DeveloperDurp/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e263e46e15d7398e16a730b1c299f6fbd63c760d
homelab/kubeclarity/values.yaml
developerdurp e263e46e15 add kubeclarity
2023-11-19 08:02:58 -06:00

236 lines
4.1 KiB
YAML
Raw Blame History

kubeclarity:
global:
databasePassword: kubeclarity
docker:
registry: "registry.durp.info/openclarity"
tag: "latest"
imagePullPolicy: Always
curl:
image:
registry: "registry.durp.info"
repository: curlimages/curl
tag: 7.87.0
kubeclarity:
docker:
imageName: ""
logLevel: warning
enableDBInfoLog: false
prometheus:
enabled: false
podAnnotations: {}
service:
type: ClusterIP
port: 8080
annotations: {}
ingress:
enabled: false
resources:
requests:
memory: "200Mi"
cpu: "100m"
limits:
memory: "1000Mi"
cpu: "1000m"
initContainers:
resources:
requests:
memory: "100Mi"
cpu: "100m"
limits:
memory: "200Mi"
cpu: "200m"
kubeclarity-runtime-scan:
httpsProxy: ""
httpProxy: ""
resultServicePort: 8888
labels:
app: kubeclarity-scanner
sidecar.istio.io/inject: "false"
namespace: ""
registry:
skipVerifyTlS: "false"
useHTTP: "false"
cis-docker-benchmark-scanner:
resources:
requests:
memory: "50Mi"
cpu: "50m"
limits:
memory: "1000Mi"
cpu: "1000m"
vulnerability-scanner:
resources:
requests:
memory: "50Mi"
cpu: "50m"
limits:
memory: "1000Mi"
cpu: "1000m"
analyzer:
analyzerList: "syft gomod trivy"
analyzerScope: "squashed"
trivy:
enabled: true
timeout: "300"
scanner:
scannerList: "grype trivy"
grype:
enabled: true
mode: "REMOTE"
remote-grype:
timeout: "2m"
dependency-track:
enabled: false
insecureSkipVerify: "true"
disableTls: "true"
apiserverAddress: "dependency-track-apiserver.dependency-track"
apiKey: ""
trivy:
enabled: true
timeout: "300"
kubeclarity-grype-server:
enabled: true
docker:
imageRepo: "registry.durp.info/openclarity"
imageTag: "v0.6.0"
imagePullPolicy: Always
logLevel: warning
servicePort: 9991
resources:
requests:
cpu: "200m"
memory: "200Mi"
limits:
cpu: "1000m"
memory: "1G"
kubeclarity-trivy-server:
enabled: true
## Docker Image values.
image:
registry: registry.durp.info
repository: aquasec/trivy
tag: 0.44.1
pullPolicy: Always
persistence:
enabled: false
podSecurityContext:
runAsUser: 1001
runAsNonRoot: true
fsGroup: 1001
securityContext:
privileged: false
readOnlyRootFilesystem: true
trivy:
debugMode: false
service:
port: 9992
resources:
requests:
cpu: "200m"
memory: "200Mi"
limits:
cpu: "1000m"
memory: "1G"
kubeclarity-sbom-db:
docker:
imageName: ""
logLevel: warning
servicePort: 8080
resources:
requests:
memory: "20Mi"
cpu: "10m"
limits:
memory: "1Gi"
cpu: "200m"
kubeclarity-postgresql:
enabled: true
image:
registry: registry.durp.info
repository: bitnami/postgresql
tag: 14.6.0-debian-11-r31
auth:
existingSecret: kubeclarity-postgresql-secret
username: postgres
database: kubeclarity
sslMode: disable
service:
ports:
postgresql: 5432
serviceAccount:
enabled: true
securityContext:
enabled: true
fsGroup: 1001
containerSecurityContext:
enabled: true
runAsUser: 1001
runAsNonRoot: true
volumePermissions:
enabled: false
securityContext:
runAsUser: 1001
shmVolume:
chmod:
enabled: true
resources:
requests:
memory: "256Mi"
cpu: "250m"
limits:
memory: "1000Mi"
cpu: "1000m"
kubeclarity-postgresql-external:
enabled: false
kubeclarity-postgresql-secret:
create: true
secretKey: "postgres-password"
Reference in New Issue View Git Blame Copy Permalink