From 52842198de64312a587ae84ccce2ced3cf28f466 Mon Sep 17 00:00:00 2001 From: Kiril Christov Date: Wed, 22 Oct 2025 10:07:59 +0300 Subject: [PATCH 1/2] fix: init translation commit --- README.md | 6 +++--- RELEASE.md | 2 +- .../charts/venafi-kubernetes-agent/Chart.yaml | 8 ++++---- .../charts/venafi-kubernetes-agent/README.md | 19 +++++++++---------- .../values.schema.json | 6 +++--- .../venafi-kubernetes-agent/values.yaml | 12 ++++++------ internal/cyberark/dataupload/dataupload.go | 2 +- make/00_mod.mk | 2 +- pkg/client/client_venafi_cloud.go | 2 +- 9 files changed, 29 insertions(+), 30 deletions(-) diff --git a/README.md b/README.md index f877ffd8..cb82b668 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,4 @@ -# Venafi Kubernetes Agent +# Discovery Agent for CyberArk Certificate Manager in Kubernetes and OpenShift Environments [![tests](https://github.com/jetstack/jetstack-secure/actions/workflows/tests.yaml/badge.svg?branch=master&event=push)](https://github.com/jetstack/jetstack-secure/actions/workflows/tests.yaml) [![Go Reference](https://pkg.go.dev/badge/github.com/jetstack/jetstack-secure.svg)](https://pkg.go.dev/github.com/jetstack/jetstack-secure) @@ -8,7 +8,7 @@ ## Installation -Please [review the documentation](https://docs.venafi.cloud/vaas/k8s-components/c-tlspk-agent-overview/) for the agent. +Please [review the documentation](https://docs.venafi.cloud/vaas/k8s-components/c-tlspk-agent-overview/) for the Discovery Agent for CyberArk Certificate Manager in Kubernetes and OpenShift Environments (formerly Venafi Kubernetes Agent). Detailed installation instructions are available for a variety of methods. @@ -46,7 +46,7 @@ The agent exposes its metrics through a Prometheus server, on port 8081. The Prometheus server is disabled by default but can be enabled by passing the `--enable-metrics` flag to the agent binary. -If you deploy the agent using the venafi-kubernetes-agent Helm chart, the metrics server will be enabled by default, on port 8081. +If you deploy the agent using the venafi-kubernetes-agent Helm chart (Discovery Agent), the metrics server will be enabled by default, on port 8081. If you use the Prometheus Operator, you can use `--set metrics.podmonitor.enabled=true` to deploy a `PodMonitor` resource, which will add the venafi-kubernetes-agent metrics to your Prometheus server. diff --git a/RELEASE.md b/RELEASE.md index 529f7e65..3a2c5477 100644 --- a/RELEASE.md +++ b/RELEASE.md @@ -59,7 +59,7 @@ The release process is semi-automated. 7. Publish the release. -8. Inform the `#venctl` channel that a new version of Venafi Kubernetes Agent has been +8. Inform the `#venctl` channel that a new version of the Discovery Agent for CyberArk Certificate Manager in Kubernetes and OpenShift Environments has been released. Make sure to share any breaking change that may affect `venctl connect` or `venctl generate`. diff --git a/deploy/charts/venafi-kubernetes-agent/Chart.yaml b/deploy/charts/venafi-kubernetes-agent/Chart.yaml index 59294b58..b2b0dca0 100644 --- a/deploy/charts/venafi-kubernetes-agent/Chart.yaml +++ b/deploy/charts/venafi-kubernetes-agent/Chart.yaml @@ -3,12 +3,12 @@ name: venafi-kubernetes-agent type: application description: |- - The Venafi Kubernetes Agent connects your Kubernetes or Openshift cluster to the Venafi Control Plane. + The Discovery Agent for CyberArk Certificate Manager in Kubernetes and OpenShift Environments connects your Kubernetes or OpenShift cluster to the CyberArk Control Plane. maintainers: - - name: Venafi - email: support@venafi.cloud - url: https://venafi.com + - name: CyberArk + email: support@cyberark.com + url: https://www.cyberark.com sources: - https://github.com/jetstack/jetstack-secure diff --git a/deploy/charts/venafi-kubernetes-agent/README.md b/deploy/charts/venafi-kubernetes-agent/README.md index 457bbb05..2c37dbd2 100644 --- a/deploy/charts/venafi-kubernetes-agent/README.md +++ b/deploy/charts/venafi-kubernetes-agent/README.md @@ -1,12 +1,12 @@ -# venafi-kubernetes-agent +# discovery-agent-for-cyberark-certificate-manager-in-kubernetes-and-openshift-environments -The Venafi Kubernetes Agent connects your Kubernetes or OpenShift cluster to the Venafi Control Plane. -You will require a Venafi Control Plane account to connect your cluster. +The Discovery Agent connects your Kubernetes or OpenShift cluster to the CyberArk Certificate Manager Control Plane. +You will require a CyberArk Certificate Manager account to connect your cluster. If you do not have one, you can sign up for a free trial now at: - https://venafi.com/try-venafi/tls-protect/ -> 📖 Read the [Venafi Kubernetes Agent documentation](https://docs.venafi.cloud/vaas/k8s-components/c-tlspk-agent-overview/), -> to learn how install and configure this Helm chart. +> 📖 Read the Discovery Agent documentation for CyberArk Certificate Manager (formerly Venafi Kubernetes Agent): +> https://docs.venafi.cloud/vaas/k8s-components/c-tlspk-agent-overview/ ## Values @@ -282,7 +282,7 @@ extraArgs: > [] > ``` -Additional volumes to add to the Venafi Kubernetes Agent container. This is useful for mounting a custom CA bundle. For example: +Additional volumes to add to the Discovery Agent container. This is useful for mounting a custom CA bundle. For example: ```yaml volumes: @@ -303,7 +303,7 @@ In order to create the ConfigMap, you can use the following command: > [] > ``` -Additional volume mounts to add to the Venafi Kubernetes Agent container. This is useful for mounting a custom CA bundle. Any PEM certificate mounted under /etc/ssl/certs will be loaded by the Venafi Kubernetes Agent. For +Additional volume mounts to add to the Discovery Agent container. This is useful for mounting a custom CA bundle. Any PEM certificate mounted under /etc/ssl/certs will be loaded by the Discovery Agent. For ```yaml example: @@ -342,8 +342,7 @@ Configure VenafiConnection authentication > false > ``` -When set to true, the Venafi Kubernetes Agent will authenticate to. Venafi using the configuration in a VenafiConnection resource. Use `venafiConnection.enabled=true` for [secretless authentication](https://docs.venafi.cloud/vaas/k8s-components/t-install-tlspk-agent/). When set to true, the `authentication.secret` values will be ignored and the. Secret with `authentication.secretName` will _not_ be mounted into the -Venafi Kubernetes Agent Pod. +When set to true, the Discovery Agent will authenticate to CyberArk Certificate Manager using the configuration in a VenafiConnection resource. Use `venafiConnection.enabled=true` for [secretless authentication](https://docs.venafi.cloud/vaas/k8s-components/t-install-tlspk-agent/). When set to true, the `authentication.secret` values will be ignored and the Secret with `authentication.secretName` will _not_ be mounted into the Discovery Agent Pod. #### **authentication.venafiConnection.name** ~ `string` > Default value: > ```yaml @@ -438,7 +437,7 @@ Control Plane. > [] > ``` -You can configure Venafi Kubernetes Agent to exclude some annotations or labels from being pushed to the Venafi Control Plane. All Kubernetes objects are affected. The objects are still pushed, but the specified annotations and labels are removed before being sent to the Venafi Control Plane. +You can configure Discovery Agent to exclude some annotations or labels from being pushed to the CyberArk Certificate Manager Control Plane. All Kubernetes objects are affected. The objects are still pushed, but the specified annotations and labels are removed before being sent to the CyberArk Certificate Manager Control Plane. Dots is the only character that needs to be escaped in the regex. Use either double quotes with escaped single quotes or unquoted strings for the regex to avoid YAML parsing issues with `\.`. diff --git a/deploy/charts/venafi-kubernetes-agent/values.schema.json b/deploy/charts/venafi-kubernetes-agent/values.schema.json index 1301063f..7935e44c 100644 --- a/deploy/charts/venafi-kubernetes-agent/values.schema.json +++ b/deploy/charts/venafi-kubernetes-agent/values.schema.json @@ -131,7 +131,7 @@ }, "helm-values.authentication.venafiConnection.enabled": { "default": false, - "description": "When set to true, the Venafi Kubernetes Agent will authenticate to. Venafi using the configuration in a VenafiConnection resource. Use `venafiConnection.enabled=true` for [secretless authentication](https://docs.venafi.cloud/vaas/k8s-components/t-install-tlspk-agent/). When set to true, the `authentication.secret` values will be ignored and the. Secret with `authentication.secretName` will _not_ be mounted into the\nVenafi Kubernetes Agent Pod.", + "description": "When set to true, the Discovery Agent will authenticate to CyberArk Certificate Manager using the configuration in a VenafiConnection resource. Use `venafiConnection.enabled=true` for [secretless authentication](https://docs.venafi.cloud/vaas/k8s-components/t-install-tlspk-agent/). When set to true, the `authentication.secret` values will be ignored and the Secret with `authentication.secretName` will _not_ be mounted into the Discovery Agent Pod.", "type": "boolean" }, "helm-values.authentication.venafiConnection.name": { @@ -214,7 +214,7 @@ "helm-values.config.configmap.name": {}, "helm-values.config.excludeAnnotationKeysRegex": { "default": [], - "description": "You can configure Venafi Kubernetes Agent to exclude some annotations or labels from being pushed to the Venafi Control Plane. All Kubernetes objects are affected. The objects are still pushed, but the specified annotations and labels are removed before being sent to the Venafi Control Plane.\n\nDots is the only character that needs to be escaped in the regex. Use either double quotes with escaped single quotes or unquoted strings for the regex to avoid YAML parsing issues with `\\.`.\n\nExample: excludeAnnotationKeysRegex: ['^kapp\\.k14s\\.io/original.*']", + "description": "You can configure Discovery Agent to exclude some annotations or labels from being pushed to the CyberArk Certificate Manager Control Plane. All Kubernetes objects are affected. The objects are still pushed, but the specified annotations and labels are removed before being sent to the CyberArk Certificate Manager Control Plane.\n\nDots is the only character that needs to be escaped in the regex. Use either double quotes with escaped single quotes or unquoted strings for the regex to avoid YAML parsing issues with `\\.`.\n\nExample: excludeAnnotationKeysRegex: ['^kapp\\.k14s\\.io/original.*']", "items": {}, "type": "array" }, @@ -264,7 +264,7 @@ }, "helm-values.config.server": { "default": "https://api.venafi.cloud/", - "description": "API URL of the Venafi Control Plane API. For EU tenants, set this value to https://api.venafi.eu/. If you are using the VenafiConnection authentication method, you must set the API URL using the field `spec.vcp.url` on the\nVenafiConnection resource instead.", + "description": "API URL of the CyberArk Certificate Manager Control Plane API. For EU tenants, set this value to https://api.venafi.eu/. If you are using the VenafiConnection authentication method, you must set the API URL using the field `spec.vcp.url` on the\nVenafiConnection resource instead.", "type": "string" }, "helm-values.crds": { diff --git a/deploy/charts/venafi-kubernetes-agent/values.yaml b/deploy/charts/venafi-kubernetes-agent/values.yaml index d84a48f6..1078a2f1 100644 --- a/deploy/charts/venafi-kubernetes-agent/values.yaml +++ b/deploy/charts/venafi-kubernetes-agent/values.yaml @@ -162,7 +162,7 @@ command: [] # - --log-level=6 # To enable HTTP request logging extraArgs: [] -# Additional volumes to add to the Venafi Kubernetes Agent container. This is +# Additional volumes to add to the Discovery Agent container. This is # useful for mounting a custom CA bundle. For example: # # volumes: @@ -178,7 +178,7 @@ extraArgs: [] # --from-file=cabundle=./your/custom/ca/bundle.pem volumes: [] -# Additional volume mounts to add to the Venafi Kubernetes Agent container. +# Additional volume mounts to add to the Discovery Agent container. # This is useful for mounting a custom CA bundle. Any PEM certificate mounted # under /etc/ssl/certs will be loaded by the Venafi Kubernetes Agent. For # example: @@ -190,7 +190,7 @@ volumes: [] # readOnly: true volumeMounts: [] -# Authentication details for the Venafi Kubernetes Agent +# Authentication details for the Discovery Agent authentication: # Name of the secret containing the private key secretName: agent-credentials @@ -200,8 +200,8 @@ authentication: # +docs:section=Venafi Connection # Configure VenafiConnection authentication venafiConnection: - # When set to true, the Venafi Kubernetes Agent will authenticate to - # Venafi using the configuration in a VenafiConnection resource. + # When set to true, the Discovery Agent will authenticate to + # CyberArk Certificate Manager using the configuration in a VenafiConnection resource. # Use `venafiConnection.enabled=true` for [secretless authentication](https://docs.venafi.cloud/vaas/k8s-components/t-install-tlspk-agent/). # When set to true, the `authentication.secret` values will be ignored and the # Secret with `authentication.secretName` will _not_ be mounted into the @@ -216,7 +216,7 @@ authentication: # Configuration section for the Venafi Kubernetes Agent itself config: - # API URL of the Venafi Control Plane API. For EU tenants, set this value to + # API URL of the CyberArk Certificate Manager Control Plane API. For EU tenants, set this value to # https://api.venafi.eu/. If you are using the VenafiConnection authentication # method, you must set the API URL using the field `spec.vcp.url` on the # VenafiConnection resource instead. diff --git a/internal/cyberark/dataupload/dataupload.go b/internal/cyberark/dataupload/dataupload.go index b9ccb5f5..8ecbbccf 100644 --- a/internal/cyberark/dataupload/dataupload.go +++ b/internal/cyberark/dataupload/dataupload.go @@ -47,7 +47,7 @@ func New(httpClient *http.Client, baseURL string, authenticateRequest func(req * // Snapshot is the JSON that the CyberArk Discovery and Context API expects to // be uploaded to the AWS presigned URL. type Snapshot struct { - // AgentVersion is the version of the Venafi Kubernetes Agent which is uploading this snapshot. + // AgentVersion is the version of the Discovery Agent which is uploading this snapshot. AgentVersion string `json:"agent_version"` // ClusterID is the unique ID of the Kubernetes cluster which this snapshot was taken from. ClusterID string `json:"cluster_id"` diff --git a/make/00_mod.mk b/make/00_mod.mk index 2e08f20a..b91b0c90 100644 --- a/make/00_mod.mk +++ b/make/00_mod.mk @@ -33,7 +33,7 @@ oci_preflight_build_args := \ --image-annotation="org.opencontainers.image.vendor"="CyberArk Software Ltd." \ --image-annotation="org.opencontainers.image.licenses"="EULA - https://www.cyberark.com/contract-terms/" \ --image-annotation="org.opencontainers.image.authors"="support@venafi.cloud" \ - --image-annotation="org.opencontainers.image.title"="Venafi Kubernetes Agent" \ + --image-annotation="org.opencontainers.image.title"="Discovery Agent for CyberArk Certificate Manager" \ --image-annotation="org.opencontainers.image.description"="Gathers machine identity data from Kubernetes clusters." \ --image-annotation="org.opencontainers.image.url"="https://www.cyberark.com/products/certificate-manager-for-kubernetes/" \ --image-annotation="org.opencontainers.image.documentation"="https://docs.venafi.cloud/vaas/k8s-components/c-tlspk-agent-overview/" \ diff --git a/pkg/client/client_venafi_cloud.go b/pkg/client/client_venafi_cloud.go index d2b3b059..d38cc64c 100644 --- a/pkg/client/client_venafi_cloud.go +++ b/pkg/client/client_venafi_cloud.go @@ -308,7 +308,7 @@ func (c *VenafiCloudClient) sendHTTPRequest(request *http.Request, responseObjec if response.StatusCode != http.StatusOK && response.StatusCode != http.StatusCreated { body, _ := io.ReadAll(response.Body) - return fmt.Errorf("failed to execute http request to Venafi Control Plane. Request %s, status code: %d, body: [%s]", request.URL, response.StatusCode, body) + return fmt.Errorf("failed to execute http request to CyberArk Certificate Manager Control Plane. Request %s, status code: %d, body: [%s]", request.URL, response.StatusCode, body) } body, err := io.ReadAll(response.Body) From 871d4f80e9b65d438e3efe001acf1e5b6ad4aaa0 Mon Sep 17 00:00:00 2001 From: Kiril Christov Date: Wed, 22 Oct 2025 10:12:23 +0300 Subject: [PATCH 2/2] fix: additional --- make/00_mod.mk | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/make/00_mod.mk b/make/00_mod.mk index b91b0c90..77dc8d5e 100644 --- a/make/00_mod.mk +++ b/make/00_mod.mk @@ -32,8 +32,8 @@ oci_preflight_image_name_development := jetstack.local/venafi-agent oci_preflight_build_args := \ --image-annotation="org.opencontainers.image.vendor"="CyberArk Software Ltd." \ --image-annotation="org.opencontainers.image.licenses"="EULA - https://www.cyberark.com/contract-terms/" \ - --image-annotation="org.opencontainers.image.authors"="support@venafi.cloud" \ - --image-annotation="org.opencontainers.image.title"="Discovery Agent for CyberArk Certificate Manager" \ + --image-annotation="org.opencontainers.image.authors"="support@cyberark.com" \ + --image-annotation="org.opencontainers.image.title"="Discovery Agent for CyberArk Certificate Manager in Kubernetes and OpenShift Environments" \ --image-annotation="org.opencontainers.image.description"="Gathers machine identity data from Kubernetes clusters." \ --image-annotation="org.opencontainers.image.url"="https://www.cyberark.com/products/certificate-manager-for-kubernetes/" \ --image-annotation="org.opencontainers.image.documentation"="https://docs.venafi.cloud/vaas/k8s-components/c-tlspk-agent-overview/" \