prepare release 1.40.1

[matthyx]

Summary by CodeRabbit

• Chores
  • Updated version to 1.40.1+private.1 across operator charts.
  • Updated nodeAgent container image version.
  • Added imagePullSecret configuration for kubescape-operator.
  • Removed kubevuln configuration from rapid7-operator.

[coderabbitai]

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 4403691e-9e6f-47ff-9ee0-2248f5c6a85f

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

📝 Walkthrough

Walkthrough

Two Helm charts (kubescape-operator and rapid7-operator) are updated with version bump to 1.40.1+private.1, kubescape-operator dependency updated to 1.40.1, nodeAgent image tag updated to v0.0.264, and configuration adjustments including imagePullSecret addition and kubevuln block removal.

Changes

Chart Version Synchronization & Configuration Update

Layer / File(s)	Summary
Chart Metadata & Dependencies charts/kubescape-operator/Chart.yaml, charts/rapid7-operator/Chart.yaml	Both charts bumped to version and appVersion 1.40.1+private.1; kubescape-operator dependency updated from 1.30.7 to 1.40.1 in both charts.
Values Configuration charts/kubescape-operator/values.yaml, charts/rapid7-operator/values.yaml	nodeAgent image tag updated from v0.0.259 to v0.0.264 in both charts; kubescape-operator values adds imagePullSecret block with server quay.io and username armosec+armosec_ro; rapid7-operator values removes unused kubevuln block.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Possibly related PRs

• armosec/helm-charts#25: Both PRs modify the same Helm chart files and fields for version/appVersion bumps and nodeAgent image tag updates.
• armosec/helm-charts#23: Both PRs update kubescape-operator and rapid7-operator charts with version bumps and nodeAgent image tag synchronization.
• armosec/helm-charts#16: Both PRs modify the same chart files and coordinate version updates across kubescape-operator and rapid7-operator.

Poem

🐇 Version bumps hop along with grace,
From 1.30 to 1.40's place!
nodeAgent tags flutter and dance,
imagePullSecrets take their chance.
Helm charts aligned, a release so neat! 🎉

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Title check	✅ Passed	The PR title 'prepare release 1.40.1' accurately summarizes the main change, which involves bumping chart versions to 1.40.1 and updating dependencies across multiple Helm charts.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch bump

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (1)

charts/rapid7-operator/Chart.yaml (1)

26-29: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Same kubescape-operator 1.40.1 dependency availability concern applies here.

Same verification needed as in charts/kubescape-operator/Chart.yaml — ensure 1.40.1 is available in https://kubescape.github.io/helm-charts/ before merging and deploying.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@charts/rapid7-operator/Chart.yaml` around lines 26 - 29, The Chart.yaml lists
a dependency on kubescape-operator version 1.40.1 which may not exist in the
kubescape helm repo; verify that version 1.40.1 is published at
https://kubescape.github.io/helm-charts/ and if it is not, update the dependency
version in the dependencies block (name: kubescape-operator, version: 1.40.1,
repository: "https://kubescape.github.io/helm-charts/") to an available release
or pin to a known good version, then run helm repo update and helm dependency
update to refresh Chart.lock before merging.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@charts/kubescape-operator/Chart.yaml`:
- Around line 26-29: The Chart.yaml dependency pins kubescape-operator to an
unpublished version (version: 1.40.1) which will break helm dependency
update/install; open Chart.yaml, locate the dependencies block for the
dependency with name: kubescape-operator and change the version field to a
published release (for example 1.29.10 or any version that exists in the
upstream repository "https://kubescape.github.io/helm-charts/"), then run helm
repo update and helm dependency update to verify the chart can be fetched.

---

Duplicate comments:
In `@charts/rapid7-operator/Chart.yaml`:
- Around line 26-29: The Chart.yaml lists a dependency on kubescape-operator
version 1.40.1 which may not exist in the kubescape helm repo; verify that
version 1.40.1 is published at https://kubescape.github.io/helm-charts/ and if
it is not, update the dependency version in the dependencies block (name:
kubescape-operator, version: 1.40.1, repository:
"https://kubescape.github.io/helm-charts/") to an available release or pin to a
known good version, then run helm repo update and helm dependency update to
refresh Chart.lock before merging.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 724c6422-966d-421e-ab5a-a6a97b365592

📥 Commits

Reviewing files that changed from the base of the PR and between e74f4df and 023b410.

⛔ Files ignored due to path filters (2)

• charts/kubescape-operator/tests/__snapshot__/snapshot_test.yaml.snap is excluded by !**/*.snap
• charts/rapid7-operator/tests/__snapshot__/snapshot_test.yaml.snap is excluded by !**/*.snap

📒 Files selected for processing (4)

• charts/kubescape-operator/Chart.yaml
• charts/kubescape-operator/values.yaml
• charts/rapid7-operator/Chart.yaml
• charts/rapid7-operator/values.yaml

[Copilot]

Pull request overview

This PR updates the two wrapper charts (armosec-kubescape-operator and rapid7-operator) to consume kubescape-operator chart version 1.40.1, while also bumping the overridden node-agent image tag to v0.0.264 and refreshing the rendered snapshot outputs to match the new upstream manifests.

Changes:

• Bump chart version/appVersion and dependency kubescape-operator version to 1.40.1 for both wrapper charts.
• Update nodeAgent.image.tag override to v0.0.264 and remove the explicit kubevuln.image.tag override from wrapper values.
• Update helm snapshot test outputs to reflect upstream 1.40.1 rendered resources/config.

Reviewed changes

Copilot reviewed 5 out of 6 changed files in this pull request and generated 4 comments.

Show a summary per file

File	Description
charts/rapid7-operator/Chart.yaml	Bumps wrapper chart + dependency version to 1.40.1.
charts/rapid7-operator/values.yaml	Updates node-agent tag override; removes kubevuln tag override.
charts/rapid7-operator/tests/snapshot/snapshot_test.yaml.snap	Refreshes rendered snapshot output for upstream 1.40.1.
charts/kubescape-operator/Chart.yaml	Bumps wrapper chart + dependency version to 1.40.1.
charts/kubescape-operator/values.yaml	Updates node-agent tag override; removes kubevuln tag override.
charts/kubescape-operator/tests/snapshot/snapshot_test.yaml.snap	Refreshes rendered snapshot output for upstream 1.40.1.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Just as a heads up, I was blocked by some firewall rules while working on your feedback. Expand below for details.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• kubescape.github.io
  • Triggering command: /usr/local/bin/helm helm dependency build charts/rapid7-operator (dns block)
  • Triggering command: /usr/local/bin/helm helm repo add kubescape REDACTED (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)