kubeclarity: global: databasePassword: kubeclarity docker: registry: "registry.internal.durp.info/openclarity" tag: "latest" imagePullPolicy: Always curl: image: registry: "registry.internal.durp.info" repository: curlimages/curl tag: 7.87.0 kubeclarity: docker: imageName: "" logLevel: warning enableDBInfoLog: false prometheus: enabled: false podAnnotations: {} service: type: ClusterIP port: 8080 annotations: {} ingress: enabled: false resources: requests: memory: "200Mi" cpu: "100m" limits: memory: "1000Mi" cpu: "1000m" initContainers: resources: requests: memory: "100Mi" cpu: "100m" limits: memory: "200Mi" cpu: "200m" kubeclarity-runtime-scan: httpsProxy: "" httpProxy: "" resultServicePort: 8888 labels: app: kubeclarity-scanner sidecar.istio.io/inject: "false" namespace: "" registry: skipVerifyTlS: "false" useHTTP: "false" cis-docker-benchmark-scanner: resources: requests: memory: "50Mi" cpu: "50m" limits: memory: "1000Mi" cpu: "1000m" vulnerability-scanner: resources: requests: memory: "50Mi" cpu: "50m" limits: memory: "1000Mi" cpu: "1000m" analyzer: analyzerList: "syft gomod trivy" analyzerScope: "squashed" trivy: enabled: true timeout: "300" scanner: scannerList: "grype trivy" grype: enabled: true mode: "REMOTE" remote-grype: timeout: "2m" dependency-track: enabled: false insecureSkipVerify: "true" disableTls: "true" apiserverAddress: "dependency-track-apiserver.dependency-track" apiKey: "" trivy: enabled: true timeout: "300" kubeclarity-grype-server: enabled: true docker: imageRepo: "registry.internal.durp.info/openclarity" imageTag: "v0.6.0" imagePullPolicy: Always logLevel: warning servicePort: 9991 resources: requests: cpu: "200m" memory: "200Mi" limits: cpu: "1000m" memory: "1G" kubeclarity-trivy-server: enabled: true ## Docker Image values. image: registry: registry.internal.durp.info repository: aquasec/trivy tag: 0.44.1 pullPolicy: Always persistence: enabled: false podSecurityContext: runAsUser: 1001 runAsNonRoot: true fsGroup: 1001 securityContext: privileged: false readOnlyRootFilesystem: true trivy: debugMode: false service: port: 9992 resources: requests: cpu: "200m" memory: "200Mi" limits: cpu: "1000m" memory: "1G" kubeclarity-sbom-db: docker: imageName: "" logLevel: warning servicePort: 8080 resources: requests: memory: "20Mi" cpu: "10m" limits: memory: "1Gi" cpu: "200m" kubeclarity-postgresql: enabled: true image: registry: registry.internal.durp.info repository: bitnami/postgresql tag: 14.6.0-debian-11-r31 auth: existingSecret: kubeclarity-postgresql-secret username: postgres database: kubeclarity sslMode: disable service: ports: postgresql: 5432 serviceAccount: enabled: true securityContext: enabled: true fsGroup: 1001 containerSecurityContext: enabled: true runAsUser: 1001 runAsNonRoot: true volumePermissions: enabled: false securityContext: runAsUser: 1001 shmVolume: chmod: enabled: true resources: requests: memory: "256Mi" cpu: "250m" limits: memory: "1000Mi" cpu: "1000m" kubeclarity-postgresql-external: enabled: false kubeclarity-postgresql-secret: create: true secretKey: "postgres-password"