🔨 Support chat flag (#1573 )

* 🔨 Add `supportChatEnabled` helm value * 🔨 Add `REACT_APP_SUPPORT_CHAT_ENABLED` env to `front`
Remove obsolete dumptracer worker option (#1569 )
2026-02-19 20:40:17 +00:00 · 2024-07-25 13:09:44 -07:00 · 2024-07-22 08:29:53 -07:00 · 2024-07-19 17:19:01 +03:00 · 2024-07-18 13:37:21 -07:00 · 2024-07-18 13:11:52 -07:00
13 changed files with 171 additions and 244 deletions
--- a/cmd/pro.go
+++ b/cmd/pro.go
@@ -1,142 +0,0 @@
-package cmd
-
-import (
-	"fmt"
-	"io"
-	"net/http"
-	"os"
-	"time"
-
-	"github.com/creasty/defaults"
-	"github.com/gin-gonic/gin"
-	"github.com/kubeshark/kubeshark/config"
-	"github.com/kubeshark/kubeshark/config/configStructs"
-	"github.com/kubeshark/kubeshark/internal/connect"
-	"github.com/kubeshark/kubeshark/kubernetes"
-	"github.com/kubeshark/kubeshark/utils"
-	"github.com/rs/zerolog/log"
-	"github.com/spf13/cobra"
-)
-
-var proCmd = &cobra.Command{
-	Use:   "pro",
-	Short: "Acquire a Pro license",
-	RunE: func(cmd *cobra.Command, args []string) error {
-		acquireLicense()
-		return nil
-	},
-}
-
-const (
-	PRO_URL  = "https://console.kubeshark.co/cli"
-	PRO_PORT = 5252
-)
-
-func init() {
-	rootCmd.AddCommand(proCmd)
-
-	defaultTapConfig := configStructs.TapConfig{}
-	if err := defaults.Set(&defaultTapConfig); err != nil {
-		log.Debug().Err(err).Send()
-	}
-
-	proCmd.Flags().Uint16(configStructs.ProxyFrontPortLabel, defaultTapConfig.Proxy.Front.Port, "Provide a custom port for the Kubeshark")
-	proCmd.Flags().String(configStructs.ProxyHostLabel, defaultTapConfig.Proxy.Host, "Provide a custom host for the Kubeshark")
-	proCmd.Flags().StringP(configStructs.ReleaseNamespaceLabel, "s", defaultTapConfig.Release.Namespace, "Release namespace of Kubeshark")
-}
-
-func acquireLicense() {
-	hubUrl := kubernetes.GetHubUrl()
-	response, err := http.Get(fmt.Sprintf("%s/echo", hubUrl))
-	if err != nil || response.StatusCode != 200 {
-		log.Info().Msg(fmt.Sprintf(utils.Yellow, "Couldn't connect to Hub. Establishing proxy..."))
-		runProxy(false, true)
-	}
-
-	connector = connect.NewConnector(kubernetes.GetHubUrl(), connect.DefaultRetries, connect.DefaultTimeout)
-
-	log.Info().Str("url", PRO_URL).Msg("Opening in the browser:")
-	utils.OpenBrowser(PRO_URL)
-
-	runLicenseRecieverServer()
-}
-
-func updateLicense(licenseKey string) {
-	log.Info().Str("key", licenseKey).Msg("Received license:")
-
-	config.Config.License = licenseKey
-	err := config.WriteConfig(&config.Config)
-	if err != nil {
-		log.Error().Err(err).Send()
-	}
-
-	kubernetesProvider, err := getKubernetesProviderForCli(false, false)
-	if err != nil {
-		log.Error().Err(err).Send()
-		return
-	}
-	updated, err := kubernetes.SetSecret(kubernetesProvider, kubernetes.SECRET_LICENSE, config.Config.License)
-	if err != nil {
-		log.Error().Err(err).Send()
-	}
-
-	if updated {
-		log.Info().Msg("Updated the license, exiting...")
-	} else {
-		log.Info().Msg("Exiting...")
-	}
-
-	go func() {
-		time.Sleep(2 * time.Second)
-		os.Exit(0)
-	}()
-}
-
-func runLicenseRecieverServer() {
-	gin.SetMode(gin.ReleaseMode)
-	ginApp := gin.New()
-	ginApp.Use(func(c *gin.Context) {
-		c.Writer.Header().Set("Access-Control-Allow-Origin", "*")
-		c.Writer.Header().Set("Access-Control-Allow-Credentials", "true")
-		c.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, x-session-token")
-		c.Writer.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PUT, DELETE")
-		c.Writer.Header().Set("Access-Control-Expose-Headers", "Content-Disposition")
-
-		if c.Request.Method == "OPTIONS" {
-			c.AbortWithStatus(http.StatusNoContent)
-			return
-		}
-
-		c.Next()
-	})
-
-	ginApp.POST("/", func(c *gin.Context) {
-		data, err := io.ReadAll(c.Request.Body)
-		if err != nil {
-			log.Error().Err(err).Send()
-			c.AbortWithStatus(http.StatusBadRequest)
-			return
-		}
-
-		licenseKey := string(data)
-
-		updateLicense(licenseKey)
-	})
-
-	go func() {
-		if err := ginApp.Run(fmt.Sprintf(":%d", PRO_PORT)); err != nil {
-			log.Error().Err(err).Send()
-		}
-	}()
-
-	log.Info().Msg("Alternatively enter your license key:")
-
-	var licenseKey string
-	_, err := fmt.Scanf("%s", &licenseKey)
-	if err != nil {
-		log.Error().Err(err).Send()
-		return
-	}
-
-	updateLicense(licenseKey)
-}
--- a/cmd/tapRunner.go
+++ b/cmd/tapRunner.go
@@ -193,6 +193,7 @@ func watchHubPod(ctx context.Context, kubernetesProvider *kubernetes.Provider, c
 					ready.Lock()
 					ready.Hub = true
 					ready.Unlock()
+					log.Info().Str("pod", kubernetes.HubPodName).Msg("Ready.")
 				}

 				ready.Lock()
@@ -282,6 +283,7 @@ func watchFrontPod(ctx context.Context, kubernetesProvider *kubernetes.Provider,
 					ready.Lock()
 					ready.Front = true
 					ready.Unlock()
+					log.Info().Str("pod", kubernetes.FrontPodName).Msg("Ready.")
 				}

 				ready.Lock()
--- a/config/configStruct.go
+++ b/config/configStruct.go
@@ -63,12 +63,12 @@ func CreateDefaultConfig() ConfigStruct {
 					RoleAttribute: "role",
 					Roles: map[string]configStructs.Role{
 						"admin": {
-							Filter:                "",
-							CanReplayTraffic:      true,
-							CanDownloadPCAP:       true,
-							CanUseScripting:       true,
-							CanUpdateTargetedPods: true,
-							ShowAdminConsoleLink:  true,
+							Filter:                  "",
+							CanDownloadPCAP:         true,
+							CanUseScripting:         true,
+							CanUpdateTargetedPods:   true,
+							CanStopTrafficCapturing: true,
+							ShowAdminConsoleLink:    true,
 						},
 					},
 				},
@@ -95,6 +95,7 @@ type ConfigStruct struct {
 	HeadlessMode        bool                          `yaml:"headless" json:"headless" default:"false"`
 	License             string                        `yaml:"license" json:"license" default:""`
 	CloudLicenseEnabled bool                          `yaml:"cloudLicenseEnabled" json:"cloudLicenseEnabled" default:"true"`
+	SupportChatEnabled  bool                          `yaml:"supportChatEnabled" json:"supportChatEnabled" default:"false"`
 	Scripting           configStructs.ScriptingConfig `yaml:"scripting" json:"scripting"`
 	Manifests           ManifestsConfig               `yaml:"manifests,omitempty" json:"manifests,omitempty"`
 	Timezone            string                        `yaml:"timezone" json:"timezone"`
--- a/config/configStructs/tapConfig.go
+++ b/config/configStructs/tapConfig.go
@@ -90,12 +90,12 @@ type ResourcesConfig struct {
 }

 type Role struct {
-	Filter                string `yaml:"filter" json:"filter" default:""`
-	CanReplayTraffic      bool   `yaml:"canReplayTraffic" json:"canReplayTraffic" default:"false"`
-	CanDownloadPCAP       bool   `yaml:"canDownloadPCAP" json:"canDownloadPCAP" default:"false"`
-	CanUseScripting       bool   `yaml:"canUseScripting" json:"canUseScripting" default:"false"`
-	CanUpdateTargetedPods bool   `yaml:"canUpdateTargetedPods" json:"canUpdateTargetedPods" default:"false"`
-	ShowAdminConsoleLink  bool   `yaml:"showAdminConsoleLink" json:"showAdminConsoleLink" default:"false"`
+	Filter                  string `yaml:"filter" json:"filter" default:""`
+	CanDownloadPCAP         bool   `yaml:"canDownloadPCAP" json:"canDownloadPCAP" default:"false"`
+	CanUseScripting         bool   `yaml:"canUseScripting" json:"canUseScripting" default:"false"`
+	CanUpdateTargetedPods   bool   `yaml:"canUpdateTargetedPods" json:"canUpdateTargetedPods" default:"false"`
+	CanStopTrafficCapturing bool   `yaml:"canStopTrafficCapturing" json:"canStopTrafficCapturing" default:"false"`
+	ShowAdminConsoleLink    bool   `yaml:"showAdminConsoleLink" json:"showAdminConsoleLink" default:"false"`
 }

 type SamlConfig struct {
@@ -156,44 +156,46 @@ type MiscConfig struct {
 	TcpStreamChannelTimeoutShow bool   `yaml:"tcpStreamChannelTimeoutShow" json:"tcpStreamChannelTimeoutShow" default:"false"`
 	ResolutionStrategy          string `yaml:"resolutionStrategy" json:"resolutionStrategy" default:"auto"`
 	Profile                     bool   `yaml:"profile" json:"profile" default:"false"`
+	DuplicateTimeframe          string `yaml:"duplicateTimeframe" json:"duplicateTimeframe" default:"200ms"`
 }

 type TapConfig struct {
-	Docker                     DockerConfig          `yaml:"docker" json:"docker"`
-	Proxy                      ProxyConfig           `yaml:"proxy" json:"proxy"`
-	PodRegexStr                string                `yaml:"regex" json:"regex" default:".*"`
-	Namespaces                 []string              `yaml:"namespaces" json:"namespaces" default:"[]"`
-	BpfOverride                string                `yaml:"bpfOverride" json:"bpfOverride" default:""`
-	Release                    ReleaseConfig         `yaml:"release" json:"release"`
-	PersistentStorage          bool                  `yaml:"persistentStorage" json:"persistentStorage" default:"false"`
-	PersistentStorageStatic    bool                  `yaml:"persistentStorageStatic" json:"persistentStorageStatic" default:"false"`
-	EfsFileSytemIdAndPath      string                `yaml:"efsFileSytemIdAndPath" json:"efsFileSytemIdAndPath" default:""`
-	StorageLimit               string                `yaml:"storageLimit" json:"storageLimit" default:"500Mi"`
-	StorageClass               string                `yaml:"storageClass" json:"storageClass" default:"standard"`
-	DryRun                     bool                  `yaml:"dryRun" json:"dryRun" default:"false"`
-	Resources                  ResourcesConfig       `yaml:"resources" json:"resources"`
-	ServiceMesh                bool                  `yaml:"serviceMesh" json:"serviceMesh" default:"true"`
-	Tls                        bool                  `yaml:"tls" json:"tls" default:"true"`
-	PacketCapture              string                `yaml:"packetCapture" json:"packetCapture" default:"best"`
-	IgnoreTainted              bool                  `yaml:"ignoreTainted" json:"ignoreTainted" default:"false"`
-	Labels                     map[string]string     `yaml:"labels" json:"labels" default:"{}"`
-	Annotations                map[string]string     `yaml:"annotations" json:"annotations" default:"{}"`
-	NodeSelectorTerms          []v1.NodeSelectorTerm `yaml:"nodeSelectorTerms" json:"nodeSelectorTerms" default:"[]"`
-	Auth                       AuthConfig            `yaml:"auth" json:"auth"`
-	Ingress                    IngressConfig         `yaml:"ingress" json:"ingress"`
-	IPv6                       bool                  `yaml:"ipv6" json:"ipv6" default:"true"`
-	Debug                      bool                  `yaml:"debug" json:"debug" default:"false"`
-	KernelModule               KernelModuleConfig    `yaml:"kernelModule" json:"kernelModule"`
-	Telemetry                  TelemetryConfig       `yaml:"telemetry" json:"telemetry"`
-	DefaultFilter              string                `yaml:"defaultFilter" json:"defaultFilter"`
-	ReplayDisabled             bool                  `yaml:"replayDisabled" json:"replayDisabled" default:"false"`
-	ScriptingDisabled          bool                  `yaml:"scriptingDisabled" json:"scriptingDisabled" default:"false"`
-	TargetedPodsUpdateDisabled bool                  `yaml:"targetedPodsUpdateDisabled" json:"targetedPodsUpdateDisabled" default:"false"`
-	RecordingDisabled          bool                  `yaml:"recordingDisabled" json:"recordingDisabled" default:"false"`
-	Capabilities               CapabilitiesConfig    `yaml:"capabilities" json:"capabilities"`
-	GlobalFilter               string                `yaml:"globalFilter" json:"globalFilter"`
-	Metrics                    MetricsConfig         `yaml:"metrics" json:"metrics"`
-	Misc                       MiscConfig            `yaml:"misc" json:"misc"`
+	Docker                       DockerConfig          `yaml:"docker" json:"docker"`
+	Proxy                        ProxyConfig           `yaml:"proxy" json:"proxy"`
+	PodRegexStr                  string                `yaml:"regex" json:"regex" default:".*"`
+	Namespaces                   []string              `yaml:"namespaces" json:"namespaces" default:"[]"`
+	BpfOverride                  string                `yaml:"bpfOverride" json:"bpfOverride" default:""`
+	Stopped                      bool                  `yaml:"stopped" json:"stopped" default:"false"`
+	Release                      ReleaseConfig         `yaml:"release" json:"release"`
+	PersistentStorage            bool                  `yaml:"persistentStorage" json:"persistentStorage" default:"false"`
+	PersistentStorageStatic      bool                  `yaml:"persistentStorageStatic" json:"persistentStorageStatic" default:"false"`
+	EfsFileSytemIdAndPath        string                `yaml:"efsFileSytemIdAndPath" json:"efsFileSytemIdAndPath" default:""`
+	StorageLimit                 string                `yaml:"storageLimit" json:"storageLimit" default:"500Mi"`
+	StorageClass                 string                `yaml:"storageClass" json:"storageClass" default:"standard"`
+	DryRun                       bool                  `yaml:"dryRun" json:"dryRun" default:"false"`
+	Resources                    ResourcesConfig       `yaml:"resources" json:"resources"`
+	ServiceMesh                  bool                  `yaml:"serviceMesh" json:"serviceMesh" default:"true"`
+	Tls                          bool                  `yaml:"tls" json:"tls" default:"true"`
+	PacketCapture                string                `yaml:"packetCapture" json:"packetCapture" default:"best"`
+	IgnoreTainted                bool                  `yaml:"ignoreTainted" json:"ignoreTainted" default:"false"`
+	Labels                       map[string]string     `yaml:"labels" json:"labels" default:"{}"`
+	Annotations                  map[string]string     `yaml:"annotations" json:"annotations" default:"{}"`
+	NodeSelectorTerms            []v1.NodeSelectorTerm `yaml:"nodeSelectorTerms" json:"nodeSelectorTerms" default:"[]"`
+	Auth                         AuthConfig            `yaml:"auth" json:"auth"`
+	Ingress                      IngressConfig         `yaml:"ingress" json:"ingress"`
+	IPv6                         bool                  `yaml:"ipv6" json:"ipv6" default:"true"`
+	Debug                        bool                  `yaml:"debug" json:"debug" default:"false"`
+	KernelModule                 KernelModuleConfig    `yaml:"kernelModule" json:"kernelModule"`
+	Telemetry                    TelemetryConfig       `yaml:"telemetry" json:"telemetry"`
+	DefaultFilter                string                `yaml:"defaultFilter" json:"defaultFilter"`
+	ScriptingDisabled            bool                  `yaml:"scriptingDisabled" json:"scriptingDisabled" default:"false"`
+	TargetedPodsUpdateDisabled   bool                  `yaml:"targetedPodsUpdateDisabled" json:"targetedPodsUpdateDisabled" default:"false"`
+	RecordingDisabled            bool                  `yaml:"recordingDisabled" json:"recordingDisabled" default:"false"`
+	StopTrafficCapturingDisabled bool                  `yaml:"stopTrafficCapturingDisabled" json:"stopTrafficCapturingDisabled" default:"false"`
+	Capabilities                 CapabilitiesConfig    `yaml:"capabilities" json:"capabilities"`
+	GlobalFilter                 string                `yaml:"globalFilter" json:"globalFilter"`
+	Metrics                      MetricsConfig         `yaml:"metrics" json:"metrics"`
+	Misc                         MiscConfig            `yaml:"misc" json:"misc"`
 }

 func (config *TapConfig) PodRegex() *regexp.Regexp {
--- a/helm-chart/Chart.yaml
+++ b/helm-chart/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v2
 name: kubeshark
-version: "52.3.68"
+version: "52.3.69"
 description: The API Traffic Analyzer for Kubernetes
 home: https://kubeshark.co
 keywords:
--- a/helm-chart/README.md
+++ b/helm-chart/README.md
@@ -157,7 +157,7 @@ Please refer to [metrics](./metrics.md) documentation for details.
 | `tap.auth.saml.x509crt`                   | A self-signed X.509 `.cert` contents <br/>(effective, if `tap.auth.type = saml`)          | ``                                                      |
 | `tap.auth.saml.x509key`                   | A self-signed X.509 `.key` contents <br/>(effective, if `tap.auth.type = saml`)           | ``                                                      |
 | `tap.auth.saml.roleAttribute`             | A SAML attribute name corresponding to user's authorization role <br/>(effective, if `tap.auth.type = saml`)  | `role` |
-| `tap.auth.saml.roles`                     | A list of SAML authorization roles and their permissions <br/>(effective, if `tap.auth.type = saml`)  | `{"admin":{"canDownloadPCAP":true,"canReplayTraffic":true,"canUpdateTargetedPods":true,"canUseScripting":true,"filter":"","showAdminConsoleLink":true}}` |
+| `tap.auth.saml.roles`                     | A list of SAML authorization roles and their permissions <br/>(effective, if `tap.auth.type = saml`)  | `{"admin":{"canDownloadPCAP":true,"canUpdateTargetedPods":true,"canUseScripting":true, "canStopTrafficCapturing":true, "filter":"","showAdminConsoleLink":true}}` |
 | `tap.ingress.enabled`                     | Enable `Ingress`                                | `false`                                                 |
 | `tap.ingress.className`                   | Ingress class name                            | `""`                                                    |
 | `tap.ingress.host`                        | Host of the `Ingress`                          | `ks.svc.cluster.local`                                  |
--- a/helm-chart/templates/06-front-deployment.yaml
+++ b/helm-chart/templates/06-front-deployment.yaml
@@ -38,8 +38,6 @@ spec:
              value: '{{ not (eq .Values.tap.auth.saml.idpMetadataUrl "") | ternary .Values.tap.auth.saml.idpMetadataUrl " " }}'
            - name: REACT_APP_TIMEZONE
              value: '{{ not (eq .Values.timezone "") | ternary .Values.timezone " " }}'
-            - name: REACT_APP_REPLAY_DISABLED
-              value: '{{ .Values.tap.replayDisabled }}'
            - name: REACT_APP_SCRIPTING_DISABLED
              value: '{{ .Values.tap.scriptingDisabled }}'
            - name: REACT_APP_TARGETED_PODS_UPDATE_DISABLED
@@ -48,12 +46,20 @@ spec:
              value: '{{ eq .Values.tap.packetCapture "ebpf" | ternary "true" "false" }}'
            - name: REACT_APP_RECORDING_DISABLED
              value: '{{ .Values.tap.recordingDisabled }}'
+            - name: REACT_APP_STOP_TRAFFIC_CAPTURING_DISABLED
+              value: '{{- if and .Values.tap.stopTrafficCapturingDisabled .Values.tap.stopped -}}
+                        false
+                      {{- else -}}
+                        {{ .Values.tap.stopTrafficCapturingDisabled | ternary "true" "false" }}
+                      {{- end -}}'
            - name: 'REACT_APP_CLOUD_LICENSE_ENABLED'
              value: '{{- if and .Values.cloudLicenseEnabled (not (empty .Values.license)) -}}
                        "false"
                      {{- else -}}
                        {{ .Values.cloudLicenseEnabled }}
                      {{- end }}'
+            - name: REACT_APP_SUPPORT_CHAT_ENABLED
+              value: '{{ not .Values.supportChatEnabled | ternary "false" .Values.supportChatEnabled }}'
        {{- if .Values.tap.docker.overrideTag.front }}
          image: '{{ .Values.tap.docker.registry }}/front:{{ .Values.tap.docker.overrideTag.front }}'
        {{ else }}
--- a/helm-chart/templates/09-worker-daemon-set.yaml
+++ b/helm-chart/templates/09-worker-daemon-set.yaml
@@ -69,8 +69,6 @@ spec:
            - '{{ .Values.tap.misc.resolutionStrategy }}'
          {{- if .Values.tap.debug }}
            - -debug
-            - -dumptracer
-            - "100000000"
          {{- end }}
        {{- if .Values.tap.docker.overrideTag.worker }}
          image: '{{ .Values.tap.docker.registry }}/worker:{{ .Values.tap.docker.overrideTag.worker }}'
--- a/helm-chart/templates/12-config-map.yaml
+++ b/helm-chart/templates/12-config-map.yaml
@@ -10,6 +10,7 @@ data:
    POD_REGEX: '{{ .Values.tap.regex }}'
    NAMESPACES: '{{ gt (len .Values.tap.namespaces) 0 | ternary (join "," .Values.tap.namespaces) "" }}'
    BPF_OVERRIDE: '{{ .Values.tap.bpfOverride }}'
+    STOPPED: '{{ .Values.tap.stopped | ternary "true" "false" }}'
    SCRIPTING_SCRIPTS: '{}'
    INGRESS_ENABLED: '{{ .Values.tap.ingress.enabled }}'
    INGRESS_HOST: '{{ .Values.tap.ingress.host }}'
@@ -24,10 +25,14 @@ data:
    AUTH_SAML_ROLE_ATTRIBUTE: '{{ .Values.tap.auth.saml.roleAttribute }}'
    AUTH_SAML_ROLES: '{{ .Values.tap.auth.saml.roles | toJson }}'
    TELEMETRY_DISABLED: '{{ not .Values.tap.telemetry.enabled | ternary "true" "" }}'
-    REPLAY_DISABLED: '{{ .Values.tap.replayDisabled | ternary "true" "" }}'
    SCRIPTING_DISABLED: '{{ .Values.tap.scriptingDisabled | ternary "true" "" }}'
    TARGETED_PODS_UPDATE_DISABLED: '{{ .Values.tap.targetedPodsUpdateDisabled | ternary "true" "" }}'
    RECORDING_DISABLED: '{{ .Values.tap.recordingDisabled | ternary "true" "" }}'
+    STOP_TRAFFIC_CAPTURING_DISABLED: '{{- if and .Values.tap.stopTrafficCapturingDisabled .Values.tap.stopped -}}
+                                        false
+                                      {{- else -}}
+                                        {{ .Values.tap.stopTrafficCapturingDisabled | ternary "true" "false" }}
+                                      {{- end }}'
    GLOBAL_FILTER: {{ include "kubeshark.escapeDoubleQuotes" .Values.tap.globalFilter | quote }}
    TRAFFIC_SAMPLE_RATE: '{{ .Values.tap.misc.trafficSampleRate }}'
    JSON_TTL: '{{ .Values.tap.misc.jsonTTL }}'
@@ -39,4 +44,5 @@ data:
                            {{- else -}}
                              {{ .Values.cloudLicenseEnabled }}
                            {{- end }}'
+    DUPLICATE_TIMEFRAME: '{{ .Values.tap.misc.duplicateTimeframe }}'

--- a/helm-chart/templates/15-worker-service-metrics.yaml
+++ b/helm-chart/templates/15-worker-service-metrics.yaml
@@ -2,6 +2,12 @@
 kind: Service
 apiVersion: v1
 metadata:
+  labels:
+    {{- include "kubeshark.labels" . | nindent 4 }}
+  annotations:
+  {{- if .Values.tap.annotations }}
+    {{- toYaml .Values.tap.annotations | nindent 4 }}
+  {{- end }}
  name: kubeshark-worker-metrics
  namespace: {{ .Release.Namespace }}
  annotations:
--- a/helm-chart/templates/16-network-policies.yaml
+++ b/helm-chart/templates/16-network-policies.yaml
@@ -1,6 +1,12 @@
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
+  labels:
+    {{- include "kubeshark.labels" . | nindent 4 }}
+  annotations:
+  {{- if .Values.tap.annotations }}
+    {{- toYaml .Values.tap.annotations | nindent 4 }}
+  {{- end }}
  name: kubeshark-hub-network-policy
  namespace: {{ .Release.Namespace }}
 spec:
@@ -20,6 +26,12 @@ spec:
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
+  labels:
+    {{- include "kubeshark.labels" . | nindent 4 }}
+  annotations:
+  {{- if .Values.tap.annotations }}
+    {{- toYaml .Values.tap.annotations | nindent 4 }}
+  {{- end }}
  name: kubeshark-front-network-policy
  namespace: {{ .Release.Namespace }}
 spec:
@@ -39,6 +51,12 @@ spec:
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
+  labels:
+    {{- include "kubeshark.labels" . | nindent 4 }}
+  annotations:
+  {{- if .Values.tap.annotations }}
+    {{- toYaml .Values.tap.annotations | nindent 4 }}
+  {{- end }}
  name: kubeshark-worker-network-policy
  namespace: {{ .Release.Namespace }}
 spec:
--- a/helm-chart/values.yaml
+++ b/helm-chart/values.yaml
@@ -19,6 +19,7 @@ tap:
  regex: .*
  namespaces: []
  bpfOverride: ""
+  stopped: false
  release:
    repo: https://helm.kubeshark.co
    name: kubeshark
@@ -74,10 +75,10 @@ tap:
      roles:
        admin:
          filter: ""
-          canReplayTraffic: true
          canDownloadPCAP: true
          canUseScripting: true
          canUpdateTargetedPods: true
+          canStopTrafficCapturing: true
          showAdminConsoleLink: true
  ingress:
    enabled: false
@@ -94,10 +95,10 @@ tap:
  telemetry:
    enabled: true
  defaultFilter: ""
-  replayDisabled: false
  scriptingDisabled: false
  targetedPodsUpdateDisabled: false
  recordingDisabled: false
+  stopTrafficCapturingDisabled: false
  capabilities:
    networkCapture:
    - NET_RAW
@@ -125,6 +126,7 @@ tap:
    tcpStreamChannelTimeoutShow: false
    resolutionStrategy: auto
    profile: false
+    duplicateTimeframe: 200ms
 logs:
  file: ""
  grep: ""
@@ -135,6 +137,7 @@ dumpLogs: false
 headless: false
 license: ""
 cloudLicenseEnabled: true
+supportChatEnabled: false
 scripting:
  env: {}
  source: ""
--- a/manifests/complete.yaml
+++ b/manifests/complete.yaml
@@ -3,6 +3,13 @@
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
+  labels:
+    helm.sh/chart: kubeshark-52.3.69
+    app.kubernetes.io/name: kubeshark
+    app.kubernetes.io/instance: kubeshark
+    app.kubernetes.io/version: "52.3.69"
+    app.kubernetes.io/managed-by: Helm
+  annotations:
  name: kubeshark-hub-network-policy
  namespace: default
 spec:
@@ -23,6 +30,13 @@ spec:
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
+  labels:
+    helm.sh/chart: kubeshark-52.3.69
+    app.kubernetes.io/name: kubeshark
+    app.kubernetes.io/instance: kubeshark
+    app.kubernetes.io/version: "52.3.69"
+    app.kubernetes.io/managed-by: Helm
+  annotations:
  name: kubeshark-front-network-policy
  namespace: default
 spec:
@@ -43,6 +57,13 @@ spec:
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
+  labels:
+    helm.sh/chart: kubeshark-52.3.69
+    app.kubernetes.io/name: kubeshark
+    app.kubernetes.io/instance: kubeshark
+    app.kubernetes.io/version: "52.3.69"
+    app.kubernetes.io/managed-by: Helm
+  annotations:
  name: kubeshark-worker-network-policy
  namespace: default
 spec:
@@ -66,10 +87,10 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.3.68
+    helm.sh/chart: kubeshark-52.3.69
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.3.68"
+    app.kubernetes.io/version: "52.3.69"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-service-account
@@ -83,10 +104,10 @@ metadata:
  namespace: default
  labels:
    app.kubeshark.co/app: hub
-    helm.sh/chart: kubeshark-52.3.68
+    helm.sh/chart: kubeshark-52.3.69
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.3.68"
+    app.kubernetes.io/version: "52.3.69"
    app.kubernetes.io/managed-by: Helm
 stringData:
    LICENSE: ''
@@ -100,10 +121,10 @@ metadata:
  namespace: default
  labels:
    app.kubeshark.co/app: hub
-    helm.sh/chart: kubeshark-52.3.68
+    helm.sh/chart: kubeshark-52.3.69
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.3.68"
+    app.kubernetes.io/version: "52.3.69"
    app.kubernetes.io/managed-by: Helm
 stringData:
  AUTH_SAML_X509_CRT: |
@@ -116,10 +137,10 @@ metadata:
  namespace: default
  labels:
    app.kubeshark.co/app: hub
-    helm.sh/chart: kubeshark-52.3.68
+    helm.sh/chart: kubeshark-52.3.69
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.3.68"
+    app.kubernetes.io/version: "52.3.69"
    app.kubernetes.io/managed-by: Helm
 stringData:
  AUTH_SAML_X509_KEY: |
@@ -131,10 +152,10 @@ metadata:
  name: kubeshark-nginx-config-map
  namespace: default
  labels:
-    helm.sh/chart: kubeshark-52.3.68
+    helm.sh/chart: kubeshark-52.3.69
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.3.68"
+    app.kubernetes.io/version: "52.3.69"
    app.kubernetes.io/managed-by: Helm
 data:
  default.conf: |
@@ -195,15 +216,16 @@ metadata:
  namespace: default
  labels:
    app.kubeshark.co/app: hub
-    helm.sh/chart: kubeshark-52.3.68
+    helm.sh/chart: kubeshark-52.3.69
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.3.68"
+    app.kubernetes.io/version: "52.3.69"
    app.kubernetes.io/managed-by: Helm
 data:
    POD_REGEX: '.*'
    NAMESPACES: ''
    BPF_OVERRIDE: ''
+    STOPPED: 'false'
    SCRIPTING_SCRIPTS: '{}'
    INGRESS_ENABLED: 'false'
    INGRESS_HOST: 'ks.svc.cluster.local'
@@ -212,9 +234,8 @@ data:
    AUTH_TYPE: 'oidc'
    AUTH_SAML_IDP_METADATA_URL: ''
    AUTH_SAML_ROLE_ATTRIBUTE: 'role'
-    AUTH_SAML_ROLES: '{"admin":{"canDownloadPCAP":true,"canReplayTraffic":true,"canUpdateTargetedPods":true,"canUseScripting":true,"filter":"","showAdminConsoleLink":true}}'
+    AUTH_SAML_ROLES: '{"admin":{"canDownloadPCAP":true,"canUpdateTargetedPods":true,"canUseScripting":true,"filter":"","showAdminConsoleLink":true}}'
    TELEMETRY_DISABLED: ''
-    REPLAY_DISABLED: ''
    SCRIPTING_DISABLED: ''
    TARGETED_PODS_UPDATE_DISABLED: ''
    RECORDING_DISABLED: ''
@@ -225,16 +246,17 @@ data:
    PCAP_ERROR_TTL: '60s'
    TIMEZONE: ' '
    CLOUD_LICENSE_ENABLED: 'true'
+    DUPLICATE_TIMEFRAME: '200ms'
 ---
 # Source: kubeshark/templates/02-cluster-role.yaml
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.3.68
+    helm.sh/chart: kubeshark-52.3.69
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.3.68"
+    app.kubernetes.io/version: "52.3.69"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-cluster-role-default
@@ -268,10 +290,10 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.3.68
+    helm.sh/chart: kubeshark-52.3.69
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.3.68"
+    app.kubernetes.io/version: "52.3.69"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-cluster-role-binding-default
@@ -290,10 +312,10 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.3.68
+    helm.sh/chart: kubeshark-52.3.69
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.3.68"
+    app.kubernetes.io/version: "52.3.69"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-self-config-role
@@ -319,10 +341,10 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.3.68
+    helm.sh/chart: kubeshark-52.3.69
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.3.68"
+    app.kubernetes.io/version: "52.3.69"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-self-config-role-binding
@@ -342,10 +364,10 @@ kind: Service
 metadata:
  labels:
    app.kubeshark.co/app: hub
-    helm.sh/chart: kubeshark-52.3.68
+    helm.sh/chart: kubeshark-52.3.69
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.3.68"
+    app.kubernetes.io/version: "52.3.69"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-hub
@@ -364,10 +386,10 @@ apiVersion: v1
 kind: Service
 metadata:
  labels:
-    helm.sh/chart: kubeshark-52.3.68
+    helm.sh/chart: kubeshark-52.3.69
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.3.68"
+    app.kubernetes.io/version: "52.3.69"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-front
@@ -385,6 +407,13 @@ spec:
 kind: Service
 apiVersion: v1
 metadata:
+  labels:
+    helm.sh/chart: kubeshark-52.3.69
+    app.kubernetes.io/name: kubeshark
+    app.kubernetes.io/instance: kubeshark
+    app.kubernetes.io/version: "52.3.69"
+    app.kubernetes.io/managed-by: Helm
+  annotations:
  name: kubeshark-worker-metrics
  namespace: default
  annotations:
@@ -393,10 +422,10 @@ metadata:
 spec:
  selector:
    app.kubeshark.co/app: worker
-    helm.sh/chart: kubeshark-52.3.68
+    helm.sh/chart: kubeshark-52.3.69
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.3.68"
+    app.kubernetes.io/version: "52.3.69"
    app.kubernetes.io/managed-by: Helm
  ports:
  - name: metrics
@@ -411,10 +440,10 @@ metadata:
  labels:
    app.kubeshark.co/app: worker
    sidecar.istio.io/inject: "false"
-    helm.sh/chart: kubeshark-52.3.68
+    helm.sh/chart: kubeshark-52.3.69
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.3.68"
+    app.kubernetes.io/version: "52.3.69"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-worker-daemon-set
@@ -429,10 +458,10 @@ spec:
    metadata:
      labels:
        app.kubeshark.co/app: worker
-        helm.sh/chart: kubeshark-52.3.68
+        helm.sh/chart: kubeshark-52.3.69
        app.kubernetes.io/name: kubeshark
        app.kubernetes.io/instance: kubeshark
-        app.kubernetes.io/version: "52.3.68"
+        app.kubernetes.io/version: "52.3.69"
        app.kubernetes.io/managed-by: Helm
      name: kubeshark-worker-daemon-set
      namespace: kubeshark
@@ -455,7 +484,7 @@ spec:
            - -disable-ebpf
            - -resolution-strategy
            - 'auto'
-          image: 'docker.io/kubeshark/worker:v52.3.68'
+          image: 'docker.io/kubeshark/worker:v52.3.69'
          imagePullPolicy: Always
          name: sniffer
          ports:
@@ -524,7 +553,7 @@ spec:
            - -procfs
            - /hostproc
            - -disable-ebpf
-          image: 'docker.io/kubeshark/worker:v52.3.68'
+          image: 'docker.io/kubeshark/worker:v52.3.69'
          imagePullPolicy: Always
          name: tracer
          env:
@@ -607,10 +636,10 @@ kind: Deployment
 metadata:
  labels:
    app.kubeshark.co/app: hub
-    helm.sh/chart: kubeshark-52.3.68
+    helm.sh/chart: kubeshark-52.3.69
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.3.68"
+    app.kubernetes.io/version: "52.3.69"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-hub
@@ -626,10 +655,10 @@ spec:
    metadata:
      labels:
        app.kubeshark.co/app: hub
-        helm.sh/chart: kubeshark-52.3.68
+        helm.sh/chart: kubeshark-52.3.69
        app.kubernetes.io/name: kubeshark
        app.kubernetes.io/instance: kubeshark
-        app.kubernetes.io/version: "52.3.68"
+        app.kubernetes.io/version: "52.3.69"
        app.kubernetes.io/managed-by: Helm
    spec:
      dnsPolicy: ClusterFirstWithHostNet
@@ -651,7 +680,7 @@ spec:
                fieldPath: metadata.namespace
          - name: KUBESHARK_CLOUD_API_URL
            value: 'https://api.kubeshark.co'
-          image: 'docker.io/kubeshark/hub:v52.3.68'
+          image: 'docker.io/kubeshark/hub:v52.3.69'
          imagePullPolicy: Always
          readinessProbe:
            periodSeconds: 1
@@ -699,10 +728,10 @@ kind: Deployment
 metadata:
  labels:
    app.kubeshark.co/app: front
-    helm.sh/chart: kubeshark-52.3.68
+    helm.sh/chart: kubeshark-52.3.69
    app.kubernetes.io/name: kubeshark
    app.kubernetes.io/instance: kubeshark
-    app.kubernetes.io/version: "52.3.68"
+    app.kubernetes.io/version: "52.3.69"
    app.kubernetes.io/managed-by: Helm
  annotations:
  name: kubeshark-front
@@ -718,10 +747,10 @@ spec:
    metadata:
      labels:
        app.kubeshark.co/app: front
-        helm.sh/chart: kubeshark-52.3.68
+        helm.sh/chart: kubeshark-52.3.69
        app.kubernetes.io/name: kubeshark
        app.kubernetes.io/instance: kubeshark
-        app.kubernetes.io/version: "52.3.68"
+        app.kubernetes.io/version: "52.3.69"
        app.kubernetes.io/managed-by: Helm
    spec:
      containers:
@@ -736,8 +765,6 @@ spec:
              value: ' '
            - name: REACT_APP_TIMEZONE
              value: ' '
-            - name: REACT_APP_REPLAY_DISABLED
-              value: 'false'
            - name: REACT_APP_SCRIPTING_DISABLED
              value: 'false'
            - name: REACT_APP_TARGETED_PODS_UPDATE_DISABLED
@@ -748,7 +775,7 @@ spec:
              value: 'false'
            - name: 'REACT_APP_CLOUD_LICENSE_ENABLED'
              value: 'true'
-          image: 'docker.io/kubeshark/front:v52.3.68'
+          image: 'docker.io/kubeshark/front:v52.3.69'
          imagePullPolicy: Always
          name: kubeshark-front
          livenessProbe:
Author	SHA1	Message	Date
Serhii Ponomarenko	be86ea8ecb	🔨 Support chat flag (#1573 ) * 🔨 Add `supportChatEnabled` helm value * 🔨 Add `REACT_APP_SUPPORT_CHAT_ENABLED` env to `front`	2024-07-25 13:09:44 -07:00
Ilya Gavrilov	6ea1073fe9	Remove obsolete dumptracer worker option (#1569 )	2024-07-22 08:29:53 -07:00
M. Mert Yildiran	48bf3f25c5	Remove `pro` command (#1566 ) Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>	2024-07-19 17:19:01 +03:00
Serhii Ponomarenko	28ae2a645b	🔨 Add `tap.stopTrafficCapturingDisabled` flag (#1568 ) * 🔨 Add `tap.stopTrafficCapturingDisabled` helm value * 🔨 Add `STOP_TRAFFIC_CAPTURING_DISABLED` config * 🔨 Add `REACT_APP_STOP_TRAFFIC_CAPTURING_DISABLED` `env` to `front` * 🩹 Add ternary operator for `STOPPED` config * 🐛 Always enable stop-capturing functionality if `tap.stopped == true`	2024-07-18 13:37:21 -07:00
Serhii Ponomarenko	b7530a3c6b	Revert "🔨 Add `REACT_APP_STOPPED` env to `front` (#1564 )" (#1567 ) This reverts commit `50d29f1e93`.	2024-07-18 13:11:52 -07:00
Serhii Ponomarenko	7168b5c515	🔨 Add `canStopTrafficCapturing` SAML authz action (#1565 ) Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>	2024-07-18 08:18:03 -07:00
Serhii Ponomarenko	50d29f1e93	🔨 Add `REACT_APP_STOPPED` env to `front` (#1564 )	2024-07-17 17:28:31 -07:00
M. Mert Yildiran	01656b6c78	Add `DUPLICATE_TIMEFRAME` field to `ConfigMap` (#1561 ) Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>	2024-07-16 22:01:26 -07:00
M. Mert Yildiran	a16f818bdf	Log `front` and `hub` pods ready (#1562 ) Co-authored-by: Alon Girmonsky <1990761+alongir@users.noreply.github.com>	2024-07-16 21:07:08 -07:00
M. Mert Yildiran	c88b3b0ba7	Remove "Replay" function functionality (#1563 )	2024-07-16 13:13:08 -07:00
M. Mert Yildiran	e7778fe537	Add `tap.stopped` to `values.yaml` and `STOPPED` to `ConfigMap` (#1557 )	2024-07-16 09:03:00 -07:00
M. Mert Yildiran	126f8b48d5	🔖 Bump the Helm chart version to 52.3.69	2024-07-09 16:12:06 +03:00
Alon Girmonsky	b9296d7849	switched back to api.kubeshark.co as the cloud API server	2024-07-04 15:42:36 +03:00
M. Mert Yildiran	cddccd58fa	Add the missing labels	2024-07-03 17:00:10 +03:00
Alon Girmonsky	3965916837	changed api.kubeshark.co to master.admin.kubeshark.co (#1553 )	2024-06-20 16:17:26 -07:00