108 lines
2.1 KiB
YAML
108 lines
2.1 KiB
YAML
# Default values for sbom-operator.
|
|
# This is a YAML-formatted file.
|
|
# Declare variables to be passed into your templates.
|
|
|
|
image:
|
|
repository: ghcr.io/ckotzbauer/vulnerability-operator
|
|
tag: ""
|
|
pullPolicy: IfNotPresent
|
|
pullSecrets: []
|
|
|
|
args: {}
|
|
|
|
envVars: {}
|
|
|
|
ignoreRules: ""
|
|
# ignore:
|
|
# # This is the full set of supported rule fields:
|
|
# - vulnerability: CVE-2008-4318
|
|
# fix-state: unknown
|
|
# package:
|
|
# name: libcurl
|
|
# version: 1.5.1
|
|
# type: npm
|
|
# location: "/usr/local/lib/node_modules/**"
|
|
#
|
|
# # We can make rules to match just by vulnerability ID:
|
|
# - vulnerability: CVE-2017-41432
|
|
#
|
|
# # ...or just by a single package field:
|
|
# - package:
|
|
# type: gem
|
|
|
|
filterConfig: ""
|
|
# ignore:
|
|
# - vulnerability: GHSA-ggxm-pgc9-g7fp # rdoc
|
|
# context:
|
|
# - image: "*"
|
|
# namespace: gitlab-dev
|
|
# kind: Deployment
|
|
# name: gitlab-dev-server
|
|
# audit:
|
|
# - vulnerability: GHSA-fp4w-jxhp-m23p # bundler
|
|
# context:
|
|
# - image: "*"
|
|
# namespace: gitlab-dev
|
|
# kind: Deployment
|
|
# name: gitlab-dev-server
|
|
|
|
podAnnotations: {}
|
|
|
|
resources: {}
|
|
# requests:
|
|
# cpu: 500m
|
|
# memory: 250Gi
|
|
# limits:
|
|
# cpu: 100m
|
|
# memory: 100Mi
|
|
|
|
securityContext:
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
allowPrivilegeEscalation: false
|
|
privileged: false
|
|
readOnlyRootFilesystem: true
|
|
runAsNonRoot: true
|
|
runAsUser: 1000
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
|
|
serviceAccount:
|
|
# Specifies whether a ServiceAccount should be created
|
|
create: true
|
|
|
|
# The name of the ServiceAccount to use.
|
|
# If not set and create is true, a name is generated using the fullname template
|
|
name:
|
|
|
|
servicemonitor:
|
|
enabled: false
|
|
relabelings: {}
|
|
metricRelabelings: {}
|
|
additionalLabels: {}
|
|
|
|
ingress:
|
|
enabled: false
|
|
className: ""
|
|
annotations: {}
|
|
# kubernetes.io/ingress.class: nginx
|
|
# kubernetes.io/tls-acme: "true"
|
|
hosts:
|
|
- host: chart-example.local
|
|
paths:
|
|
- path: /
|
|
pathType: ImplementationSpecific
|
|
tls: []
|
|
# - secretName: chart-example-tls
|
|
# hosts:
|
|
# - chart-example.local
|
|
|
|
nodeSelector: {}
|
|
|
|
tolerations: []
|
|
|
|
affinity: {}
|
|
|
|
extraVolumes: []
|