--- # Source: trivy/charts/trivy-operator/templates/configmaps/operator.yaml apiVersion: v1 kind: ConfigMap metadata: name: trivy-operator namespace: trivy labels: helm.sh/chart: trivy-operator-0.31.0 app.kubernetes.io/name: trivy-operator app.kubernetes.io/instance: trivy app.kubernetes.io/version: "0.29.0" app.kubernetes.io/managed-by: Helm data: nodeCollector.tolerations: "[{\"effect\":\"NoSchedule\",\"key\":\"node-role.kubernetes.io/control-plane\",\"operator\":\"Exists\"}]" nodeCollector.volumes: "[{\"hostPath\":{\"path\":\"/var/lib/etcd\"},\"name\":\"var-lib-etcd\"},{\"hostPath\":{\"path\":\"/var/lib/kubelet\"},\"name\":\"var-lib-kubelet\"},{\"hostPath\":{\"path\":\"/var/lib/kube-scheduler\"},\"name\":\"var-lib-kube-scheduler\"},{\"hostPath\":{\"path\":\"/var/lib/kube-controller-manager\"},\"name\":\"var-lib-kube-controller-manager\"},{\"hostPath\":{\"path\":\"/etc/kubernetes\"},\"name\":\"etc-kubernetes\"},{\"hostPath\":{\"path\":\"/etc/cni/net.d/\"},\"name\":\"etc-cni-netd\"}]" nodeCollector.volumeMounts: "[{\"mountPath\":\"/var/lib/etcd\",\"name\":\"var-lib-etcd\",\"readOnly\":true},{\"mountPath\":\"/var/lib/kubelet\",\"name\":\"var-lib-kubelet\",\"readOnly\":true},{\"mountPath\":\"/var/lib/kube-scheduler\",\"name\":\"var-lib-kube-scheduler\",\"readOnly\":true},{\"mountPath\":\"/var/lib/kube-controller-manager\",\"name\":\"var-lib-kube-controller-manager\",\"readOnly\":true},{\"mountPath\":\"/etc/kubernetes\",\"name\":\"etc-kubernetes\",\"readOnly\":true},{\"mountPath\":\"/etc/cni/net.d/\",\"name\":\"etc-cni-netd\",\"readOnly\":true}]" scanJob.useGCRServiceAccount: "true" scanJob.podTemplateContainerSecurityContext: "{\"allowPrivilegeEscalation\":false,\"capabilities\":{\"drop\":[\"ALL\"]},\"privileged\":false,\"readOnlyRootFilesystem\":true}" scanJob.compressLogs: "true" vulnerabilityReports.scanner: "Trivy" vulnerabilityReports.scanJobsInSameNamespace: "false" configAuditReports.scanner: "Trivy" report.recordFailedChecksOnly: "true" node.collector.imageRef: "ghcr.io/aquasecurity/node-collector:0.3.1" policies.bundle.oci.ref: "mirror.gcr.io/aquasec/trivy-checks:1" policies.bundle.insecure: "false" node.collector.nodeSelector: "true"