Skip to content

Commit

Permalink
Merge branch '2022.4' into updateKbRegistry
Browse files Browse the repository at this point in the history
  • Loading branch information
mjshastha committed Oct 14, 2024
2 parents 5937119 + dadc6c2 commit 7d6a33a
Show file tree
Hide file tree
Showing 6 changed files with 41 additions and 20 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -1096,7 +1096,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.16.1"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
data:
trivy.repository: "ghcr.io/aquasecurity/trivy"
Expand Down Expand Up @@ -1124,7 +1124,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.16.1"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
data:
scanJob.podTemplateContainerSecurityContext: "{\"allowPrivilegeEscalation\":false,\"capabilities\":{\"drop\":[\"ALL\"]},\"privileged\":false,\"readOnlyRootFilesystem\":true}"
Expand All @@ -1141,7 +1141,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.16.1"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
data:
---
Expand All @@ -1153,7 +1153,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.16.1"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
---
apiVersion: v1
Expand All @@ -1164,7 +1164,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.16.1"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
---
apiVersion: rbac.authorization.k8s.io/v1
Expand Down Expand Up @@ -1402,7 +1402,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.16.1"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
roleRef:
apiGroup: rbac.authorization.k8s.io
Expand All @@ -1421,7 +1421,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.16.1"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
rules:
- apiGroups:
Expand Down Expand Up @@ -1451,7 +1451,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.16.1"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
roleRef:
apiGroup: rbac.authorization.k8s.io
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -158,7 +158,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.16.1"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
spec:
replicas: 1
Expand All @@ -178,7 +178,7 @@ spec:
automountServiceAccountToken: true
containers:
- name: "trivy-operator"
image: "docker.io/aquasec/trivy-operator:0.16.1"
image: "docker.io/aquasec/trivy-operator:0.20.1"
imagePullPolicy: IfNotPresent
env:
- name: OPERATOR_NAMESPACE
Expand Down Expand Up @@ -245,6 +245,8 @@ spec:
value: "10h"
- name: OPERATOR_MERGE_RBAC_FINDING_WITH_CONFIG_AUDIT
value: "true"
- name: CONTROLLER_CACHE_SYNC_TIMEOUT
value: "5m"
ports:
- name: metrics
containerPort: 8080
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -946,7 +946,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.16.1"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
data:
trivy.repository: "ghcr.io/aquasecurity/trivy"
Expand Down Expand Up @@ -974,7 +974,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.16.1"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
data:
scanJob.podTemplateContainerSecurityContext: "{\"allowPrivilegeEscalation\":false,\"capabilities\":{\"drop\":[\"ALL\"]},\"privileged\":false,\"readOnlyRootFilesystem\":true}"
Expand All @@ -991,7 +991,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.16.1"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
data:
---
Expand All @@ -1003,7 +1003,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.16.1"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
---
apiVersion: v1
Expand All @@ -1014,7 +1014,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.16.1"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
---
apiVersion: rbac.authorization.k8s.io/v1
Expand Down Expand Up @@ -1252,7 +1252,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.16.1"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
roleRef:
apiGroup: rbac.authorization.k8s.io
Expand All @@ -1271,7 +1271,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.16.1"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
rules:
- apiGroups:
Expand Down Expand Up @@ -1301,7 +1301,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.16.1"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
roleRef:
apiGroup: rbac.authorization.k8s.io
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -98,7 +98,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.16.1"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
spec:
replicas: 1
Expand All @@ -118,7 +118,7 @@ spec:
automountServiceAccountToken: true
containers:
- name: "trivy-operator"
image: "docker.io/aquasec/trivy-operator:0.16.1"
image: "docker.io/aquasec/trivy-operator:0.20.1"
imagePullPolicy: IfNotPresent
env:
- name: OPERATOR_NAMESPACE
Expand Down Expand Up @@ -185,6 +185,8 @@ spec:
value: "10h"
- name: OPERATOR_MERGE_RBAC_FINDING_WITH_CONFIG_AUDIT
value: "true"
- name: CONTROLLER_CACHE_SYNC_TIMEOUT
value: "5m"
ports:
- name: metrics
containerPort: 8080
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,3 +18,10 @@ data:

# Set this to 1 to establish mTLS connection with CyberCenter
#OFFLINE_CC_MTLS_ENABLE: "1"

#health monitor is supported from SaaS scanner version 2407.4.20 and for on-prem 2022.4.613.7
# enable below two values for health check monitor (liveness probe)
#AQUA_HEALTH_MONITOR_ENABLED: "true"
#AQUA_HEALTH_MONITOR_PORT: "8081"


10 changes: 10 additions & 0 deletions scanner/kubernetes_and_openshift/manifests/004_scanner_deploy.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,16 @@ spec:
- name: kube-scanner
image: registry.aquasec.com/scanner:2022.4
imagePullPolicy: Always
# livenessProbe:
# httpGet:
# port: 8081
# path: /healthz
# scheme: HTTP
# initialDelaySeconds: 15
# periodSeconds: 60
# successThreshold: 1
# failureThreshold: 3
# timeoutSeconds: 1
# resources:
# limits:
# cpu: 2000m
Expand Down

0 comments on commit 7d6a33a

Please sign in to comment.