enable some scanners

2024-07-12 16:13:08 -05:00
parent 7d00efb1ee
commit f6eb1e9db4
1 changed files with 4 additions and 4 deletions
--- a/clusters/cl01tl/monitoring/trivy/values.yaml
+++ b/clusters/cl01tl/monitoring/trivy/values.yaml
@@ -1,6 +1,6 @@
 trivy-operator:
  targetNamespaces: authentik,ghost,matrix-synapse,element-web,outline,freshrss,code-server,vikunja,cops,gitea
-  excludeNamespaces: ""
+  excludeNamespaces: kube-system
  targetWorkloads: "pod,replicaset,replicationcontroller,statefulset,daemonset,cronjob,job"
  operator:
    replicas: 2
@@ -43,9 +43,9 @@ trivy-operator:
    valuesFromConfigMap: ""
    valuesFromSecret: ""
    sbomGenerationEnabled: true
-    clusterSbomCacheEnabled: true    
-    clusterComplianceEnabled: false
-    configAuditScannerEnabled: false
+    clusterSbomCacheEnabled: true
+    clusterComplianceEnabled: true
+    configAuditScannerEnabled: true
    exposedSecretScannerEnabled: true
    infraAssessmentScannerEnabled: false
    rbacAssessmentScannerEnabled: true