admin/aquasecurity-trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2026-01-31 13:53:14 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat(helm): make Trivy service name configurable (#1825)

Browse Source
This commit is contained in:
Zach Stone
2022-03-16 09:38:45 +01:00
committed by GitHub
parent 7a44a7a344
commit b2f554eb2a
3 changed files with 9 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
helm/trivy/README.md
View File

@@ -62,24 +62,25 @@ The following table lists the configurable parameters of the Trivy chart and the
| `image.pullPolicy` | Image pull policy | `IfNotPresent` |
| `image.pullSecret` | The name of an imagePullSecret used to pull trivy image from e.g. Docker Hub or a private registry | |
| `replicaCount` | Number of Trivy Pods to run | `1` |
| `trivy.debugMode` | The flag to enable or disable Trivy debug mode | `false` |
| `trivy.gitHubToken` | The GitHub access token to download Trivy DB. More info: https://github.com/aquasecurity/trivy#github-rate-limiting | |
| `trivy.debugMode` | The flag to enable or disable Trivy debug mode | `false` |
| `trivy.gitHubToken` | The GitHub access token to download Trivy DB. More info: https://github.com/aquasecurity/trivy#github-rate-limiting | |
| `trivy.registryUsername` | The username used to log in at dockerhub. More info: https://aquasecurity.github.io/trivy/dev/advanced/private-registries/docker-hub/ | |
| `trivy.registryPassword` | The password used to log in at dockerhub. More info: https://aquasecurity.github.io/trivy/dev/advanced/private-registries/docker-hub/ | |
| `trivy.registryCredentialsExistingSecret` | Name of Secret containing dockerhub credentials. Alternative to the 2 parameters above, has precedence if set. | |
| `trivy.serviceAccount.annotations` | Additional annotations to add to the Kubernetes service account resource | |
| `trivy.skipUpdate` | The flag to enable or disable Trivy DB downloads from GitHub | `false` |
| `trivy.skipUpdate` | The flag to enable or disable Trivy DB downloads from GitHub | `false` |
| `trivy.cache.redis.enabled` | Enable Redis as caching backend | `false` |
| `trivy.cache.redis.url` | Specify redis connection url, e.g. redis://redis.redis.svc:6379 | `` |
| `trivy.serverToken` | The token to authenticate Trivy client with Trivy server | `` |
| `service.name` | If specified, the name used for the Trivy service | |
| `service.type` | Kubernetes service type | `ClusterIP` |
| `service.port` | Kubernetes service port | `4954` |
| `httpProxy` | The URL of the HTTP proxy server | |
| `httpsProxy` | The URL of the HTTPS proxy server | |
| `noProxy` | The URLs that the proxy settings do not apply to | |
| `nodeSelector` | Node labels for pod assignment | |
| `affinity` | Affinity settings for pod assignment | |
| `tolerations` | Tolerations for pod assignment | |
| `affinity` | Affinity settings for pod assignment | |
| `tolerations` | Tolerations for pod assignment | |
The above parameters map to the env variables defined in [trivy](https://github.com/aquasecurity/trivy#configuration).

2
helm/trivy/templates/service.yaml
View File

@@ -1,7 +1,7 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "trivy.fullname" . }}
name: {{ .Values.service.name | default (include "trivy.fullname" .) }}
labels:
{{ include "trivy.labels" . | indent 4 }}
spec:

2
helm/trivy/values.yaml
View File

@@ -115,6 +115,8 @@ trivy:
serverToken: ""
service:
# If specified, the name used for the Trivy service.
name:
# type Kubernetes service type
type: ClusterIP
# port Kubernetes service port