chore: Update manifests after change

2025-12-04 21:29:28 +00:00
parent d008c08479
commit 2654baa2c5
2100 changed files with 365994 additions and 380674 deletions
--- a/clusters/cl01tl/manifests/trivy/ConfigMap-trivy-operator.yaml
+++ b/clusters/cl01tl/manifests/trivy/ConfigMap-trivy-operator.yaml
@@ -0,0 +1,28 @@
+---
+# Source: trivy/charts/trivy-operator/templates/configmaps/operator.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: trivy-operator
+  namespace: trivy
+  labels:
+    helm.sh/chart: trivy-operator-0.31.0
+    app.kubernetes.io/name: trivy-operator
+    app.kubernetes.io/instance: trivy
+    app.kubernetes.io/version: "0.29.0"
+    app.kubernetes.io/managed-by: Helm
+data:
+  nodeCollector.tolerations: "[{\"effect\":\"NoSchedule\",\"key\":\"node-role.kubernetes.io/control-plane\",\"operator\":\"Exists\"}]"
+  nodeCollector.volumes: "[{\"hostPath\":{\"path\":\"/var/lib/etcd\"},\"name\":\"var-lib-etcd\"},{\"hostPath\":{\"path\":\"/var/lib/kubelet\"},\"name\":\"var-lib-kubelet\"},{\"hostPath\":{\"path\":\"/var/lib/kube-scheduler\"},\"name\":\"var-lib-kube-scheduler\"},{\"hostPath\":{\"path\":\"/var/lib/kube-controller-manager\"},\"name\":\"var-lib-kube-controller-manager\"},{\"hostPath\":{\"path\":\"/etc/kubernetes\"},\"name\":\"etc-kubernetes\"},{\"hostPath\":{\"path\":\"/etc/cni/net.d/\"},\"name\":\"etc-cni-netd\"}]"
+  nodeCollector.volumeMounts: "[{\"mountPath\":\"/var/lib/etcd\",\"name\":\"var-lib-etcd\",\"readOnly\":true},{\"mountPath\":\"/var/lib/kubelet\",\"name\":\"var-lib-kubelet\",\"readOnly\":true},{\"mountPath\":\"/var/lib/kube-scheduler\",\"name\":\"var-lib-kube-scheduler\",\"readOnly\":true},{\"mountPath\":\"/var/lib/kube-controller-manager\",\"name\":\"var-lib-kube-controller-manager\",\"readOnly\":true},{\"mountPath\":\"/etc/kubernetes\",\"name\":\"etc-kubernetes\",\"readOnly\":true},{\"mountPath\":\"/etc/cni/net.d/\",\"name\":\"etc-cni-netd\",\"readOnly\":true}]"
+  scanJob.useGCRServiceAccount: "true"
+  scanJob.podTemplateContainerSecurityContext: "{\"allowPrivilegeEscalation\":false,\"capabilities\":{\"drop\":[\"ALL\"]},\"privileged\":false,\"readOnlyRootFilesystem\":true}"
+  scanJob.compressLogs: "true"
+  vulnerabilityReports.scanner: "Trivy"
+  vulnerabilityReports.scanJobsInSameNamespace: "false"
+  configAuditReports.scanner: "Trivy"
+  report.recordFailedChecksOnly: "true"
+  node.collector.imageRef: "ghcr.io/aquasecurity/node-collector:0.3.1"
+  policies.bundle.oci.ref: "mirror.gcr.io/aquasec/trivy-checks:1"
+  policies.bundle.insecure: "false"
+  node.collector.nodeSelector: "true"