public_git
/
ckotzbauer_helm-charts
mirror of https://github.com/ckotzbauer/helm-charts.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
ckotzbauer_helm-charts/charts/vulnerability-operator/README.md

79 lines
5.8 KiB
Markdown
Raw Blame History

# vulnerability-operator
> Scans SBOMs for vulnerabilities.
Learn more: [https://github.com/ckotzbauer/vulnerability-operator](https://github.com/ckotzbauer/vulnerability-operator)
## Installing the Chart
To install the chart with the release name `my-release`:
```bash
$ helm install my-release ckotzbauer/vulnerability-operator
```
The command deploys the vulnerability-operator to the Kubernetes cluster using the default configuration. The [configuration](#configuration) section lists the parameters that can be configured during installation.
## Uninstalling the Chart
To uninstall/delete the `my-release` deployment:
```bash
$ helm delete my-release
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
## Configuration
The following table lists the configurable parameters of the vulnerability-operator chart and their default values.
| Parameter | Description | Default |
| -------------------------------------- | ------------------------------------------------- | --------------------------------------------- |
| `image.repository` | container image repository | `ghcr.io/ckotzbauer/vulnerability-operator` |
| `image.tag` | container image tag | `0.26.1` |
| `image.pullPolicy` | container image pull policy | `IfNotPresent` |
| `args` | argument object for cli-args | `{}` |
| `envVars` | environment variables | `{}` |
| `useReportsEmptyDir` | use empty-dir for `/reports` dir, needs to be `false` when volume is used | `true` |
| `ignoreRules` | Grype ignore-rules | `""` |
| `filterConfig` | Specify ignore- and audit-rules | `""` |
| `nodeSelector` | node labels for pod assignment | `{}` |
| `tolerations` | node tolerations for pod assignment | `[]` |
| `affinity` | node affinity for pod assignment | `{}` |
| `podAnnotations` | annotations to add to each pod | `{}` |
| `priorityClassName` | priority class name for the pod | `""` |
| `resources` | pod resource requests & limits | See [values.yaml](values.yaml) |
| `extraVolumes` | Extra volumes (needed for GithubApp PK). | `[]` |
| `extraVolumeMounts` | Extra volume mounts | `[]` |
| `podSecurityContext` | pod securityContext | See [values.yaml](values.yaml) |
| `securityContext` | container securityContext | See [values.yaml](values.yaml) |
| `serviceAccount.create` | Should we create a ServiceAccount | `true` |
| `serviceAccount.name` | Name of the ServiceAccount to use | null |
| `servicemonitor.enabled` | Should we create a ServiceMonitor | `false` |
| `servicemonitor.relabelings` | Configure relabelings for Prometheus | `{}` |
| `servicemonitor.metricRelabelings` | Configure metricRelabelings for Prometheus | `{}` |
| `servicemonitor.additionalLabels` | Additional labels for the ServiceMonitor object. | `{}` |
| `ingress.enabled` | whether to create an Ingress | `false` |
| `ingress.className` | name of the IngressClass | `""` |
| `ingress.annotations` | Annotations for the Ingress | `{}` |
| `ingress.hosts` | List of host-objects for the Ingress | `[]` |
| `ingress.tls` | List of TLS-configs for the Ingress | `[]` |
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
```bash
$ helm install my-release \
--set key_1=value_1,key_2=value_2 \
ckotzbauer/vulnerability-operator
```
Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example,
```bash
# example for staging
$ helm install my-release -f values.yaml ckotzbauer/vulnerability-operator
```
> **Tip**: You can use the default [values.yaml](values.yaml)
Reference in New Issue View Git Blame Copy Permalink