trivy-operator:
  targetWorkloads: "pod,replicaset,replicationcontroller,statefulset,daemonset,cronjob,job"
  operator:
    replicas: 1
    vulnerabilityScannerEnabled: true
    sbomGenerationEnabled: true
    clusterSbomCacheEnabled: true
    configAuditScannerEnabled: true
    rbacAssessmentScannerEnabled: true
    infraAssessmentScannerEnabled: true
    clusterComplianceEnabled: false
    vulnerabilityScannerScanOnlyCurrentRevisions: true
    accessGlobalSecretsAndServiceAccount: true
    metricsFindingsEnabled: true
    exposedSecretScannerEnabled: true
  serviceMonitor:
    enabled: true
  trivy:
    createConfig: true
    image:
      registry: mirror.gcr.io
      repository: aquasec/trivy
      tag: 0.69.3
    storageClassEnabled: true
    storageClassName: ceph-block
    storageSize: "10Gi"
    registry:
      mirror:
        "registry-1.docker.io": proxy-registry-1.docker.io
        "quay.io": proxy-quay.io
        "registry.k8s.io": proxy-registry.k8s
        "gcr.io": proxy-gcr.io
        "ghcr.io": proxy-ghcr.io
        "hub.docker": proxy-hub.docker
    severity: UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL
    slow: true
    resources:
      requests:
        cpu: 100m
        memory: 128M
    supportedConfigAuditKinds: "Workload,Service,Role,ClusterRole,NetworkPolicy,Ingress,LimitRange,ResourceQuota"
    server:
      resources:
        requests:
          cpu: 200m
          memory: 512Mi
      replicas: 1