diff --git a/README.md b/README.md index 83ebe80a..78c20e02 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# Discovery Agent +# Discovery Agent for CyberArk Certificate Manager in Kubernetes and OpenShift Environments [![tests](https://github.com/jetstack/jetstack-secure/actions/workflows/tests.yaml/badge.svg?branch=master&event=push)](https://github.com/jetstack/jetstack-secure/actions/workflows/tests.yaml) [![Go Reference](https://pkg.go.dev/badge/github.com/jetstack/jetstack-secure.svg)](https://pkg.go.dev/github.com/jetstack/jetstack-secure) @@ -8,7 +8,7 @@ ## Installation -Please [review the documentation](https://docs.venafi.cloud/vaas/k8s-components/c-tlspk-agent-overview/) for the agent. +Please [review the documentation](https://docs.venafi.cloud/vaas/k8s-components/c-tlspk-agent-overview/) for the Discovery Agent for CyberArk Certificate Manager in Kubernetes and OpenShift Environments (formerly Venafi Kubernetes Agent). Detailed installation instructions are available for a variety of methods. @@ -47,7 +47,7 @@ The agent exposes its metrics through a Prometheus server, on port 8081. The Prometheus server is disabled by default but can be enabled by passing the `--enable-metrics` flag to the agent binary. -If you deploy the agent using the venafi-kubernetes-agent Helm chart, the metrics server will be enabled by default, on port 8081. +If you deploy the agent using the venafi-kubernetes-agent Helm chart (Discovery Agent), the metrics server will be enabled by default, on port 8081. If you use the Prometheus Operator, you can use `--set metrics.podmonitor.enabled=true` to deploy a `PodMonitor` resource, which will add the venafi-kubernetes-agent metrics to your Prometheus server. diff --git a/RELEASE.md b/RELEASE.md index 6cce6548..4ba5d553 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -63,7 +63,7 @@ The release process is semi-automated. 7. Publish the release. -8. Inform the `#venctl` channel that a new version of Discovery Agent has been +8. Inform the `#venctl` channel that a new version of the Discovery Agent for CyberArk Certificate Manager in Kubernetes and OpenShift Environments has been released. Make sure to share any breaking change that may affect `venctl connect` or `venctl generate`. diff --git a/deploy/charts/venafi-kubernetes-agent/Chart.yaml b/deploy/charts/venafi-kubernetes-agent/Chart.yaml index 45efd93a..b2b0dca0 100644 --- a/deploy/charts/venafi-kubernetes-agent/Chart.yaml +++ b/deploy/charts/venafi-kubernetes-agent/Chart.yaml @@ -3,12 +3,12 @@ name: venafi-kubernetes-agent type: application description: |- - The Discovery Agent connects your Kubernetes or OpenShift cluster to the CyberArk Certificate Manager. + The Discovery Agent for CyberArk Certificate Manager in Kubernetes and OpenShift Environments connects your Kubernetes or OpenShift cluster to the CyberArk Control Plane. maintainers: - - name: Venafi - email: support@venafi.cloud - url: https://venafi.com + - name: CyberArk + email: support@cyberark.com + url: https://www.cyberark.com sources: - https://github.com/jetstack/jetstack-secure diff --git a/deploy/charts/venafi-kubernetes-agent/README.md b/deploy/charts/venafi-kubernetes-agent/README.md index 25259e3f..562a96b6 100644 --- a/deploy/charts/venafi-kubernetes-agent/README.md +++ b/deploy/charts/venafi-kubernetes-agent/README.md @@ -1,13 +1,13 @@ -# venafi-kubernetes-agent +# discovery-agent-for-cyberark-certificate-manager-in-kubernetes-and-openshift-environments -The Discovery Agent connects your Kubernetes or OpenShift cluster to the CyberArk Certificate Manager (formerly Venafi Control Plane). +The Discovery Agent connects your Kubernetes or OpenShift cluster to the CyberArk Certificate Manager Control Plane. You will require a CyberArk Certificate Manager account to connect your cluster. If you do not have one, you can sign up for a free trial now at: - https://venafi.com/try-venafi/tls-protect/ -> 📖 Read the [Discovery Agent documentation](https://docs.venafi.cloud/vaas/k8s-components/c-tlspk-agent-overview/), -> to learn how install and configure this Helm chart. +> 📖 Read the Discovery Agent documentation for CyberArk Certificate Manager (formerly Venafi Kubernetes Agent): +> https://docs.venafi.cloud/vaas/k8s-components/c-tlspk-agent-overview/ ## Values @@ -343,7 +343,7 @@ Configure VenafiConnection authentication > false > ``` -When set to true, the Discovery Agent will authenticate to. Venafi using the configuration in a VenafiConnection resource. Use `venafiConnection.enabled=true` for [secretless authentication](https://docs.venafi.cloud/vaas/k8s-components/t-install-tlspk-agent/). When set to true, the `authentication.secret` values will be ignored and the. Secret with `authentication.secretName` will _not_ be mounted into the +When set to true, the Discovery Agent will authenticate to. CyberArk Certificate Manager using the configuration in a VenafiConnection resource. Use `venafiConnection.enabled=true` for [secretless authentication](https://docs.venafi.cloud/vaas/k8s-components/t-install-tlspk-agent/). When set to true, the `authentication.secret` values will be ignored and the. Secret with `authentication.secretName` will _not_ be mounted into the Discovery Agent Pod. #### **authentication.venafiConnection.name** ~ `string` > Default value: @@ -365,7 +365,7 @@ The namespace of a VenafiConnection resource which contains the configuration fo > https://api.venafi.cloud/ > ``` -API URL of the CyberArk Certificate Manager API. For EU tenants, set this value to https://api.venafi.eu/. If you are using the VenafiConnection authentication method, you must set the API URL using the field `spec.vcp.url` on the +API URL of the CyberArk Certificate Manager Control Plane API. For EU tenants, set this value to https://api.venafi.eu/. If you are using the VenafiConnection authentication method, you must set the API URL using the field `spec.vcp.url` on the VenafiConnection resource instead. #### **config.clientId** ~ `string` > Default value: diff --git a/deploy/charts/venafi-kubernetes-agent/values.schema.json b/deploy/charts/venafi-kubernetes-agent/values.schema.json index 876f4b5c..ed6e5426 100644 --- a/deploy/charts/venafi-kubernetes-agent/values.schema.json +++ b/deploy/charts/venafi-kubernetes-agent/values.schema.json @@ -131,7 +131,7 @@ }, "helm-values.authentication.venafiConnection.enabled": { "default": false, - "description": "When set to true, the Discovery Agent will authenticate to. Venafi using the configuration in a VenafiConnection resource. Use `venafiConnection.enabled=true` for [secretless authentication](https://docs.venafi.cloud/vaas/k8s-components/t-install-tlspk-agent/). When set to true, the `authentication.secret` values will be ignored and the. Secret with `authentication.secretName` will _not_ be mounted into the\nDiscovery Agent Pod.", + "description": "When set to true, the Discovery Agent will authenticate to. CyberArk Certificate Manager using the configuration in a VenafiConnection resource. Use `venafiConnection.enabled=true` for [secretless authentication](https://docs.venafi.cloud/vaas/k8s-components/t-install-tlspk-agent/). When set to true, the `authentication.secret` values will be ignored and the. Secret with `authentication.secretName` will _not_ be mounted into the\nDiscovery Agent Pod.", "type": "boolean" }, "helm-values.authentication.venafiConnection.name": { @@ -264,7 +264,7 @@ }, "helm-values.config.server": { "default": "https://api.venafi.cloud/", - "description": "API URL of the CyberArk Certificate Manager API. For EU tenants, set this value to https://api.venafi.eu/. If you are using the VenafiConnection authentication method, you must set the API URL using the field `spec.vcp.url` on the\nVenafiConnection resource instead.", + "description": "API URL of the CyberArk Certificate Manager Control Plane API. For EU tenants, set this value to https://api.venafi.eu/. If you are using the VenafiConnection authentication method, you must set the API URL using the field `spec.vcp.url` on the\nVenafiConnection resource instead.", "type": "string" }, "helm-values.crds": { diff --git a/deploy/charts/venafi-kubernetes-agent/values.yaml b/deploy/charts/venafi-kubernetes-agent/values.yaml index 75010de4..b25d0cf7 100644 --- a/deploy/charts/venafi-kubernetes-agent/values.yaml +++ b/deploy/charts/venafi-kubernetes-agent/values.yaml @@ -201,7 +201,7 @@ authentication: # Configure VenafiConnection authentication venafiConnection: # When set to true, the Discovery Agent will authenticate to - # Venafi using the configuration in a VenafiConnection resource. + # CyberArk Certificate Manager using the configuration in a VenafiConnection resource. # Use `venafiConnection.enabled=true` for [secretless authentication](https://docs.venafi.cloud/vaas/k8s-components/t-install-tlspk-agent/). # When set to true, the `authentication.secret` values will be ignored and the # Secret with `authentication.secretName` will _not_ be mounted into the @@ -216,7 +216,7 @@ authentication: # Configuration section for the Discovery Agent itself config: - # API URL of the CyberArk Certificate Manager API. For EU tenants, set this value to + # API URL of the CyberArk Certificate Manager Control Plane API. For EU tenants, set this value to # https://api.venafi.eu/. If you are using the VenafiConnection authentication # method, you must set the API URL using the field `spec.vcp.url` on the # VenafiConnection resource instead. diff --git a/internal/cyberark/dataupload/dataupload.go b/internal/cyberark/dataupload/dataupload.go index b9ccb5f5..8ecbbccf 100644 --- a/internal/cyberark/dataupload/dataupload.go +++ b/internal/cyberark/dataupload/dataupload.go @@ -47,7 +47,7 @@ func New(httpClient *http.Client, baseURL string, authenticateRequest func(req * // Snapshot is the JSON that the CyberArk Discovery and Context API expects to // be uploaded to the AWS presigned URL. type Snapshot struct { - // AgentVersion is the version of the Venafi Kubernetes Agent which is uploading this snapshot. + // AgentVersion is the version of the Discovery Agent which is uploading this snapshot. AgentVersion string `json:"agent_version"` // ClusterID is the unique ID of the Kubernetes cluster which this snapshot was taken from. ClusterID string `json:"cluster_id"` diff --git a/make/00_mod.mk b/make/00_mod.mk index df1a1353..a8044266 100644 --- a/make/00_mod.mk +++ b/make/00_mod.mk @@ -35,8 +35,8 @@ oci_preflight_image_name_development := jetstack.local/venafi-agent oci_preflight_build_args := \ --image-annotation="org.opencontainers.image.vendor"="CyberArk Software Ltd." \ --image-annotation="org.opencontainers.image.licenses"="EULA - https://www.cyberark.com/contract-terms/" \ - --image-annotation="org.opencontainers.image.authors"="support@venafi.cloud" \ - --image-annotation="org.opencontainers.image.title"="Venafi Kubernetes Agent" \ + --image-annotation="org.opencontainers.image.authors"="support@cyberark.com" \ + --image-annotation="org.opencontainers.image.title"="Discovery Agent for CyberArk Certificate Manager in Kubernetes and OpenShift Environments" \ --image-annotation="org.opencontainers.image.description"="Gathers machine identity data from Kubernetes clusters." \ --image-annotation="org.opencontainers.image.url"="https://www.cyberark.com/products/certificate-manager-for-kubernetes/" \ --image-annotation="org.opencontainers.image.documentation"="https://docs.venafi.cloud/vaas/k8s-components/c-tlspk-agent-overview/" \ diff --git a/pkg/client/client_venafi_cloud.go b/pkg/client/client_venafi_cloud.go index 6b5da890..65c21a92 100644 --- a/pkg/client/client_venafi_cloud.go +++ b/pkg/client/client_venafi_cloud.go @@ -317,7 +317,7 @@ func (c *VenafiCloudClient) sendHTTPRequest(request *http.Request, responseObjec if response.StatusCode != http.StatusOK && response.StatusCode != http.StatusCreated { body, _ := io.ReadAll(response.Body) - return fmt.Errorf("failed to execute http request to the Control Plane. Request %s, status code: %d, body: [%s]", request.URL, response.StatusCode, body) + return fmt.Errorf("failed to execute http request to CyberArk Certificate Manager Control Plane. Request %s, status code: %d, body: [%s]", request.URL, response.StatusCode, body) } body, err := io.ReadAll(response.Body)