initial

.gitignore

@@ -0,0 +1,3 @@
+secrets.txt
+deployment/secrets.txt
+

ingress.yml

@@ -0,0 +1,22 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: trivy
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-production-http
+spec:
+  tls:
+    - hosts:
+        - trivy-server.hottis.de
+      secretName: trivy-server-cert
+  rules:
+    - host: trivy-server.hottis.de
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service: 
+                name: trivy-server
+                port: 
+                  number: 4954

install.sh

@@ -0,0 +1,22 @@
+#!/bin/bash
+
+ARG1=$1
+NAMESPACE=$(cat namespace)
+TRIVY_VERSION=0.11.0
+
+kubectl create namespace $NAMESPACE \
+  --dry-run=client \
+  -o yaml | \
+  kubectl -f - apply
+
+
+helm repo add aquasecurity https://aquasecurity.github.io/helm-charts/
+helm repo update
+helm upgrade --install \
+  trivy-server aquasecurity/trivy \
+  -f values.yml \
+  --version $TRIVY_VERSION \
+  --namespace=$NAMESPACE
+
+
+

namespace

@@ -0,0 +1 @@
+trivy

values.yml

@@ -0,0 +1,7 @@
+trivy:
+  debugMode: true
+  existingSecret: trivy-secret
+  cache:
+    redis:
+      enabled: true
+      url: "redis://redis-master.redis.svc.cluster.local:6379/5"