From b50508a71a0a8d4c79eab6fab81378a8e86e4b2e Mon Sep 17 00:00:00 2001 From: Alex Lebens Date: Sun, 15 Mar 2026 22:51:25 +0000 Subject: [PATCH] dev (#4776) Co-authored-by: Renovate Bot Reviewed-on: https://gitea.alexlebens.dev/alexlebens/infrastructure/pulls/4776 --- clusters/cl01tl/helm/trivy/values.yaml | 40 ++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/clusters/cl01tl/helm/trivy/values.yaml b/clusters/cl01tl/helm/trivy/values.yaml index 5d6cce425..fd4220dd4 100644 --- a/clusters/cl01tl/helm/trivy/values.yaml +++ b/clusters/cl01tl/helm/trivy/values.yaml @@ -2,6 +2,7 @@ trivy-operator: targetWorkloads: "pod,replicaset,replicationcontroller,statefulset,daemonset,cronjob,job" operator: replicas: 1 + scanJobsConcurrentLimit: 3 vulnerabilityScannerEnabled: true sbomGenerationEnabled: true clusterSbomCacheEnabled: true @@ -45,3 +46,42 @@ trivy-operator: cpu: 200m memory: 512Mi replicas: 1 +nodeCollector: + volumeMounts: + - name: var-lib-etcd + mountPath: /var/lib/etcd + readOnly: true + - name: var-lib-kubelet + mountPath: /var/lib/kubelet + readOnly: true + - name: var-lib-kube-scheduler + mountPath: /var/lib/kube-scheduler + readOnly: true + - name: var-lib-kube-controller-manager + mountPath: /var/lib/kube-controller-manager + readOnly: true + - name: etc-kubernetes + mountPath: /etc/kubernetes + readOnly: true + - name: etc-cni-netd + mountPath: /etc/cni/net.d/ + readOnly: true + volumes: + - name: var-lib-etcd + hostPath: + path: /var/lib/etcd + - name: var-lib-kubelet + hostPath: + path: /var/lib/kubelet + - name: var-lib-kube-scheduler + hostPath: + path: /var/lib/kube-scheduler + - name: var-lib-kube-controller-manager + hostPath: + path: /var/lib/kube-controller-manager + - name: etc-kubernetes + hostPath: + path: /etc/kubernetes + - name: etc-cni-netd + hostPath: + path: /etc/cni/net.d/