microsoft
diff --git a/‎.github/pull_request.md ‎.github/pull_request_template.md b/‎.github/pull_request.md ‎.github/pull_request_template.md
diff --git a/‎.github/workflows/integration.yaml
+183 b/‎.github/workflows/integration.yaml
+183
diff --git a/‎.github/workflows/release-charts.yaml
+4-1 b/‎.github/workflows/release-charts.yaml
+4-1
diff --git a/‎Makefile
+1-1 b/‎Makefile
+1-1
diff --git a/‎README.md
+31-18 b/‎README.md
+31-18
diff --git a/‎deploy/manifests/controller/helm/retina/templates/daemonset.yaml
+4-2 b/‎deploy/manifests/controller/helm/retina/templates/daemonset.yaml
+4-2
diff --git a/‎deploy/manifests/controller/helm/retina/templates/podmonitor.yaml
+38 b/‎deploy/manifests/controller/helm/retina/templates/podmonitor.yaml
+38
@@ -0,0 +1,183 @@
+name: Build images and run E2E tests. 
+
+on:
+  merge_group:
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  retina-images:
+    name: Build Agent Images
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        platform: ["linux"]
+        arch: ["amd64", "arm64"]
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - uses: actions/setup-go@v4
+        with:
+          go-version: ">=1.21.0"
+      - run: go version
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Az CLI login
+        uses: azure/login@v1
+        with:
+          creds: ${{ secrets.AZURE_CREDENTIALS }}
+
+      - name: Build Images
+        shell: bash
+        run: |
+          set -euo pipefail
+          az acr login -n acnpublic
+          echo "TAG=$(make version)" >> $GITHUB_ENV
+          make retina-image \
+            IMAGE_NAMESPACE=${{ github.repository }} \
+            PLATFORM=${{ matrix.platform }}/${{ matrix.arch }} \
+            IMAGE_REGISTRY=acnpublic.azurecr.io \
+            BUILDX_ACTION=--push
+
+  retina-win-images:
+    name: Build Agent Windows Images
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        platform: ["windows"]
+        arch: ["amd64"]
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - uses: actions/setup-go@v4
+        with:
+          go-version: ">=1.21.0"
+      - run: go version
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      
+      - name: Az CLI login
+        uses: azure/login@v1
+        with:
+          creds: ${{ secrets.AZURE_CREDENTIALS }}
+        
+      - name: Build Images
+        shell: bash
+        run: |
+          set -euo pipefail
+          az acr login -n acnpublic
+          echo "TAG=$(make version)" >> $GITHUB_ENV
+          make retina-image-win \
+            IMAGE_NAMESPACE=${{ github.repository }} \
+            PLATFORM=${{ matrix.platform }}/${{ matrix.arch }}  \
+            IMAGE_REGISTRY=acnpublic.azurecr.io \
+            BUILDX_ACTION=--push
+
+  operator-images:
+    name: Build Operator Images
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        platform: ["linux"]
+        arch: ["amd64"]
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - uses: actions/setup-go@v4
+        with:
+          go-version: ">=1.21.0"
+      - run: go version
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Az CLI login
+        uses: azure/login@v1
+        with:
+          creds: ${{ secrets.AZURE_CREDENTIALS }}
+        
+      - name: Build Images
+        shell: bash
+        run: |
+          set -euo pipefail
+          az acr login -n acnpublic
+          echo "TAG=$(make version)" >> $GITHUB_ENV
+          make retina-operator-image \
+            IMAGE_NAMESPACE=${{ github.repository }} \
+            PLATFORM=${{ matrix.platform }}/${{ matrix.arch }}  \
+            IMAGE_REGISTRY=acnpublic.azurecr.io \
+            BUILDX_ACTION=--push
+
+  manifests:
+    name: Generate Manifests
+    runs-on: ubuntu-latest
+    needs: [retina-images, retina-win-images, operator-images]
+
+    strategy:
+      matrix:
+        components: ["retina", "operator"]
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup QEMU
+        uses: docker/setup-qemu-action@v3
+      
+      - name: Azure CLI login
+        uses: azure/login@v1
+        with:
+          creds: ${{ secrets.AZURE_CREDENTIALS }}
+
+      - name: Generate Manifests
+        shell: bash
+        run: |
+          set -euo pipefail
+          az acr login -n acnpublic 
+          make manifest COMPONENT=${{ matrix.components }} \
+          IMAGE_REGISTRY=acnpublic.azurecr.io \
+      
+  e2e:
+    name: Run E2E Tests
+    runs-on: ubuntu-latest
+    needs: [manifests]
+
+    permissions:
+      id-token: write
+      contents: read
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup go
+        uses: actions/setup-go@v4
+        with:
+          go-version: ">=1.21.0"
+      - run: go version
+
+      - name: Az CLI login
+        uses: azure/login@v1
+        with:
+          creds: ${{ secrets.AZURE_CREDENTIALS }}
+
+      - name: Run E2E Tests
+        shell: bash
+        run: |
+          set -euo pipefail
+          export AZURE_SUBSCRIPTION_ID=${{ secrets.AZURE_SUBSCRIPTION }}
+          go test -v ./test/e2e/scenarios/retina/*.go -timeout 30m -tags=e2e -count=1  -args -image-tag=$(make version) -image-registry=acnpublic.azurecr.io -image-namespace=${{ github.repository}}
@@ -17,6 +17,8 @@ jobs:
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
 
       - uses: azure/[email protected]
         id: install
@@ -29,5 +31,6 @@ jobs:
         run: |
           set -euo pipefail
           export TAG=$(make version)
+          echo $TAG
           helm package ./deploy/manifests/controller/helm/retina --version $TAG
-          helm push retina-*.tgz oci://ghcr.io/${{ github.repository }}/charts
+          helm push retina-$TAG.tgz oci://ghcr.io/${{ github.repository }}/charts
@@ -343,7 +343,7 @@ coverage: # Code coverage.
 manifests: 
 	cd crd && make manifests && make generate
 
-HELM_IMAGE_TAG ?= v0.0.1
+HELM_IMAGE_TAG ?= v0.0.2
 
 # basic/node-level mode
 helm-install: manifests
 
@@ -37,15 +37,20 @@ Retina has two major features:
 
 ### Metrics Quick Install Guide
 
-Prerequisites: Go, Helm
-
-1. Clone the repo, then install Retina on your Kubernetes cluster
+Retina can be installed using the Helm chart from GHCR:
+
+```bash
+helm upgrade --install retina oci://ghcr.io/microsoft/retina/charts/retina \
+    --version v0.0.2 \
+		--set image.tag=v0.0.2 \
+		--set operator.tag=v0.0.2 \
+		--set logLevel=info \
+		--set enabledPlugin_linux="\[dropreason\,packetforward\,linuxutil\,dns\]"
+```
 
-   ```bash
-   make helm-install
-   ```
+Set the `version` and image `tag` arguments to the desired version, if different.
 
-2. Follow steps in [Using Prometheus and Grafana](https://retina.sh/docs/installation/prometheus-unmanaged) to set up metrics collection and visualization.
+After Helm install, follow steps in [Using Prometheus and Grafana](https://retina.sh/docs/installation/prometheus-unmanaged) to set up metrics collection and visualization.
 
 ### Captures Quick Start Guide
 
@@ -82,15 +87,23 @@ For further CLI documentation, see [Capture with Retina CLI](https://retina.sh/d
 
 #### Captures via CRD
 
-Prerequisites: Go, Helm
-
-1. Clone the repo, then install Retina with Capture operator support on your Kubernetes cluster
-
-   ```bash
-   make helm-install-with-operator
-   ```
+Install Retina using Helm:
+
+```bash
+helm upgrade --install retina oci://ghcr.io/microsoft/retina/charts/retina \
+    --version v0.0.2 \
+    --set image.tag=v0.0.2 \
+    --set operator.tag=v0.0.2 \
+    --set image.pullPolicy=Always \
+    --set logLevel=info \
+    --set os.windows=true \
+    --set operator.enabled=true \
+    --set operator.enableRetinaEndpoint=true \
+    --skip-crds \
+    --set enabledPlugin_linux="\[dropreason\,packetforward\,linuxutil\,dns\,packetparser\]"
+```
 
-2. Follow steps in [Capture CRD](https://retina.sh/docs/captures/#option-2-capture-crd-custom-resource-definition) for documentation of the CRD and examples for setting up Captures.
+Then follow steps in [Capture CRD](https://retina.sh/docs/captures/#option-2-capture-crd-custom-resource-definition) for documentation of the CRD and examples for setting up Captures.
 
 ## Contributing
 
@@ -129,9 +142,9 @@ This project has adopted the [Microsoft Open Source Code of Conduct](https://ope
 
 ## Contact
 
-For bugs or feature requests, open an [issue](https://github.com/microsoft/retina/issues).  
-For security or vulnerability concerns, see [SECURITY.md](SECURITY.md).  
-For other communication, contact the maintainers at <[email protected]>
+For bugs or feature requests, open an [issue](https://github.com/microsoft/retina/issues).
+For security or vulnerability concerns, see [SECURITY.md](SECURITY.md).
+For other communication, contact the maintainers at <[email protected]>.
 
 [goreport-img]: https://goreportcard.com/badge/github.com/microsoft/retina
 [goreport]: https://goreportcard.com/report/github.com/microsoft/retina
 
@@ -58,7 +58,8 @@ spec:
           {{- end}}
           {{- end}}
           ports:
-          - containerPort: {{ .Values.retinaPort }}
+          - name: retina
+            containerPort: {{ .Values.retinaPort }}
           resources:
             limits:
               memory: {{ .Values.resources.limits.memory | quote }}
@@ -152,7 +153,8 @@ spec:
         - name: retinawin
           image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
           ports:
-            - containerPort: {{ .Values.retinaPort }}
+          - name: retina
+            containerPort: {{ .Values.retinaPort }}
           command:
             - powershell.exe
             - -command
 
@@ -0,0 +1,38 @@
+{{- if .Values.metrics.podMonitor.enabled }}
+apiVersion: monitoring.coreos.com/v1
+kind: PodMonitor
+metadata:
+  name: {{ include "retina.fullname" . }}
+  namespace: {{ ternary .Values.metrics.podMonitor.namespace .Values.namespace (not (empty .Values.metrics.podMonitor.namespace)) }}
+  labels:
+    k8s-app: {{ include "retina.name" . }}
+    {{- if .Values.metrics.podMonitor.additionalLabels }}
+    {{- .Values.metrics.podMonitor.additionalLabels | nindent 4 }}
+    {{- end }}
+spec:
+  podMetricsEndpoints:
+    - port: retina
+      path: /metrics
+      {{- if .Values.metrics.podMonitor.interval }}
+      interval: {{ .Values.metrics.podMonitor.interval }}
+      {{- end }}
+      {{- if .Values.metrics.podMonitor.scrapeTimeout }}
+      scrapeTimeout: {{ .Values.metrics.podMonitor.scrapeTimeout }}
+      {{- end }}
+      {{- if .Values.metrics.podMonitor.scheme }}
+      scheme: {{ .Values.metrics.podMonitor.scheme }}
+      {{- end }}
+      {{- if .Values.metrics.podMonitor.tlsConfig }}
+      tlsConfig: {{- .Values.metrics.podMonitor.tlsConfig | nindent 8 }}
+      {{- end }}
+      {{- if .Values.metrics.podMonitor.relabelings }}
+      relabelings: 
+      {{- .Values.metrics.podMonitor.relabelings | nindent 8 }}
+      {{- end }}
+  namespaceSelector:
+    matchNames:
+      - {{ .Values.namespace }}
+  selector:
+    matchLabels:
+      app: {{ include "retina.name" . }}
+{{- end }}