alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 4 Actions Activity
Files
f218675ace312cb578972ac67119a0fe800ced27
infrastructure/clusters/cl01tl/manifests/trivy/Deployment-trivy-trivy-operator.yaml
gitea-bot f218675ace Automated Manifest Update (#4828) 
This PR contains newly rendered Kubernetes manifests automatically generated by the CI workflow.

### Details
- **Trigger**: `pull_request` by `@alexlebens`
- **Commit**: `c27d7bd` (on `c27d7bdf9bfd68e7f85176881f7253591ab701c4`)
- **Charts Updated**: `trivy`

Reviewed-on: #4828
Co-authored-by: gitea-bot <gitea-bot@alexlebens.net>
Co-committed-by: gitea-bot <gitea-bot@alexlebens.net>
2026-03-18 03:29:12 +00:00

83 lines
2.4 KiB
YAML
Raw Blame History

apiVersion: apps/v1
kind: Deployment
metadata:
name: trivy-trivy-operator
namespace: trivy
labels:
helm.sh/chart: trivy-operator-0.32.1
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy
app.kubernetes.io/version: "0.30.1"
app.kubernetes.io/managed-by: Helm
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy
template:
metadata:
annotations:
checksum/config: 7958fa6af7bcd3553864388add9a746a2efa15ac343c0c5d60b17769032e80a1
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy
spec:
serviceAccountName: trivy-trivy-operator
automountServiceAccountToken: true
containers:
- name: "trivy-operator"
image: "mirror.gcr.io/aquasec/trivy-operator:0.30.1"
imagePullPolicy: IfNotPresent
env:
- name: OPERATOR_NAMESPACE
value: trivy
- name: OPERATOR_TARGET_NAMESPACES
value: ""
- name: OPERATOR_EXCLUDE_NAMESPACES
value: ""
- name: OPERATOR_TARGET_WORKLOADS
value: "pod,replicaset,replicationcontroller,statefulset,daemonset,cronjob,job"
- name: OPERATOR_SERVICE_ACCOUNT
value: "trivy-trivy-operator"
envFrom:
- configMapRef:
name: trivy-operator-config
ports:
- name: metrics
containerPort: 8080
- name: probes
containerPort: 9090
readinessProbe:
httpGet:
path: /readyz/
port: probes
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
failureThreshold: 3
livenessProbe:
httpGet:
path: /healthz/
port: probes
initialDelaySeconds: 5
periodSeconds: 10
successThreshold: 1
failureThreshold: 10
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
privileged: false
readOnlyRootFilesystem: true
volumeMounts:
- mountPath: /tmp
name: cache-policies
readOnly: false
volumes:
- emptyDir: {}
name: cache-policies
Reference in New Issue View Git Blame Copy Permalink