imp: deprecate .Value..datadog.systemProbe.enableDefaultOsReleasePath…

…s in favor of .Values.datadog.disableDefaultOsReleasePaths
DataDog · Oct 22, 2024 · f900ccb · f900ccb
1 parent 90d89b3
commit f900ccb
Show file tree

Hide file tree

Showing 6 changed files with 13 additions and 10 deletions.
diff --git a/charts/datadog/CHANGELOG.md b/charts/datadog/CHANGELOG.md
@@ -2,7 +2,9 @@
 
 ## 3.75.1
 
-* Add  configuration values `datadog.processAgent.disableOsReleaseFileMount` and `datadog.disablePasswdMount` to disable `/etc/passwd` and `datadog.osReleasePath` mounts when underlying OS doesn't have these files (like talos.dev)
+* Add configuration values `datadog.disableDefaultOsReleasePaths` and `datadog.disablePasswdMount` to disable `/etc/passwd` and `datadog.osReleasePath` mounts when underlying OS doesn't have these files (like talos.dev).
+
+* Deprecate `datadog.systemProbe.enableDefaultOsReleasePaths` in favor of `datadog.disableDefaultOsReleasePaths`.
 
 ## 3.75.0
 

diff --git a/charts/datadog/README.md b/charts/datadog/README.md
@@ -792,7 +792,7 @@ helm install <RELEASE_NAME> \
 | datadog.processAgent.processDiscovery | bool | `true` | Enables or disables autodiscovery of integrations |
 | datadog.processAgent.runInCoreAgent | bool | `false` | Set this to true to run the following features in the core agent: Live Processes, Live Containers, Process Discovery. # This is an experimental feature requiring Agent 7.53.0+ and Linux. Currently not compatible with APM Single Step Instrumentation. |
 | datadog.processAgent.stripProcessArguments | bool | `false` | Set this to scrub all arguments from collected processes # Requires datadog.processAgent.processCollection to be set to true to have any effect # ref: https://docs.datadoghq.com/infrastructure/process/?tab=linuxwindows#process-arguments-scrubbing |
-| datadog.processAgent.disableOsReleaseFileMount | bool | `false` | Disables mounting `datadog.osReleasePath` |
+| datadog.disableDefaultOsReleasePaths | bool | `false` | Disables mounting `datadog.osReleasePath` |
 | datadog.disablePasswdMount | bool | `false` | Disables mounting `/etc/passwd` |
 | datadog.profiling.enabled | string | `nil` | Enable Continuous Profiler by injecting `DD_PROFILING_ENABLED` environment variable with the same value to all pods in the cluster Valid values are: - false: Profiler is turned off and can not be turned on by other means. - null: Profiler is turned off, but can be turned on by other means. - auto: Profiler is turned off, but the library will turn it on if the application is a good candidate for profiling. - true: Profiler is turned on. |
 | datadog.prometheusScrape.additionalConfigs | list | `[]` | Allows adding advanced openmetrics check configurations with custom discovery rules. (Requires Agent version 7.27+) |
@@ -840,7 +840,7 @@ helm install <RELEASE_NAME> \
 | datadog.systemProbe.debugPort | int | `0` | Specify the port to expose pprof and expvar for system-probe agent |
 | datadog.systemProbe.enableConntrack | bool | `true` | Enable the system-probe agent to connect to the netlink/conntrack subsystem to add NAT information to connection data |
 | datadog.systemProbe.enableDefaultKernelHeadersPaths | bool | `true` | Enable mount of default paths where kernel headers are stored |
-| datadog.systemProbe.enableDefaultOsReleasePaths | bool | `true` | enable default os-release files mount |
+| datadog.systemProbe.enableDefaultOsReleasePaths | bool | `true` | enable default os-release files mount DEPRECATED. Set `datadog.enableDefaultOsReleasePaths` instead. |
 | datadog.systemProbe.enableOOMKill | bool | `false` | Enable the OOM kill eBPF-based check |
 | datadog.systemProbe.enableTCPQueueLength | bool | `false` | Enable the TCP queue length eBPF-based check |
 | datadog.systemProbe.maxTrackedConnections | int | `131072` | the maximum number of tracked connections |

diff --git a/charts/datadog/templates/_container-host-release-volumemounts.yaml b/charts/datadog/templates/_container-host-release-volumemounts.yaml
@@ -1,5 +1,5 @@
 {{- define "linux-container-host-release-volumemounts" -}}
-{{- if (not .Values.datadog.processAgent.disableOsReleaseFileMount) }}
+{{- if (not .Values.datadog.disableDefaultOsReleasePaths) }}
 {{- if eq (include "should-enable-system-probe" .) "true" }}
 - name: os-release-file
   mountPath: /host{{ .Values.datadog.systemProbe.osReleasePath | default .Values.datadog.osReleasePath }}

diff --git a/charts/datadog/templates/_container-system-probe.yaml b/charts/datadog/templates/_container-system-probe.yaml
@@ -65,7 +65,7 @@
       mountPropagation: {{ .Values.datadog.hostVolumeMountPropagation }}
       readOnly: true
     {{- include "linux-container-host-release-volumemounts" . | nindent 4 }}
-  {{- if .Values.datadog.systemProbe.enableDefaultOsReleasePaths }}
+    {{- if or .Values.datadog.systemProbe.enableDefaultOsReleasePaths (not .Values.datadog.disableDefaultOsReleasePaths) }}
     {{- if ne .Values.datadog.osReleasePath "/etc/redhat-release" }}
     - name: etc-redhat-release
       mountPath: /host/etc/redhat-release

diff --git a/charts/datadog/templates/_daemonset-volumes-linux.yaml b/charts/datadog/templates/_daemonset-volumes-linux.yaml
@@ -9,12 +9,12 @@
 - hostPath:
     path: /sys/fs/cgroup
   name: cgroups
-{{- if and (not .Values.providers.gke.autopilot) (not .Values.datadog.processAgent.disableOsReleaseFileMount) (or .Values.datadog.systemProbe.osReleasePath .Values.datadog.osReleasePath .Values.datadog.sbom.host.enabled) }}
+{{- if and (not .Values.providers.gke.autopilot) (not .Values.datadog.disableDefaultOsReleasePaths) (or .Values.datadog.systemProbe.osReleasePath .Values.datadog.osReleasePath .Values.datadog.sbom.host.enabled) }}
 - hostPath:
     path: {{ .Values.datadog.systemProbe.osReleasePath | default .Values.datadog.osReleasePath }}
   name: os-release-file
 {{- end }}
-{{- if or (and (eq (include "should-enable-system-probe" .) "true") .Values.datadog.systemProbe.enableDefaultOsReleasePaths) .Values.datadog.sbom.host.enabled }}
+{{- if or (and (eq (include "should-enable-system-probe" .) "true") (or .Values.datadog.systemProbe.enableDefaultOsReleasePaths (not .Values.datadog.disableDefaultOsReleasePaths))) .Values.datadog.sbom.host.enabled }}
 - hostPath:
     path: /etc/redhat-release
   name: etc-redhat-release

diff --git a/charts/datadog/values.yaml b/charts/datadog/values.yaml
@@ -691,10 +691,10 @@ datadog:
      ## ref: https://docs.datadoghq.com/infrastructure/containers/?tab=helm
     containerCollection: true
 
-    # datadog.processAgent.disableOsReleaseFileMount -- Set this to true to disable mounting datadog.osReleasePath in processAgent container
-    disableOsReleaseFileMount: false
+  # datadog.disableDefaultOsReleasePaths -- Set this to true to disable mounting datadog.osReleasePath in all containers
+  disableDefaultOsReleasePaths: false
 
-  # datadog.disablePasswdMount -- Set this to true to disable mounting /etc/passwd in processAgent container
+  # datadog.disablePasswdMount -- Set this to true to disable mounting /etc/passwd in all containers
   disablePasswdMount: false
 
   # datadog.osReleasePath -- Specify the path to your os-release file
@@ -758,6 +758,7 @@ datadog:
     # datadog.systemProbe.conntrackInitTimeout -- the time to wait for conntrack to initialize before failing
     conntrackInitTimeout: 10s
 
+    # DEPRECATED. Use datadog.disableDefaultOsReleasePaths instead.
     # datadog.systemProbe.enableDefaultOsReleasePaths -- enable default os-release files mount
     enableDefaultOsReleasePaths: true