm.sh/chart: kubeshark-52.1.66
+    helm.sh/chart: kubeshark-52.2.1
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.66"
+    app.kubernetes.io/version: "52.2.1"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-worker-daemon-set
@@ -346,19 +412,19 @@ spec:
  selector:
    matchLabels:
      app.kubeshark.co/app: worker
-      helm.sh/chart: kubeshark-52.1.66
+      helm.sh/chart: kubeshark-52.2.1
      app.kubernetes.io/name: kubeshark
      app.kubernetes.io/instance: kubeshark
-      app.kubernetes.io/version: "52.1.66"
+      app.kubernetes.io/version: "52.2.1"
      app.kubernetes.io/managed-by: Helm
  template:
    metadata:
      labels:
        app.kubeshark.co/app: worker
-        helm.sh/chart: kubeshark-52.1.66
+        helm.sh/chart: kubeshark-52.2.1
        app.kubernetes.io/name: kubeshark
        app.kubernetes.io/instance: kubeshark
-        app.kubernetes.io/version: "52.1.66"
+        app.kubernetes.io/version: "52.2.1"
        app.kubernetes.io/managed-by: Helm
      name: kubeshark-worker-daemon-set
      namespace: kubeshark
@@ -385,12 +451,14 @@ spec:
            - '30001'
            - -metrics-port
            - '49100'
+            - -packet-capture
+            - 'best'
            - -unixsocket
            - -servicemesh
            - -procfs
            - /hostproc
            - -kernel-module
-          image: 'docker.io/kubeshark/worker:v52.1.66'
+          image: 'docker.io/kubeshark/worker:v52.2.1'
          imagePullPolicy: Always
          name: sniffer
          ports:
@@ -454,7 +522,7 @@ spec:
            - ./tracer
            - -procfs
            - /hostproc
-          image: 'docker.io/kubeshark/worker:v52.1.66'
+          image: 'docker.io/kubeshark/worker:v52.2.1'
          imagePullPolicy: Always
          name: tracer
          env:
@@ -529,10 +597,10 @@ kind: Deployment
 metadata:
  labels:
    app.kubeshark.co/app: hub
-    helm.sh/chart: kubeshark-52.1.66
+    helm.sh/chart: kubeshark-52.2.1
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.66"
+    app.kubernetes.io/version: "52.2.1"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-hub
@@ -542,19 +610,19 @@ spec:
  selector:
    matchLabels:
      app.kubeshark.co/app: hub
-      helm.sh/chart: kubeshark-52.1.66
+      helm.sh/chart: kubeshark-52.2.1
      app.kubernetes.io/name: kubeshark
      app.kubernetes.io/instance: kubeshark
-      app.kubernetes.io/version: "52.1.66"
+      app.kubernetes.io/version: "52.2.1"
      app.kubernetes.io/managed-by: Helm
  template:
    metadata:
      labels:
        app.kubeshark.co/app: hub
-        helm.sh/chart: kubeshark-52.1.66
+        helm.sh/chart: kubeshark-52.2.1
        app.kubernetes.io/name: kubeshark
        app.kubernetes.io/instance: kubeshark
-        app.kubernetes.io/version: "52.1.66"
+        app.kubernetes.io/version: "52.2.1"
        app.kubernetes.io/managed-by: Helm
    spec:
      dnsPolicy: ClusterFirstWithHostNet
@@ -563,6 +631,8 @@ spec:
        - name: kubeshark-hub
          command:
            - ./hub
+            - -port
+            - "8080"
          env:
          - name: POD_NAME
            valueFrom:
@@ -574,7 +644,7 @@ spec:
                fieldPath: metadata.namespace
          - name: KUBESHARK_CLOUD_API_URL
            value: 'https://api.kubeshark.co'
-          image: 'docker.io/kubeshark/hub:v52.1.66'
+          image: 'docker.io/kubeshark/hub:v52.2.1'
          imagePullPolicy: Always
          readinessProbe:
            periodSeconds: 1
@@ -582,14 +652,14 @@ spec:
            successThreshold: 1
            initialDelaySeconds: 3
            tcpSocket:
-              port: 80
+              port: 8080
          livenessProbe:
            periodSeconds: 1
            failureThreshold: 3
            successThreshold: 1
            initialDelaySeconds: 3
            tcpSocket:
-              port: 80
+              port: 8080
          resources:
            limits:
              cpu: 750m
@@ -622,10 +692,10 @@ kind: Deployment
 metadata:
  labels:
    app.kubeshark.co/app: front
-    helm.sh/chart: kubeshark-52.1.66
+    helm.sh/chart: kubeshark-52.2.1
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.1.66"
+    app.kubernetes.io/version: "52.2.1"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-front
@@ -635,19 +705,19 @@ spec:
  selector:
    matchLabels:
      app.kubeshark.co/app: front
-      helm.sh/chart: kubeshark-52.1.66
+      helm.sh/chart: kubeshark-52.2.1
      app.kubernetes.io/name: kubeshark
      app.kubernetes.io/instance: kubeshark
-      app.kubernetes.io/version: "52.1.66"
+      app.kubernetes.io/version: "52.2.1"
      app.kubernetes.io/managed-by: Helm
  template:
    metadata:
      labels:
        app.kubeshark.co/app: front
-        helm.sh/chart: kubeshark-52.1.66
+        helm.sh/chart: kubeshark-52.2.1
        app.kubernetes.io/name: kubeshark
        app.kubernetes.io/instance: kubeshark
-        app.kubernetes.io/version: "52.1.66"
+        app.kubernetes.io/version: "52.2.1"
        app.kubernetes.io/managed-by: Helm
    spec:
      containers:
@@ -660,9 +730,17 @@ spec:
              value: 'saml'
            - name: REACT_APP_AUTH_SAML_IDP_METADATA_URL
              value: ' '
+            - name: REACT_APP_TIMEZONE
+              value: ' '
            - name: REACT_APP_REPLAY_DISABLED
              value: 'false'
-          image: 'docker.io/kubeshark/front:v52.1.66'
+            - name: REACT_APP_SCRIPTING_DISABLED
+              value: 'false'
+            - name: REACT_APP_TARGETED_PODS_UPDATE_DISABLED
+              value: 'false'
+            - name: REACT_APP_RECORDING_DISABLED
+              value: 'false'
+          image: 'docker.io/kubeshark/front:v52.2.1'
          imagePullPolicy: Always
          name: kubeshark-front
          livenessProbe:
@@ -671,14 +749,14 @@ spec:
            successThreshold: 1
            initialDelaySeconds: 3
            tcpSocket:
-              port: 80
+              port: 8080
          readinessProbe:
            periodSeconds: 1
            failureThreshold: 3
            successThreshold: 1
            initialDelaySeconds: 3
            tcpSocket:
-              port: 80
+              port: 8080
            timeoutSeconds: 1
          resources:
            limits:
Author	SHA1	Message	Date
M. Mert Yildiran	35c1a88724	🔖 Bump the Helm chart version to 52.2.1	2024-03-28 03:55:03 +03:00
M. Mert Yildiran	fe3f93c91b	⏪ Revert `srvPort` to `30001`	2024-03-28 03:54:06 +03:00
M. Mert Yildiran	24aa4db0bc	⏪ Bring back the `packet-capture` flag	2024-03-28 01:42:16 +03:00
Alon Girmonsky	ef44257942	Update RELEASE.md.TEMPLATE syntax fix	2024-03-27 12:24:35 -07:00
M. Mert Yildiran	0b58558f70	🔖 Bump the Helm chart version to 52.2.0	2024-03-27 21:50:27 +03:00
Alon Girmonsky	cdd306b890	Update RELEASE.md.TEMPLATE	2024-03-26 15:21:41 -07:00
M. Mert Yildiran	3cc9ff8616	🔖 Bump the Helm chart version to 52.1.77	2024-03-19 18:55:27 +03:00
Serhii Ponomarenko	247498492a	✨ Set custom timezone (#1517 ) * 🔨 Add timezone config * 🔨 Update `complete.yaml` * 📝 Document `timezone` config * 📝 Update `timezone` config docs * 📝 Update `timezone` config docs * 🔥 Remove unused `TIMEZONE` field from `ConfigMap` * 🦺 Handle empty `tap.timezone` case * 🔨 Move `timezone` from `.Values.tap` to `.Values` * 🔨 Add `timezone` field to helm values * 🔨 Update `complete.yaml` * 📝 Update `timezone` config docs * 🔨 Add `TIMEZONE` field to `ConfigMap` --------- Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>	2024-03-19 12:06:50 +01:00
Volodymyr Stoiko	867c7058a0	👷 Remove kubeshark tap upgrades (#1519 )	2024-03-18 17:32:56 +03:00
M. Mert Yildiran	f1021f61b6	👷 Change the Homebrew job's name	2024-03-15 21:16:14 +03:00
M. Mert Yildiran	9162c4fb64	🔖 Bump the Helm chart version to 52.1.75	2024-03-15 20:39:39 +03:00
Serhii Ponomarenko	e7fc7b791a	🐛 Fix front nginx and network policies ports (#1518 ) * 🐛 Use `8080` listen port for front nginx config * 🐛 Use `8080` ingress port for front/hub network policies	2024-03-14 15:18:24 -07:00
Volodymyr Stoiko	9914183d7d	Move brew release into separate job (#1516 )	2024-03-11 04:58:22 -07:00
Volodymyr Stoiko	c0751ad4cb	Switch to lower ports (#1514 ) Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>	2024-03-08 21:02:05 -08:00
Serhii Ponomarenko	0aca81fbcb	🔨 Disable scripting, targeted pods update & recording via `ConfigMap` keys (#1515 ) * 🔨 Add `SCRIPTING_DISABLED` key to `ConfigMap` * 🔨 Add `TARGETED_PODS_UPDATE_DISABLED` config * 🔨 Add `RECORDING_DISABLED` key to `ConfigMap` * 🎨 Reformat `TapConfig` * 🔨 Update `complete.yaml`	2024-03-08 20:49:07 -08:00
Shunsuke Suzuki	24dccab3e4	fix: fix the asset name of the checksum file for windows/amd64 (#1509 ) Pre-built binaries and checksum files are released at GitHub Releases. https://github.com/kubeshark/kubeshark/releases But checksum files for windows/amd64 have the following issues. kubeshark.exe kubeshark_windows_amd64.sha256 - The executable file name and the checksum file name don't conform to the naming convention - We can't verify the pre-built binaries with checksum files because the pre-built binary name is different from the actual binary name ```console $ cat kubeshark_windows_amd64.sha256 ea8fffa952bc8047f493469d024887ed80f966c0d74cf5fb039ea12f71174629 kubeshark_windows_amd64 ``` ```console $ sha256sum -c kubeshark_windows_amd64.sha256 sha256sum: kubeshark_windows_amd64: No such file or directory kubeshark_windows_amd64: FAILED open or read sha256sum: WARNING: 1 listed file could not be read ``` The cause of these issues is pre-built binaries were renamed after checksum files were generated. `b125860d06/Makefile (L41)` `b125860d06/Makefile (L61)` This commit resolves the issue by generating the checksum file after renaming the pre-built binary. Co-authored-by: Volodymyr Stoiko <me@volodymyrstoiko.com>	2024-03-08 19:32:17 +03:00
Volodymyr Stoiko	db607aff16	Add network policies for kubeshark components (#1513 ) * Add explicit network policies for kubeshark components * allow exact ports --------- Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>	2024-03-07 06:37:13 -08:00
Volodymyr Stoiko	ec1728ef91	Add kubeshark fork to use for homebrew release (#1512 )	2024-03-06 11:02:08 +01:00