From 846c92949f4cbb6f0469b1c90245f601835e82a9 Mon Sep 17 00:00:00 2001 From: runllm Date: Wed, 18 Jun 2025 19:23:19 +0000 Subject: [PATCH 1/3] Update README.md --- gremlin-integrations/README.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/gremlin-integrations/README.md b/gremlin-integrations/README.md index 6578eba..31b90ff 100644 --- a/gremlin-integrations/README.md +++ b/gremlin-integrations/README.md @@ -20,7 +20,9 @@ values.yaml for all available options. | `nodeSelector` | Map of node labels for pod assignment for the `gremlin-integrations` container | `{}` | | `tolerations` | List of node taints to tolerate for the `gremlin-integrations` container | `[]` | | `affinity` | Map of node/pod affinities for the `gremlin-integrations` container | `{}` | -| `gremlin.serviceAccount.create` | Specifies whether Gremlin's kubernetes service account should be created by this helm chart | `true` | +| `gremlin.serviceAccount.create` | Specifies whether Gremlin's kubernetes service account should be created by this helm chart | +| `gremlin.secret.certVolume` | Used to define the value of the gremlin-cert volume except the name. This volume should always contain two files named `gremlin.cert` and `gremlin.key` containing the team certificate and private key used to auth the agents to the gremlin API | `{}` | +| `gremlin.serviceAccount.annotations` | Annotations to add to the Gremlin service account | `{}` | | `true` | | `gremlin.serviceUrl` | Specifies the Control Plane endpoint URL | `https://api.gremlin.com/v1` | | `gremlin.allowList` | Whitelist URLs in order to allow access only to specific set of endpoints | `""` | | `gremlin.secret.managed` | Specifies whether Gremlin should manage its secrets with Helm | `false` | From ac360e35d55cba85e38814a85b55dbb3385b9936 Mon Sep 17 00:00:00 2001 From: runllm Date: Wed, 18 Jun 2025 19:23:20 +0000 Subject: [PATCH 2/3] Update README.md --- gremlin/README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/gremlin/README.md b/gremlin/README.md index 49eb7f4..5626cc0 100644 --- a/gremlin/README.md +++ b/gremlin/README.md @@ -30,6 +30,7 @@ their default values. See values.yaml for all available options. | `chao.nodeSelector` | Map of node labels for pod assignment for the `chao` container | `{}` | | `chao.tolerations` | List of node taints to tolerate for the `chao` container | `[]` | | `chao.affinity` | Map of node/pod affinities for the `chao` container | `{}` | +| `chao.serviceAccount.annotations` | Annotations to add to the Chao service account | `{}` | | `chao.create` | Enable kubernetes targeting by installing k8s client | true | | `chao.extraEnv` | Specify any arbitrary environment variables to pass to the Chao deployment. | `[]` | | `chao.namespaces` | List of namespaces for Gremlin to watch for attacking | `[]` @@ -45,6 +46,7 @@ their default values. See values.yaml for all available options. | `gremlin.podSecurity.readOnlyRootFilesystem` | Forces the Gremlin Daemonset containers to run with a read-only root filesystem | `false` | | `gremlin.podSecurity.supplementalGroups.rule` | Specifies the Linux groups the Gremlin Daemonset containers should run as | `RunAsAny` | | `gremlin.podSecurity.fsGroup.rule` | Specifies the Linux groups applied to mounted volumes | `RunAsAny` | +| `gremlin.secret.certVolume` | Used to define the value of the gremlin-cert volume except the name. This volume should always contain two files named `gremlin.cert` and `gremlin.key` containing the team certificate and private key used to auth the agents to the gremlin API | `{}` | | `gremlin.podSecurity.volumes` | Specifies the volume types the Gremlin Daemonset is allowed to use | `[configMap, secret, hostPath]` | | `gremlin.podSecurity.podSecurityPolicy.create` | When true, Gremlin creates and uses a custom PodSecurityPolicy, granting all behaviors Gremlin needs | `false` | | `gremlin.podSecurity.podSecurityPolicy.seLinux` | Sets the SecurityContext for the PSP used by the Gremlin Daemonset | `{ rule: MustRunAs, seLinuxOptions: { type: gremlin.process } }` | From 592df75491229cd8d2e26ebb0dba5ccede08fc8d Mon Sep 17 00:00:00 2001 From: runllm Date: Wed, 18 Jun 2025 19:23:20 +0000 Subject: [PATCH 3/3] Update README.md --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 21686e5..c7a06fb 100644 --- a/README.md +++ b/README.md @@ -50,7 +50,8 @@ helm install gremlin-integrations gremlin/gremlin-integrations \ --namespace gremlin \ --set gremlin.secret.teamID=YOUR-TEAM-ID \ --set-file gremlin.secret.certificate=PATH_TO_CERTIFICATE \ - --set-file gremlin.secret.key=PATH_TO_PRIVATE_KEY + --set-file gremlin.secret.key=PATH_TO_PRIVATE_KEY \ + --set gremlin.secret.certVolume=YOUR-CERT-VOLUME-CONFIG ``` For more detailed instructions, see the chart's