From e3a74b9089283958b961a09bab1715e933bb3b08 Mon Sep 17 00:00:00 2001
From: Wolfgang Hottgenroth <wolfgang.hottgenroth@icloud.com>
Date: Mon, 3 Feb 2025 05:53:24 +0100
Subject: [PATCH] initial

---
 .gitignore  |  3 +++
 ingress.yml | 22 ++++++++++++++++++++++
 install.sh  | 22 ++++++++++++++++++++++
 namespace   |  1 +
 values.yml  |  7 +++++++
 5 files changed, 55 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 ingress.yml
 create mode 100755 install.sh
 create mode 100644 namespace
 create mode 100644 values.yml

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..e7464b6
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,3 @@
+secrets.txt
+deployment/secrets.txt
+
diff --git a/ingress.yml b/ingress.yml
new file mode 100644
index 0000000..296bd40
--- /dev/null
+++ b/ingress.yml
@@ -0,0 +1,22 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: trivy
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-production-http
+spec:
+  tls:
+    - hosts:
+        - trivy-server.hottis.de
+      secretName: trivy-server-cert
+  rules:
+    - host: trivy-server.hottis.de
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service: 
+                name: trivy-server
+                port: 
+                  number: 4954
diff --git a/install.sh b/install.sh
new file mode 100755
index 0000000..c5c25a7
--- /dev/null
+++ b/install.sh
@@ -0,0 +1,22 @@
+#!/bin/bash
+
+ARG1=$1
+NAMESPACE=$(cat namespace)
+TRIVY_VERSION=0.11.0
+
+kubectl create namespace $NAMESPACE \
+  --dry-run=client \
+  -o yaml | \
+  kubectl -f - apply
+
+
+helm repo add aquasecurity https://aquasecurity.github.io/helm-charts/
+helm repo update
+helm upgrade --install \
+  trivy-server aquasecurity/trivy \
+  -f values.yml \
+  --version $TRIVY_VERSION \
+  --namespace=$NAMESPACE
+
+
+
diff --git a/namespace b/namespace
new file mode 100644
index 0000000..6bd628d
--- /dev/null
+++ b/namespace
@@ -0,0 +1 @@
+trivy
diff --git a/values.yml b/values.yml
new file mode 100644
index 0000000..7cf4217
--- /dev/null
+++ b/values.yml
@@ -0,0 +1,7 @@
+trivy:
+  debugMode: true
+  existingSecret: trivy-secret
+  cache:
+    redis:
+      enabled: true
+      url: "redis://redis-master.redis.svc.cluster.local:6379/5"