From e1363551c267104c72006b77a4dc08291ec18c90 Mon Sep 17 00:00:00 2001 From: Alex Lebens Date: Tue, 17 Mar 2026 22:16:49 -0500 Subject: [PATCH 1/2] feat: disable sbom and infra scanner --- clusters/cl01tl/helm/trivy/values.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/clusters/cl01tl/helm/trivy/values.yaml b/clusters/cl01tl/helm/trivy/values.yaml index f0a4a29ac..e86410f8a 100644 --- a/clusters/cl01tl/helm/trivy/values.yaml +++ b/clusters/cl01tl/helm/trivy/values.yaml @@ -2,13 +2,13 @@ trivy-operator: targetWorkloads: "pod,replicaset,replicationcontroller,statefulset,daemonset,cronjob,job" operator: replicas: 1 - scanJobsConcurrentLimit: 3 + scanJobsConcurrentLimit: 1 vulnerabilityScannerEnabled: true - sbomGenerationEnabled: true - clusterSbomCacheEnabled: true + sbomGenerationEnabled: false + clusterSbomCacheEnabled: false configAuditScannerEnabled: true rbacAssessmentScannerEnabled: true - infraAssessmentScannerEnabled: true + infraAssessmentScannerEnabled: false clusterComplianceEnabled: false vulnerabilityScannerScanOnlyCurrentRevisions: true accessGlobalSecretsAndServiceAccount: true -- 2.49.1 From 1a5a88206d2cae3387f77e902725c970b6609c4e Mon Sep 17 00:00:00 2001 From: Alex Lebens Date: Tue, 17 Mar 2026 22:38:49 -0500 Subject: [PATCH 2/2] feat: add toleration --- clusters/cl01tl/helm/trivy/values.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/clusters/cl01tl/helm/trivy/values.yaml b/clusters/cl01tl/helm/trivy/values.yaml index e86410f8a..7a8e4fcfc 100644 --- a/clusters/cl01tl/helm/trivy/values.yaml +++ b/clusters/cl01tl/helm/trivy/values.yaml @@ -47,6 +47,10 @@ trivy-operator: memory: 512Mi replicas: 1 nodeCollector: + tolerations: + - key: node-role.kubernetes.io/control-plane + operator: Exists + effect: NoSchedule volumeMounts: - name: var-lib-etcd mountPath: /var/lib/etcd -- 2.49.1