Skip to content

Commit

Permalink
chore: use mirror.gcr.io for trivy-check by default (#2321)
Browse files Browse the repository at this point in the history
  • Loading branch information
afdesk authored Nov 20, 2024
1 parent 5b1ad3f commit 5b2c1f7
Show file tree
Hide file tree
Showing 3 changed files with 5 additions and 5 deletions.
4 changes: 2 additions & 2 deletions deploy/helm/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -95,10 +95,10 @@ Keeps security report resources updated
| podSecurityContext | object | `{}` | |
| policiesBundle.existingSecret | bool | `false` | existingSecret if a secret containing registry credentials that have been created outside the chart (e.g external-secrets, sops, etc...). Keys must be at least one of the following: policies.bundle.oci.user, policies.bundle.oci.password Overrides policiesBundle.registryUser, policiesBundle.registryPassword values. Note: The secret has to be named "trivy-operator". |
| policiesBundle.insecure | bool | `false` | insecure is the flag to enable insecure connection to the policy bundle registry |
| policiesBundle.registry | string | `"ghcr.io"` | registry of the policies bundle |
| policiesBundle.registry | string | `"mirror.gcr.io"` | registry of the policies bundle |
| policiesBundle.registryPassword | string | `nil` | registryPassword is the password for the registry |
| policiesBundle.registryUser | string | `nil` | registryUser is the user for the registry |
| policiesBundle.repository | string | `"aquasecurity/trivy-checks"` | repository of the policies bundle |
| policiesBundle.repository | string | `"aquasec/trivy-checks"` | repository of the policies bundle |
| policiesBundle.tag | int | `1` | tag version of the policies bundle |
| priorityClassName | string | `""` | priorityClassName set the operator priorityClassName |
| rbac.create | bool | `true` | |
Expand Down
4 changes: 2 additions & 2 deletions deploy/helm/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -686,9 +686,9 @@ automountServiceAccountToken: true

policiesBundle:
# -- registry of the policies bundle
registry: ghcr.io
registry: mirror.gcr.io
# -- repository of the policies bundle
repository: aquasecurity/trivy-checks
repository: aquasec/trivy-checks
# -- tag version of the policies bundle
tag: 1
# -- registryUser is the user for the registry
Expand Down
2 changes: 1 addition & 1 deletion deploy/static/trivy-operator.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2970,7 +2970,7 @@ data:
compliance.failEntriesLimit: "10"
report.recordFailedChecksOnly: "true"
node.collector.imageRef: "ghcr.io/aquasecurity/node-collector:0.3.1"
policies.bundle.oci.ref: "ghcr.io/aquasecurity/trivy-checks:1"
policies.bundle.oci.ref: "mirror.gcr.io/aquasec/trivy-checks:1"
policies.bundle.insecure: "false"

node.collector.nodeSelector: "true"
Expand Down

0 comments on commit 5b2c1f7

Please sign in to comment.