update ocean-kubernetes-controller version to 0.1.66

BryanFauble · BryanFauble · commit 73d2cd7914be · 2025-09-04T12:59:38.000-04:00
diff --git a/modules/sage-aws-k8s-node-autoscaler/main.tf b/modules/sage-aws-k8s-node-autoscaler/main.tf
@@ -82,7 +82,7 @@ resource "helm_release" "ocean-kubernetes-controller" {
   repository       = "https://charts.spot.io"
   chart            = "ocean-kubernetes-controller"
   namespace        = "spot-system"
-  version          = "0.1.59"
+  version          = "0.1.66"
   create_namespace = true
 
   values = [templatefile("${path.module}/templates/values.yaml", {})]
diff --git a/modules/sage-aws-k8s-node-autoscaler/templates/values.yaml b/modules/sage-aws-k8s-node-autoscaler/templates/values.yaml
@@ -25,15 +25,23 @@ spotinst:
   enableCsrApproval: true
   # -- Disable automatic RightSizing. (Optional)
   disableAutomaticRightSizing: false
+  # -- Disable TLS certificate validation. (Optional)
+  insecureSkipTLSVerify: false
+  # -- Sets the controller to read-only mode, removing write permissions and disabling autoscaling. (Optional)
+  readonly: false
 
 # -- Configure the amount of replicas for the controller (Optional)
 replicas: 2
 
 image:
   repository: us-docker.pkg.dev/spotit-today/container-labs/spotinst-kubernetes-controller
   pullPolicy: IfNotPresent
-  # Overrides the image tag whose default is the chart appVersion.
+  # -- Overrides the image tag whose default is the chart appVersion.
   tag: ""
+  # -- Set to `true` to use an FIPS-140 compliant image. This flag adds `-fips` suffix to the image tag,
+  # therefore it should not be used together with the `--image.tag` flag.
+  # Ref: https://go.dev/doc/security/fips140
+  fips: false
 
 initContainers: []
 
@@ -194,8 +202,7 @@ metrics-server:
     pullPolicy: IfNotPresent
 
   # -- Arguments to pass to metrics-server on start up. (Optional)
-  args:
-  - --logtostderr
+  # args:
   # enable this if you have self-signed certificates, see: https://github.com/kubernetes-incubator/metrics-server
   #  - --kubelet-insecure-tls
 
@@ -204,10 +211,12 @@ logShipping:
   # -- Specifies whether to send the controller logs to Spot for analysis. (Optional)
   enabled: false
 
-  # -- Specifies the log shipping container image. (Optional)
   image:
+    # -- Image repository. (Optional)
     repository: ghcr.io/fluent/fluent-bit
+    # -- Overrides the image tag. (Optional)
     tag: "3.1.9"
+    # -- Image pull policy. (Optional)
     pullPolicy: IfNotPresent
 
   # -- Log shipping destination configuration.
@@ -220,12 +229,22 @@ logShipping:
 
   extraEnv: []
 
+  # -- Log shipping container command. (Optional)
   command:
     - /fluent-bit/bin/fluent-bit
     - -c
     - /tmp/fluent-bit.conf
     - -q
 
+  # -- Log Shipping container security context
+  securityContext:
+    allowPrivilegeEscalation: false
+    readOnlyRootFilesystem: true
+    runAsNonRoot: true
+    capabilities:
+      drop:
+      - ALL
+
 # Auto Update process configuration.
 autoUpdate:
   # -- Configures the image for the auto-updater job. (Optional)
