# Default values for sbom-operator. # This is a YAML-formatted file. # Declare variables to be passed into your templates. image: repository: ghcr.io/ckotzbauer/vulnerability-operator tag: "" pullPolicy: IfNotPresent pullSecrets: [] args: {} envVars: {} useReportsEmptyDir: true ignoreRules: "" # ignore: # # This is the full set of supported rule fields: # - vulnerability: CVE-2008-4318 # fix-state: unknown # package: # name: libcurl # version: 1.5.1 # type: npm # location: "/usr/local/lib/node_modules/**" # # # We can make rules to match just by vulnerability ID: # - vulnerability: CVE-2017-41432 # # # ...or just by a single package field: # - package: # type: gem filterConfig: "" # ignore: # - vulnerability: GHSA-ggxm-pgc9-g7fp # rdoc # context: # - image: "*" # namespace: gitlab-dev # kind: Deployment # name: gitlab-dev-server # audit: # - vulnerability: GHSA-fp4w-jxhp-m23p # bundler # context: # - image: "*" # namespace: gitlab-dev # kind: Deployment # name: gitlab-dev-server podAnnotations: {} priorityClassName: "" resources: {} # requests: # cpu: 500m # memory: 250Gi # limits: # cpu: 100m # memory: 100Mi podSecurityContext: {} securityContext: capabilities: drop: - ALL allowPrivilegeEscalation: false privileged: false readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1000 seccompProfile: type: RuntimeDefault serviceAccount: # Specifies whether a ServiceAccount should be created create: true # The name of the ServiceAccount to use. # If not set and create is true, a name is generated using the fullname template name: servicemonitor: enabled: false relabelings: {} metricRelabelings: {} additionalLabels: {} ingress: enabled: false className: "" annotations: {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" hosts: - host: chart-example.local paths: - path: / pathType: ImplementationSpecific tls: [] # - secretName: chart-example-tls # hosts: # - chart-example.local nodeSelector: {} tolerations: [] affinity: {} extraVolumes: [] extraVolumeMounts: []