From db7d21fbc8d02bfe57e760345ff7480b70206d2d Mon Sep 17 00:00:00 2001
From: Erwan Grooters <egr@n-side.com>
Date: Thu, 26 Sep 2024 13:59:15 +0200
Subject: [PATCH 1/4] feat(helm): Add Elasticsearch pipeline setting

Signed-off-by: Erwan Grooters <grooters.erwan@gmail.com>
---
 charts/falcosidekick/README.md              | 1 +
 charts/falcosidekick/templates/secrets.yaml | 1 +
 charts/falcosidekick/values.yaml            | 2 ++
 3 files changed, 4 insertions(+)

diff --git a/charts/falcosidekick/README.md b/charts/falcosidekick/README.md
index d39c7a21d..0664d2c9e 100644
--- a/charts/falcosidekick/README.md
+++ b/charts/falcosidekick/README.md
@@ -258,6 +258,7 @@ The following table lists the main configurable parameters of the Falcosidekick
 | config.elasticsearch.numberofreplicas | int | `3` | Number of replicas set by the index template (default: 3) |
 | config.elasticsearch.numberofshards | int | `3` | Number of shards set by the index template (default: 3) |
 | config.elasticsearch.password | string | `""` | use this password to authenticate to Elasticsearch if the password is not empty |
+| config.elasticsearch.pipeline | string | `""` | Elasticsearch ingest pipeline |
 | config.elasticsearch.suffix | string | `"daily"` |  |
 | config.elasticsearch.type | string | `"_doc"` | Elasticsearch document type |
 | config.elasticsearch.username | string | `""` | use this username to authenticate to Elasticsearch if the username is not empty |
diff --git a/charts/falcosidekick/templates/secrets.yaml b/charts/falcosidekick/templates/secrets.yaml
index 1335ff784..f5cf3e843 100644
--- a/charts/falcosidekick/templates/secrets.yaml
+++ b/charts/falcosidekick/templates/secrets.yaml
@@ -190,6 +190,7 @@ data:
   ELASTICSEARCH_NUMBEROFSHARDS: "{{ .Values.config.elasticsearch.numberofshards | toString | b64enc }}"
   ELASTICSEARCH_NUMBEROFREPLICAS: "{{ .Values.config.elasticsearch.numberofreplicas | toString | b64enc }}"
   ELASTICSEARCH_CUSTOMHEADERS: "{{ .Values.config.elasticsearch.customheaders | b64enc }}"
+  ELASTICSEARCH_PIPELINE: "{{ .Values.config.elasticsearch.pipeline | b64enc }}"
 
   # Loki Output
   LOKI_HOSTPORT: "{{ .Values.config.loki.hostport | b64enc }}"
diff --git a/charts/falcosidekick/values.yaml b/charts/falcosidekick/values.yaml
index 9ee46da42..6b94c7172 100644
--- a/charts/falcosidekick/values.yaml
+++ b/charts/falcosidekick/values.yaml
@@ -298,6 +298,8 @@ config:
     checkcert: true
     # -- minimum priority of event to use this output, order is `emergency\|alert\|critical\|error\|warning\|notice\|informational\|debug or ""`
     minimumpriority: ""
+    # -- Optional ingest pipeline name. Documentation: https://www.elastic.co/guide/en/elasticsearch/reference/current/ingest.html
+    pipeline: ""
 
   influxdb:
     # -- Influxdb <http://host:port>, if not `empty`, Influxdb is *enabled*

From 12eeec07437932c363278b8e690e85e320746ae6 Mon Sep 17 00:00:00 2001
From: Erwan Grooters <egr@n-side.com>
Date: Thu, 26 Sep 2024 14:21:25 +0200
Subject: [PATCH 2/4] feat(helm): Add Elasticsearch maxconcurrentrequests
 setting

Signed-off-by: Erwan Grooters <grooters.erwan@gmail.com>
---
 charts/falcosidekick/README.md              | 2 ++
 charts/falcosidekick/templates/secrets.yaml | 1 +
 charts/falcosidekick/values.yaml            | 3 +++
 3 files changed, 6 insertions(+)

diff --git a/charts/falcosidekick/README.md b/charts/falcosidekick/README.md
index 0664d2c9e..c2694b392 100644
--- a/charts/falcosidekick/README.md
+++ b/charts/falcosidekick/README.md
@@ -250,9 +250,11 @@ The following table lists the main configurable parameters of the Falcosidekick
 | config.elasticsearch.checkcert | bool | `true` | check if ssl certificate of the output is valid |
 | config.elasticsearch.createindextemplate | bool | `false` | Create an index template (default: false) |
 | config.elasticsearch.customheaders | string | `""` | a list of comma separated custom headers to add, syntax is "key:value,key:value" |
+| config.elasticsearch.enablecompression | bool | `false` | Enable gzip compression of the request (default: false) |
 | config.elasticsearch.flattenfields | bool | `false` | Replace . by _ to avoid mapping conflicts, force to true if createindextemplate==true (default: false) |
 | config.elasticsearch.hostport | string | `""` | Elasticsearch <http://host:port>, if not `empty`, Elasticsearch is *enabled* |
 | config.elasticsearch.index | string | `"falco"` | Elasticsearch index |
+| config.elasticsearch.maxconcurrentrequests | int | `1` | Maximum number of concurrent requests to Elasticsearch (default: 1) |
 | config.elasticsearch.minimumpriority | string | `""` | minimum priority of event to use this output, order is `emergency\|alert\|critical\|error\|warning\|notice\|informational\|debug or ""` |
 | config.elasticsearch.mutualtls | bool | `false` | if true, checkcert flag will be ignored (server cert will always be checked) |
 | config.elasticsearch.numberofreplicas | int | `3` | Number of replicas set by the index template (default: 3) |
diff --git a/charts/falcosidekick/templates/secrets.yaml b/charts/falcosidekick/templates/secrets.yaml
index f5cf3e843..fa9c18678 100644
--- a/charts/falcosidekick/templates/secrets.yaml
+++ b/charts/falcosidekick/templates/secrets.yaml
@@ -191,6 +191,7 @@ data:
   ELASTICSEARCH_NUMBEROFREPLICAS: "{{ .Values.config.elasticsearch.numberofreplicas | toString | b64enc }}"
   ELASTICSEARCH_CUSTOMHEADERS: "{{ .Values.config.elasticsearch.customheaders | b64enc }}"
   ELASTICSEARCH_PIPELINE: "{{ .Values.config.elasticsearch.pipeline | b64enc }}"
+  ELASTICSEARCH_MAXCONCURRENTREQUESTS: "{{ .Values.config.elasticsearch.maxconcurrentrequests | toString | b64enc }}"
 
   # Loki Output
   LOKI_HOSTPORT: "{{ .Values.config.loki.hostport | b64enc }}"
diff --git a/charts/falcosidekick/values.yaml b/charts/falcosidekick/values.yaml
index 6b94c7172..c969fa4d1 100644
--- a/charts/falcosidekick/values.yaml
+++ b/charts/falcosidekick/values.yaml
@@ -301,6 +301,9 @@ config:
     # -- Optional ingest pipeline name. Documentation: https://www.elastic.co/guide/en/elasticsearch/reference/current/ingest.html
     pipeline: ""
 
+    # -- Max number of concurrent requests
+    maxconcurrentrequests: 1
+
   influxdb:
     # -- Influxdb <http://host:port>, if not `empty`, Influxdb is *enabled*
     hostport: ""

From 431bb98e6183f0558747295c397f2fb1560da4d5 Mon Sep 17 00:00:00 2001
From: Erwan Grooters <egr@n-side.com>
Date: Thu, 26 Sep 2024 14:26:51 +0200
Subject: [PATCH 3/4] feat(helm): Add Elasticsearch enablecompression setting

Signed-off-by: Erwan Grooters <grooters.erwan@gmail.com>
---
 charts/falcosidekick/templates/secrets.yaml | 1 +
 charts/falcosidekick/values.yaml            | 3 ++-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/charts/falcosidekick/templates/secrets.yaml b/charts/falcosidekick/templates/secrets.yaml
index fa9c18678..aa18b81d8 100644
--- a/charts/falcosidekick/templates/secrets.yaml
+++ b/charts/falcosidekick/templates/secrets.yaml
@@ -192,6 +192,7 @@ data:
   ELASTICSEARCH_CUSTOMHEADERS: "{{ .Values.config.elasticsearch.customheaders | b64enc }}"
   ELASTICSEARCH_PIPELINE: "{{ .Values.config.elasticsearch.pipeline | b64enc }}"
   ELASTICSEARCH_MAXCONCURRENTREQUESTS: "{{ .Values.config.elasticsearch.maxconcurrentrequests | toString | b64enc }}"
+  ELASTICSEARCH_ENABLECOMPRESSION: "{{ .Values.config.elasticsearch.enablecompression | printf "%t" | b64enc }}"
 
   # Loki Output
   LOKI_HOSTPORT: "{{ .Values.config.loki.hostport | b64enc }}"
diff --git a/charts/falcosidekick/values.yaml b/charts/falcosidekick/values.yaml
index c969fa4d1..eafa3820d 100644
--- a/charts/falcosidekick/values.yaml
+++ b/charts/falcosidekick/values.yaml
@@ -300,9 +300,10 @@ config:
     minimumpriority: ""
     # -- Optional ingest pipeline name. Documentation: https://www.elastic.co/guide/en/elasticsearch/reference/current/ingest.html
     pipeline: ""
-
     # -- Max number of concurrent requests
     maxconcurrentrequests: 1
+    # -- Enables gzip compression
+    enablecompression: false
 
   influxdb:
     # -- Influxdb <http://host:port>, if not `empty`, Influxdb is *enabled*

From 3dcb873ac7aaeabfa435421c7adc8a248547f1ea Mon Sep 17 00:00:00 2001
From: Erwan Grooters <egr@n-side.com>
Date: Thu, 26 Sep 2024 14:49:40 +0200
Subject: [PATCH 4/4] feat(helm): Update changelog and bump chart version

Signed-off-by: Erwan Grooters <egr@n-side.com>
---
 charts/falcosidekick/CHANGELOG.md | 4 ++++
 charts/falcosidekick/Chart.yaml   | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/charts/falcosidekick/CHANGELOG.md b/charts/falcosidekick/CHANGELOG.md
index 51974fdfa..fd3c27791 100644
--- a/charts/falcosidekick/CHANGELOG.md
+++ b/charts/falcosidekick/CHANGELOG.md
@@ -5,6 +5,10 @@ numbering uses [semantic versioning](http://semver.org).
 
 Before release 0.1.20, the helm chart can be found in `falcosidekick` [repository](https://github.com/falcosecurity/falcosidekick/tree/master/deploy/helm/falcosidekick).
 
+## 0.9.0
+
+- Add missing Elasticsearch settings (enablecompression,maxconcurrentrequests, pipeline)
+
 ## 0.8.7
 
 - Fix securityContext for webui initContainer
diff --git a/charts/falcosidekick/Chart.yaml b/charts/falcosidekick/Chart.yaml
index 1d127866f..a3ce6d1ed 100644
--- a/charts/falcosidekick/Chart.yaml
+++ b/charts/falcosidekick/Chart.yaml
@@ -3,7 +3,7 @@ appVersion: 2.29.0
 description: Connect Falco to your ecosystem
 icon: https://raw.githubusercontent.com/falcosecurity/falcosidekick/master/imgs/falcosidekick_color.png
 name: falcosidekick
-version: 0.8.7
+version: 0.9.0
 keywords:
   - monitoring
   - security