From d00d5c3788c711c64326765c33dd3e95177e26b1 Mon Sep 17 00:00:00 2001
From: Grace Wehner <grace.wehner@microsoft.com>
Date: Thu, 13 Jan 2022 14:04:24 -0800
Subject: [PATCH 1/8] scan with latest telegraf

---
 .github/workflows/pr-checker.yml | 5 ++++-
 kubernetes/linux/setup.sh        | 6 +++---
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/pr-checker.yml b/.github/workflows/pr-checker.yml
index 8a7e542b3..a7cf47cee 100644
--- a/.github/workflows/pr-checker.yml
+++ b/.github/workflows/pr-checker.yml
@@ -1,5 +1,8 @@
 name: pullrequest-build-and-scan
 on:
+  push:
+    branches:
+      - grace/upgrade-telegraf
   pull_request:
     types: [opened, synchronize, reopened]
     branches:
@@ -56,7 +59,7 @@ jobs:
           format: 'table'
           severity: 'CRITICAL,HIGH'
           vuln-type: 'os,library'
-          skip-dirs: '/opt,/usr/sbin'
+          skip-dirs: ''
           exit-code: '1'
           timeout: '5m0s'
   WINDOWS-build:
diff --git a/kubernetes/linux/setup.sh b/kubernetes/linux/setup.sh
index 80a1b5b1d..526afa848 100644
--- a/kubernetes/linux/setup.sh
+++ b/kubernetes/linux/setup.sh
@@ -30,10 +30,10 @@ sudo apt-get install jq=1.5+dfsg-2 -y
 #used to setcaps for ruby process to read /proc/env
 sudo apt-get install libcap2-bin -y
 
-wget https://dl.influxdata.com/telegraf/releases/telegraf-1.18.0_linux_amd64.tar.gz
-tar -zxvf telegraf-1.18.0_linux_amd64.tar.gz
+wget https://dl.influxdata.com/telegraf/releases/telegraf-1.21.2_linux_amd64.tar.gz
+tar -zxvf telegraf-1.21.2_linux_amd64.tar.gz
 
-mv /opt/telegraf-1.18.0/usr/bin/telegraf /opt/telegraf
+mv /opt/telegraf-1.21.2/usr/bin/telegraf /opt/telegraf
 
 chmod 777 /opt/telegraf
 

From 6c0d5763c2859148ca64b0ede29547153404b0b3 Mon Sep 17 00:00:00 2001
From: Grace Wehner <grace.wehner@microsoft.com>
Date: Thu, 20 Jan 2022 10:26:10 -0800
Subject: [PATCH 2/8] try 1.20.3

---
 kubernetes/linux/setup.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/kubernetes/linux/setup.sh b/kubernetes/linux/setup.sh
index 526afa848..15f1dba06 100644
--- a/kubernetes/linux/setup.sh
+++ b/kubernetes/linux/setup.sh
@@ -30,10 +30,10 @@ sudo apt-get install jq=1.5+dfsg-2 -y
 #used to setcaps for ruby process to read /proc/env
 sudo apt-get install libcap2-bin -y
 
-wget https://dl.influxdata.com/telegraf/releases/telegraf-1.21.2_linux_amd64.tar.gz
-tar -zxvf telegraf-1.21.2_linux_amd64.tar.gz
+wget https://dl.influxdata.com/telegraf/releases/telegraf-1.20.3_linux_amd64.tar.gz
+tar -zxvf telegraf-1.20.3_linux_amd64.tar.gz
 
-mv /opt/telegraf-1.21.2/usr/bin/telegraf /opt/telegraf
+mv /opt/telegraf-1.20.3/usr/bin/telegraf /opt/telegraf
 
 chmod 777 /opt/telegraf
 

From 1f6a5da9a7c9de858650750f8ba28db924ea3684 Mon Sep 17 00:00:00 2001
From: Grace Wehner <grace.wehner@microsoft.com>
Date: Thu, 20 Jan 2022 13:03:00 -0800
Subject: [PATCH 3/8] upgrade windows

---
 kubernetes/windows/setup.ps1 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kubernetes/windows/setup.ps1 b/kubernetes/windows/setup.ps1
index 8742fba8b..857f9f690 100644
--- a/kubernetes/windows/setup.ps1
+++ b/kubernetes/windows/setup.ps1
@@ -31,7 +31,7 @@ Write-Host ('Finished Installing Fluentbit')
 
 Write-Host ('Installing Telegraf');
 try {
-    $telegrafUri='https://dl.influxdata.com/telegraf/releases/telegraf-1.18.0_windows_amd64.zip'
+    $telegrafUri='https://dl.influxdata.com/telegraf/releases/telegraf-1.20.3_windows_amd64.zip'
     Invoke-WebRequest -Uri $telegrafUri -OutFile /installation/telegraf.zip
     Expand-Archive -Path /installation/telegraf.zip -Destination /installation/telegraf
     Move-Item -Path /installation/telegraf/*/* -Destination /opt/telegraf/ -ErrorAction SilentlyContinue

From f849c7a5f36c22926322c07fce4edc01a05ea9a8 Mon Sep 17 00:00:00 2001
From: Grace Wehner <grace.wehner@microsoft.com>
Date: Thu, 20 Jan 2022 15:17:44 -0800
Subject: [PATCH 4/8] exclude containerd disk path

---
 build/linux/installer/conf/telegraf.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build/linux/installer/conf/telegraf.conf b/build/linux/installer/conf/telegraf.conf
index 0e4824e70..e2a21279f 100644
--- a/build/linux/installer/conf/telegraf.conf
+++ b/build/linux/installer/conf/telegraf.conf
@@ -425,7 +425,7 @@
   # Below due to Bug - https://github.com/influxdata/telegraf/issues/5615
   # ORDER matters here!! - i.e the below should be the LAST modifier
   [inputs.disk.tagdrop]
-    path = ["/var/lib/kubelet*", "/dev/termination-log", "/var/log", "/etc/hosts", "/etc/resolv.conf", "/etc/hostname", "/etc/kubernetes/host", "/var/lib/docker/containers", "/etc/config/settings"]
+    path = ["/var/lib/kubelet*", "/dev/termination-log", "/var/log", "/etc/hosts", "/etc/resolv.conf", "/etc/hostname", "/etc/kubernetes/host", "/var/lib/docker/containers", "/etc/config/settings", "/run/host/containerd/io.containerd.runtime.v2.task/k8s.io"]
 
 
 # Read metrics about memory usage

From ac83db9caaa64a72616a5f9c14605302512daad5 Mon Sep 17 00:00:00 2001
From: Grace Wehner <grace.wehner@microsoft.com>
Date: Thu, 20 Jan 2022 15:18:55 -0800
Subject: [PATCH 5/8] add in skip for mdsd telegraf

---
 .github/workflows/pr-checker.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/pr-checker.yml b/.github/workflows/pr-checker.yml
index a7cf47cee..3331dc7bb 100644
--- a/.github/workflows/pr-checker.yml
+++ b/.github/workflows/pr-checker.yml
@@ -59,7 +59,7 @@ jobs:
           format: 'table'
           severity: 'CRITICAL,HIGH'
           vuln-type: 'os,library'
-          skip-dirs: ''
+          skip-dirs: 'usr/sbin'
           exit-code: '1'
           timeout: '5m0s'
   WINDOWS-build:

From 16e76015eead4da78d2697bde21e6cce6bd49181 Mon Sep 17 00:00:00 2001
From: Grace Wehner <grace.wehner@microsoft.com>
Date: Thu, 20 Jan 2022 15:38:03 -0800
Subject: [PATCH 6/8] increase windows cpu request/limit

---
 .github/workflows/pr-checker.yml           | 3 ---
 charts/azuremonitor-containers/values.yaml | 2 +-
 kubernetes/omsagent.yaml                   | 2 +-
 3 files changed, 2 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/pr-checker.yml b/.github/workflows/pr-checker.yml
index 3331dc7bb..2b3c34dac 100644
--- a/.github/workflows/pr-checker.yml
+++ b/.github/workflows/pr-checker.yml
@@ -1,8 +1,5 @@
 name: pullrequest-build-and-scan
 on:
-  push:
-    branches:
-      - grace/upgrade-telegraf
   pull_request:
     types: [opened, synchronize, reopened]
     branches:
diff --git a/charts/azuremonitor-containers/values.yaml b/charts/azuremonitor-containers/values.yaml
index 3ca313d38..d5d7ad2e1 100644
--- a/charts/azuremonitor-containers/values.yaml
+++ b/charts/azuremonitor-containers/values.yaml
@@ -178,7 +178,7 @@ omsagent:
         memory: 750Mi
     daemonsetwindows:
       limits:
-        cpu: 200m
+        cpu: 500m
         memory: 600Mi
     deployment:
       requests:
diff --git a/kubernetes/omsagent.yaml b/kubernetes/omsagent.yaml
index 152f2313b..664b3bc81 100644
--- a/kubernetes/omsagent.yaml
+++ b/kubernetes/omsagent.yaml
@@ -780,7 +780,7 @@ spec:
          imagePullPolicy: IfNotPresent
          resources:
           limits:
-           cpu: 200m
+           cpu: 500m
            memory: 600Mi
          env:
           - name: FBIT_SERVICE_FLUSH_INTERVAL

From 07d1e47da50815f7c74ac95df03345b8bd47094e Mon Sep 17 00:00:00 2001
From: Grace Wehner <grace.wehner@microsoft.com>
Date: Thu, 20 Jan 2022 16:04:47 -0800
Subject: [PATCH 7/8] add wildcard

---
 build/linux/installer/conf/telegraf.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build/linux/installer/conf/telegraf.conf b/build/linux/installer/conf/telegraf.conf
index e2a21279f..b0a8730c6 100644
--- a/build/linux/installer/conf/telegraf.conf
+++ b/build/linux/installer/conf/telegraf.conf
@@ -425,7 +425,7 @@
   # Below due to Bug - https://github.com/influxdata/telegraf/issues/5615
   # ORDER matters here!! - i.e the below should be the LAST modifier
   [inputs.disk.tagdrop]
-    path = ["/var/lib/kubelet*", "/dev/termination-log", "/var/log", "/etc/hosts", "/etc/resolv.conf", "/etc/hostname", "/etc/kubernetes/host", "/var/lib/docker/containers", "/etc/config/settings", "/run/host/containerd/io.containerd.runtime.v2.task/k8s.io"]
+    path = ["/var/lib/kubelet*", "/dev/termination-log", "/var/log", "/etc/hosts", "/etc/resolv.conf", "/etc/hostname", "/etc/kubernetes/host", "/var/lib/docker/containers", "/etc/config/settings", "/run/host/containerd/io.containerd.runtime.v2.task/k8s.io/*"]
 
 
 # Read metrics about memory usage

From 21faafed9b216adf444c64d05eef82a9971c2b2c Mon Sep 17 00:00:00 2001
From: Grace Wehner <grace.wehner@microsoft.com>
Date: Fri, 21 Jan 2022 16:55:32 -0800
Subject: [PATCH 8/8] feedback fixes

---
 .github/workflows/pr-checker.yml | 2 +-
 kubernetes/linux/setup.sh        | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/pr-checker.yml b/.github/workflows/pr-checker.yml
index 2b3c34dac..723f22dc7 100644
--- a/.github/workflows/pr-checker.yml
+++ b/.github/workflows/pr-checker.yml
@@ -56,7 +56,7 @@ jobs:
           format: 'table'
           severity: 'CRITICAL,HIGH'
           vuln-type: 'os,library'
-          skip-dirs: 'usr/sbin'
+          skip-dirs: '/usr/sbin'
           exit-code: '1'
           timeout: '5m0s'
   WINDOWS-build:
diff --git a/kubernetes/linux/setup.sh b/kubernetes/linux/setup.sh
index 15f1dba06..872ac99cf 100644
--- a/kubernetes/linux/setup.sh
+++ b/kubernetes/linux/setup.sh
@@ -61,6 +61,7 @@ rm -f $TMPDIR/docker-cimprov*.sh
 rm -f $TMPDIR/azure-mdsd*.deb
 rm -f $TMPDIR/mdsd.xml
 rm -f $TMPDIR/envmdsd
+rm -f $TMPDIR/telegraf-*.tar.gz
 
 # remove build dependencies
 sudo apt-get remove ruby2.6-dev gcc make -y