From dcc0738c9594c8e0b3985100fbccd011cd5ab18f Mon Sep 17 00:00:00 2001 From: Wolfgang Hottgenroth Date: Fri, 23 May 2025 15:54:18 +0200 Subject: [PATCH] trivy and engagement name --- install.sh | 7 +++++++ secrets.asc | 12 +++++++----- values-trivy-dojo-operator.yml | 2 +- values-trivy-operator.yml | 6 ++++++ 4 files changed, 21 insertions(+), 6 deletions(-) diff --git a/install.sh b/install.sh index ada9335..b278ca6 100755 --- a/install.sh +++ b/install.sh @@ -36,6 +36,13 @@ kubectl create secret generic ${TRIVY_DOJO_OPERATOR_NAME}-trivy-dojo-report-oper --from-literal=url="$DOJO_URL" | \ kubectl apply -f - -n $NAMESPACE +kubectl create secret generic trivy-operator-trivy-config \ + --dry-run=client \ + -o yaml \ + --save-config \ + --from-literal="trivy.serverToken"="$TRIVY_SERVER_TOKEN" | \ + kubectl apply -f - -n $NAMESPACE + helm repo add aqua https://aquasecurity.github.io/helm-charts/ helm repo update diff --git a/secrets.asc b/secrets.asc index 90956de..20989b0 100644 --- a/secrets.asc +++ b/secrets.asc @@ -1,8 +1,10 @@ -----BEGIN PGP MESSAGE----- -jA0ECQMIm1olSwhkMHD+0psBVajxT2yy+YxRX0iYWm48OHeo7aLMtQLfrrFSDTNq -uENsy11GeUdMoZhbEgRGO1ARp1dSgGuFQ8ZI4aAkg1k5wa6T4lM8PLedrTPWMzY2 -hqXMVxYiG0sYblA7N2hWTRLjpEGaMTkDO4RkiZuRJdWUFxB813/vUD5waQKXBJLe -fxCDLWqhX9NcCZCYfgKXufdlDuGSbkd5yqmrDQ== -=BBCk +jA0ECQMIMzYiRNbhDoz+0sAiAdx8in0FCQ9n7ajuybzYnr6rWjJ8L8M66OPpJXDf +h3OVi0a2/1XGrQpCKc4rtgG+0OtSxqHFMdyj3bblO0qfNTvCDAluzjHU7ZlM1XlW +brAlBSDxBBY4NEYtU+vo8x8cv0smzmqsmLbbTW17XR82RsaLFgcWkHrW/KzDaUxP +cuwmxX2dt3egs7rkimmIOw68WMM4KVqBZq2J3SLKj/TzwfvXygAVRsiB3/YiVdP0 +c0w9Z9WsroxGp7dcceSo41pq8UeWbD5du/aT5IN64u+KpHQukX+hrT7bIXXN/Fxp +HbTOvA== +=b8GM -----END PGP MESSAGE----- diff --git a/values-trivy-dojo-operator.yml b/values-trivy-dojo-operator.yml index 18237de..68d123e 100644 --- a/values-trivy-dojo-operator.yml +++ b/values-trivy-dojo-operator.yml @@ -4,6 +4,6 @@ operator: trivyDojoReportOperator: env: defectDojoEvalEngagementName: "true" - defectDojoEngagementName: "body['report']['artifact']['tag']" + defectDojoEngagementName: "body['report']['registry']['server']+':'+body['report']['artifact']['repository']+':'+body['report']['artifact']['tag']" defectDojoEvalProductName: "true" defectDojoProductName: "meta['namespace']+':'+meta['name']" diff --git a/values-trivy-operator.yml b/values-trivy-operator.yml index 9c9fba9..307b75d 100644 --- a/values-trivy-operator.yml +++ b/values-trivy-operator.yml @@ -1,6 +1,12 @@ trivy: timeout: "10m0s" + mode: ClientServer + serverURL: http://trivy-server.trivy.svc.cluster.local:4954 + existingSecret: true operator: scanJobTimeout: 10m +nodeCollector: + useNodeSelector: false + targetNamespaces: "homea"