Added chart versions:

  stackstate/stackstate-k8s-agent:
    - 1.0.96

charts/stackstate/stackstate-k8s-agent/1.0.96/.helmignore

@@ -0,0 +1,26 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
+linter_values.yaml
+ci/
+installation/
+logo.svg

charts/stackstate/stackstate-k8s-agent/1.0.96/Chart.lock

@@ -0,0 +1,6 @@
+dependencies:
+- name: http-header-injector
+  repository: https://helm.stackstate.io
+  version: 0.0.11
+digest: sha256:ae5ad7c3176f89b71aabef7cd75f99394750f4fffb9905b86fb45c345595c24c
+generated: "2024-05-30T13:30:45.346757+02:00"

charts/stackstate/stackstate-k8s-agent/1.0.96/Chart.yaml

@@ -0,0 +1,25 @@
+annotations:
+  catalog.cattle.io/certified: partner
+  catalog.cattle.io/display-name: StackState Agent
+  catalog.cattle.io/kube-version: '>=1.19.0-0'
+  catalog.cattle.io/release-name: stackstate-k8s-agent
+apiVersion: v2
+appVersion: 3.0.0
+dependencies:
+- alias: httpHeaderInjectorWebhook
+  name: http-header-injector
+  repository: file://./charts/http-header-injector
+  version: 0.0.11
+description: Helm chart for the StackState Agent.
+home: https://github.com/StackVista/stackstate-agent
+icon: file://assets/icons/stackstate-k8s-agent.svg
+keywords:
+- monitoring
+- observability
+- stackstate
+kubeVersion: '>=1.19.0-0'
+maintainers:
+- email: [email protected]
+  name: Stackstate
+name: stackstate-k8s-agent
+version: 1.0.96

charts/stackstate/stackstate-k8s-agent/1.0.96/README.md.gotmpl

@@ -0,0 +1,45 @@
+{{ template "chart.header" . }}
+{{ template "chart.description" . }}
+
+Current chart version is `{{ template "chart.version" . }}`
+
+{{ template "chart.homepageLine" . }}
+
+{{ template "chart.requirementsSection" . }}
+
+## Required Values
+
+In order to successfully install this chart, you **must** provide the following variables:
+
+* `stackstate.apiKey`
+* `stackstate.cluster.name`
+* `stackstate.url`
+
+The parameter `stackstate.cluster.name` is entered when installing the Cluster Agent StackPack.
+
+Install them on the command line on Helm with the following command:
+
+```shell
+helm install \
+--set-string 'stackstate.apiKey'='<your-api-key>' \
+--set-string 'stackstate.cluster.name'='<your-cluster-name>' \
+--set-string 'stackstate.url'='<your-stackstate-url>' \
+stackstate/stackstate-k8s-agent
+```
+
+## Recommended Values
+
+It is also recommended that you set a value for `stackstate.cluster.authToken`. If it is not provided, a value will be generated for you, but the value will change each time an upgrade is performed.
+
+The command for **also** installing with a set token would be:
+
+```shell
+helm install \
+--set-string 'stackstate.apiKey'='<your-api-key>' \
+--set-string 'stackstate.cluster.name'='<your-cluster-name>' \
+--set-string 'stackstate.cluster.authToken'='<your-cluster-token>' \
+--set-string 'stackstate.url'='<your-stackstate-url>' \
+stackstate/stackstate-k8s-agent
+```
+
+{{ template "chart.valuesSection" . }}

charts/stackstate/stackstate-k8s-agent/1.0.96/Releasing.md

@@ -0,0 +1,15 @@
+To make a new release of this helm chart, follow the following steps:
+
+
+- Create a branch from master
+- Set the latest tags for the docker images, based on the dev settings (while we do not promote to prod, the moment we promote to prod we should take those tags) from https://gitlab.com/stackvista/devops/agent-promoter/-/blob/master/config.yml. Set the value to the folowing keys:
+  * stackstate-k8s-cluster-agent:
+    * [clusterAgent.image.tag]
+  * stackstate-k8s-agent:
+    * [nodeAgent.containers.agent.image.tag]
+    * [checksAgent.image.tag]
+  * stackstate-k8s-process-agent:
+    * [nodeAgent.containers.processAgent.image.tag]
+- Bump the version of the chart
+- Merge the mr and hit the public release button on the ci pipeline
+- Manually smoke-test (deploy) the newly released stackstate/stackstate-k8s-agent chart to make sure it runs

charts/stackstate/stackstate-k8s-agent/1.0.96/app-readme.md

@@ -0,0 +1,5 @@
+## Introduction
+
+StackState is a modern Application Troubleshooting and Observability solution designed for the rapid evolving engineering landscape. With specific enhancements for Kubernetes environments it empowers engineers, allowing them to remediate application issues independently in production.
+
+The StackState Agent auto-discovers your entire environment in minutes, assimilating topology, logs, metrics, and events and sends this of to the StackState server. By using StackState you're able to tracke all activity in your environment in real-time and over time. StackState provides instant understanding of the business impact of an issue, offering end-to-end chain observability and ensuring that you can quickly correlate any product or environmental changes to the overall health of your cloud-native implementation.

charts/stackstate/stackstate-k8s-agent/1.0.96/charts/http-header-injector/.helmignore

@@ -0,0 +1,25 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
+linter_values.yaml
+ci/
+installation/

charts/stackstate/stackstate-k8s-agent/1.0.96/charts/http-header-injector/Chart.yaml

@@ -0,0 +1,15 @@
+apiVersion: v2
+appVersion: 0.0.1
+description: 'Helm chart for deploying the http-header-injector sidecar, which automatically
+  injects x-request-id into http traffic going through the cluster for pods which
+  have the annotation `http-header-injector.stackstate.io/inject: enabled` is set. '
+home: https://github.com/StackVista/http-header-injector
+icon: https://www.stackstate.com/wp-content/uploads/2019/02/152x152-favicon.png
+keywords:
+- monitoring
+- stackstate
+maintainers:
+- email: [email protected]
+  name: Stackstate Lupulus Team
+name: http-header-injector
+version: 0.0.11

charts/stackstate/stackstate-k8s-agent/1.0.96/charts/http-header-injector/README.md

@@ -0,0 +1,56 @@
+# http-header-injector
+
+![Version: 0.0.11](https://img.shields.io/badge/Version-0.0.11-informational?style=flat-square) ![AppVersion: 0.0.1](https://img.shields.io/badge/AppVersion-0.0.1-informational?style=flat-square)
+
+Helm chart for deploying the http-header-injector sidecar, which automatically injects x-request-id into http traffic
+going through the cluster for pods which have the annotation `http-header-injector.stackstate.io/inject: enabled` is set.
+
+**Homepage:** <https://github.com/StackVista/http-header-injector>
+
+## Maintainers
+
+| Name | Email | Url |
+| ---- | ------ | --- |
+| Stackstate Lupulus Team | <[email protected]> |  |
+
+## Values
+
+| Key | Type | Default | Description |
+|-----|------|---------|-------------|
+| certificatePrehook | object | `{"image":{"pullPolicy":"IfNotPresent","registry":null,"repository":"stackstate/container-tools","tag":"1.4.0"},"resources":{"limits":{"cpu":"100m","memory":"200Mi"},"requests":{"cpu":"100m","memory":"200Mi"}}}` | Helm prehook to setup/remove a certificate for the sidecarInjector mutationwebhook |
+| certificatePrehook.image.pullPolicy | string | `"IfNotPresent"` | Policy when pulling an image |
+| certificatePrehook.image.registry | string | `nil` | Registry for the docker image. |
+| certificatePrehook.image.tag | string | `"1.4.0"` | The tag for the docker image |
+| debug | bool | `false` | Enable debugging. This will leave leave artifacts around like the prehook jobs for further inspection |
+| enabled | bool | `true` | Enable/disable the mutationwebhook |
+| global.extraAnnotations | object | `{}` | Extra annotations added ta all resources created by the helm chart |
+| global.extraLabels | object | `{}` | Extra labels added ta all resources created by the helm chart |
+| global.imagePullCredentials | object | `{}` | Globally define credentials for pulling images. |
+| global.imagePullSecrets | list | `[]` | Globally add image pull secrets that are used. |
+| global.imageRegistry | string | `nil` | Globally override the image registry that is used. Can be overridden by specific containers. Defaults to quay.io |
+| images.pullSecretName | string | `nil` |  |
+| proxy | object | `{"image":{"pullPolicy":"IfNotPresent","registry":null,"repository":"stackstate/http-header-injector-proxy","tag":"sha-5ff79451"},"resources":{"limits":{"memory":"40Mi"},"requests":{"memory":"25Mi"}}}` | Proxy being injected into pods for rewriting http headers |
+| proxy.image.pullPolicy | string | `"IfNotPresent"` | Policy when pulling an image |
+| proxy.image.registry | string | `nil` | Registry for the docker image. |
+| proxy.image.tag | string | `"sha-5ff79451"` | The tag for the docker image |
+| proxy.resources.limits.memory | string | `"40Mi"` | Memory resource limits. |
+| proxy.resources.requests.memory | string | `"25Mi"` | Memory resource requests. |
+| proxyInit | object | `{"image":{"pullPolicy":"IfNotPresent","registry":null,"repository":"stackstate/http-header-injector-proxy-init","tag":"sha-5ff79451"}}` | InitContainer within pod which redirects traffic to the proxy container. |
+| proxyInit.image.pullPolicy | string | `"IfNotPresent"` | Policy when pulling an image |
+| proxyInit.image.registry | string | `nil` | Registry for the docker image |
+| proxyInit.image.tag | string | `"sha-5ff79451"` | The tag for the docker image |
+| sidecarInjector | object | `{"image":{"pullPolicy":"IfNotPresent","registry":null,"repository":"stackstate/generic-sidecar-injector","tag":"sha-9c852245"}}` | Service for injecting the proxy sidecar into pods |
+| sidecarInjector.image.pullPolicy | string | `"IfNotPresent"` | Policy when pulling an image |
+| sidecarInjector.image.registry | string | `nil` | Registry for the docker image. |
+| sidecarInjector.image.tag | string | `"sha-9c852245"` | The tag for the docker image |
+| webhook | object | `{"failurePolicy":"Ignore","tls":{"certManager":{"issuer":"","issuerKind":"ClusterIssuer","issuerNamespace":""},"mode":"generated","provided":{"caBundle":"","crt":"","key":""},"secret":{"name":""}}}` | MutationWebhook that will be installed to inject a sidecar into pods |
+| webhook.failurePolicy | string | `"Ignore"` | How should the webhook fail? Best is to use Ignore, because there is a brief moment at initialization when the hook s there but the service not. Also, putting this to fail can cause the control plane be unresponsive. |
+| webhook.tls.certManager.issuer | string | `""` | The issuer that is used for the webhook. Only used if you set webhook.tls.mode to "cert-manager". |
+| webhook.tls.certManager.issuerKind | string | `"ClusterIssuer"` | The issuer kind that is used for the webhook, valid values are "Issuer" or "ClusterIssuer". Only used if you set webhook.tls.mode to "cert-manager". |
+| webhook.tls.certManager.issuerNamespace | string | `""` | The namespace the cert-manager issuer is located in. If left empty defaults to the release's namespace that is used for the webhook. Only used if you set webhook.tls.mode to "cert-manager". |
+| webhook.tls.mode | string | `"generated"` | The mode for the webhook. Can be "provided", "generated", "secret" or "cert-manager". If you want to use cert-manager, you need to install it first. NOTE: If you choose "generated", additional privileges are required to create the certificate and webhook at runtime. |
+| webhook.tls.provided.caBundle | string | `""` | The caBundle that is used for the webhook. This is the certificate that is used to sign the webhook. Only used if you set webhook.tls.mode to "provided". |
+| webhook.tls.provided.crt | string | `""` | The certificate that is used for the webhook. Only used if you set webhook.tls.mode to "provided". |
+| webhook.tls.provided.key | string | `""` | The key that is used for the webhook. Only used if you set webhook.tls.mode to "provided". |
+| webhook.tls.secret.name | string | `""` | The name of the secret containing the pre-provisioned certificate data that is used for the webhook. Only used if you set webhook.tls.mode to "secret". |
+

charts/stackstate/stackstate-k8s-agent/1.0.96/charts/http-header-injector/Readme.md.gotpl

@@ -0,0 +1,26 @@
+{{ template "chart.header" . }}
+{{ template "chart.description" . }}
+
+Current chart version is `{{ template "chart.version" . }}`
+
+{{ template "chart.homepageLine" . }}
+
+{{ template "chart.requirementsSection" . }}
+
+## Required Values
+
+No values have to be included to install this chart. After installing this chart, it becomes possible to annotate pods with
+the `http-header-injector.stackstate.io/inject: enabled` annotation to make sure the sidecar provided by this chart is
+activated on a pod.
+
+## Recommended Values
+
+{{ template "chart.valuesSection" . -}}
+
+## Install
+
+Install from the command line on Helm with the following command:
+
+```shell
+helm install stackstate/http-header-injector
+```

charts/stackstate/stackstate-k8s-agent/1.0.96/charts/http-header-injector/templates/_defines.tpl

@@ -0,0 +1,131 @@
+{{- define "http-header-injector.app.name" -}}
+{{ .Release.Name }}-http-header-injector
+{{- end -}}
+
+{{- define "http-header-injector.webhook-service.name" -}}
+{{ .Release.Name }}-http-header-injector
+{{- end -}}
+
+{{- define "http-header-injector.webhook-service.fqname" -}}
+{{ .Release.Name }}-http-header-injector.{{ .Release.Namespace }}.svc
+{{- end -}}
+
+{{- define "http-header-injector.cert-secret.name" -}}
+{{- if eq .Values.webhook.tls.mode "secret" -}}
+{{ .Values.webhook.tls.secret.name }}
+{{- else -}}
+{{ .Release.Name }}-http-injector-cert
+{{- end -}}
+{{- end -}}
+
+{{- define "http-header-injector.cert-clusterrole.name" -}}
+{{ .Release.Name }}-http-injector-cert-cluster-role
+{{- end -}}
+
+{{- define "http-header-injector.cert-serviceaccount.name" -}}
+{{ .Release.Name }}-http-injector-cert-sa
+{{- end -}}
+
+{{- define "http-header-injector.cert-config.name" -}}
+{{ .Release.Name }}-cert-config
+{{- end -}}
+
+{{- define "http-header-injector.mutatingwebhookconfiguration.name" -}}
+{{ .Release.Name }}-http-header-injector-webhook.stackstate.io
+{{- end -}}
+
+{{- define "http-header-injector.webhook-config.name" -}}
+{{ .Release.Name }}-http-header-injector-config
+{{- end -}}
+
+{{- define "http-header-injector.mutating-webhook.name" -}}
+{{ .Release.Name }}-http-header-injector-webhook
+{{- end -}}
+
+{{- define "http-header-injector.pull-secret.name" -}}
+{{ include "http-header-injector.app.name" . }}-pull-secret
+{{- end -}}
+
+{{/* If the issuer is located in a different namespace, it is possible to set that, else default to the release namespace */}}
+{{- define "cert-manager.certificate.namespace" -}}
+{{ .Values.webhook.tls.certManager.issuerNamespace | default .Release.Namespace }}
+{{- end -}}
+
+{{- define "http-header-injector.image.registry.global" -}}
+  {{- if .Values.global }}
+    {{- .Values.global.imageRegistry | default "quay.io" -}}
+  {{- else -}}
+    quay.io
+  {{- end -}}
+{{- end -}}
+
+{{- define "http-header-injector.image.registry" -}}
+  {{- if ((.ContainerConfig).image).registry -}}
+    {{- tpl .ContainerConfig.image.registry . -}}
+  {{- else -}}
+    {{- include "http-header-injector.image.registry.global" . }}
+  {{- end -}}
+{{- end -}}
+
+{{- define "http-header-injector.image.pullSecrets" -}}
+  {{- $pullSecrets := list }}
+  {{- $pullSecrets = append $pullSecrets (include "http-header-injector.pull-secret.name" .) }}
+  {{- range .Values.global.imagePullSecrets -}}
+    {{- $pullSecrets = append $pullSecrets .  -}}
+  {{- end -}}
+  {{- if (not (empty $pullSecrets)) -}}
+imagePullSecrets:
+    {{- range $pullSecrets | uniq }}
+  - name: {{ . }}
+    {{- end }}
+  {{- end -}}
+{{- end -}}
+
+{{- define "http-header-injector.cert-setup.container.main" }}
+{{- $containerConfig := dict "ContainerConfig" .Values.certificatePrehook -}}
+name: webhook-cert-setup
+image: "{{ include "http-header-injector.image.registry" (merge $containerConfig .) }}/{{ .Values.certificatePrehook.image.repository }}:{{ .Values.certificatePrehook.image.tag }}"
+imagePullPolicy: {{ .Values.certificatePrehook.image.pullPolicy }}
+{{- with .Values.certificatePrehook.resources }}
+resources:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+volumeMounts:
+  - name: "{{ include "http-header-injector.cert-config.name" . }}"
+    mountPath: /scripts
+    readOnly: true
+command: ["/scripts/generate-cert.sh"]
+{{- end }}
+
+{{- define "http-header-injector.cert-delete.container.main" }}
+{{- $containerConfig := dict "ContainerConfig" .Values.certificatePrehook -}}
+name: webhook-cert-delete
+image: "{{ include "http-header-injector.image.registry" (merge $containerConfig .) }}/{{ .Values.certificatePrehook.image.repository }}:{{ .Values.certificatePrehook.image.tag }}"
+imagePullPolicy: {{ .Values.certificatePrehook.image.pullPolicy }}
+{{- with .Values.certificatePrehook.resources }}
+resources:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+volumeMounts:
+  - name: "{{ include "http-header-injector.cert-config.name" . }}"
+    mountPath: /scripts
+command: [ "/scripts/delete-cert.sh" ]
+{{- end }}
+
+{{/*
+Returns a YAML with extra annotations.
+*/}}
+{{- define "http-header-injector.global.extraAnnotations" -}}
+{{- with .Values.global.extraAnnotations }}
+{{- toYaml . }}
+{{- end }}
+{{- end -}}
+
+{{/*
+Returns a YAML with extra labels.
+*/}}
+{{- define "http-header-injector.global.extraLabels" -}}
+{{- with .Values.global.extraLabels }}
+{{- toYaml . }}
+{{- end }}
+{{- end -}}