diff --git a/README.md b/README.md index b560f46..78a454c 100644 --- a/README.md +++ b/README.md @@ -355,7 +355,6 @@ kubectl patch application myapp -n argocd \ | **Fluent-Bit** | Log shipping | `monitoring` | DaemonSet | | **OpenCost** | Cost monitoring | `monitoring` | 1 | | **Renovate** | Dependency updates | `renovate` | CronJob | -| **Trivy** | Vulnerability scanning | `trivy-system` | 1 | **Full specs**: [Technical Reference - Infrastructure Components](docs/REFERENCE.md#infrastructure-components) diff --git a/cluster-resources/network/deny-external-egress-trivy.yaml b/cluster-resources/network/deny-external-egress-trivy.yaml deleted file mode 100644 index 939aa11..0000000 --- a/cluster-resources/network/deny-external-egress-trivy.yaml +++ /dev/null @@ -1,37 +0,0 @@ -apiVersion: cilium.io/v2 -kind: CiliumNetworkPolicy -metadata: - name: deny-external-egress - namespace: trivy-system - labels: - app.kubernetes.io/managed-by: argocd - app.kubernetes.io/part-of: network-policies -spec: - endpointSelector: {} - egress: - # Allow DNS resolution - - toEndpoints: - - matchLabels: - io.kubernetes.pod.namespace: kube-system - k8s-app: kube-dns - toPorts: - - ports: - - port: "53" - protocol: UDP - - port: "53" - protocol: TCP - - # Allow cluster-internal traffic (RFC1918) - - toCIDR: - - 10.0.0.0/8 - - 172.16.0.0/12 - - 192.168.0.0/16 - - # Allow Trivy vulnerability DB downloads (ghcr.io OCI registry) - - toFQDNs: - - matchName: ghcr.io - - matchName: pkg-containers.githubusercontent.com - toPorts: - - ports: - - port: "443" - protocol: TCP diff --git a/cluster-resources/policies/label-checker.yaml b/cluster-resources/policies/label-checker.yaml index 8a8efd3..129007a 100644 --- a/cluster-resources/policies/label-checker.yaml +++ b/cluster-resources/policies/label-checker.yaml @@ -26,7 +26,6 @@ spec: - monitoring - secrets - kyverno - - trivy-system match: any: - resources: diff --git a/cluster-resources/policies/secret-cloner.yaml b/cluster-resources/policies/secret-cloner.yaml index c76a937..2f1db1b 100644 --- a/cluster-resources/policies/secret-cloner.yaml +++ b/cluster-resources/policies/secret-cloner.yaml @@ -16,7 +16,6 @@ spec: - resources: namespaces: - kube-system - - trivy-system - monitoring - argocd - cert-manager diff --git a/devbox.json b/devbox.json index 9bd3242..ff78cb9 100644 --- a/devbox.json +++ b/devbox.json @@ -14,7 +14,6 @@ "syft@1.29.0", "grype@0.92.2", "traefik@3.6.7", - "trivy@latest", "claude-code@latest", "go@latest", "dotnet-sdk@latest", diff --git a/docs/REFERENCE.md b/docs/REFERENCE.md index 075141b..d8d6d7a 100644 --- a/docs/REFERENCE.md +++ b/docs/REFERENCE.md @@ -88,7 +88,6 @@ launchpad/ │ ├── loki.yaml │ ├── tempo.yaml │ ├── fluent-bit.yaml -│ ├── trivy.yaml │ ├── gitea.yaml │ ├── gitea-actions.yaml │ ├── sealedsecrets.yaml diff --git a/infra/base/kustomization.yaml b/infra/base/kustomization.yaml index a88000f..bc89ec5 100644 --- a/infra/base/kustomization.yaml +++ b/infra/base/kustomization.yaml @@ -10,7 +10,6 @@ resources: - prometheus.yaml - loki.yaml - fluent-bit.yaml -- trivy.yaml - enterprise-apps.yaml - cluster-resources-application.yaml - kyverno-policies.yaml diff --git a/infra/base/trivy.yaml b/infra/base/trivy.yaml deleted file mode 100644 index 9017c5b..0000000 --- a/infra/base/trivy.yaml +++ /dev/null @@ -1,67 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: trivy-system - annotations: - argocd.argoproj.io/sync-wave: "-1" ---- - -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: trivy-operator - namespace: argocd - annotations: - argocd.argoproj.io/sync-wave: "0" - labels: - app.kubernetes.io/name: trivy-operator - app.kubernetes.io/part-of: platform - app.kubernetes.io/managed-by: argocd - finalizers: - - resources-finalizer.argocd.argoproj.io -spec: - project: default - - source: - repoURL: https://aquasecurity.github.io/helm-charts - chart: trivy-operator - targetRevision: 0.31.0 - helm: - releaseName: trivy-operator - valuesObject: - operator: - targetNamespaces: "" - excludeNamespaces: "argocd,trivy-system,kube-system,monitoring,kyverno,cert-manager" - scanJobsInSameNamespace: true - metricsVulnIdEnabled: true - metricsImageInfo: true - trivy: - ignoreUnfixed: false - - destination: - server: https://kubernetes.default.svc - namespace: trivy-system - - syncPolicy: - automated: - prune: true - selfHeal: true - allowEmpty: false - syncOptions: - - CreateNamespace=true - - Validate=true - - ServerSideApply=true - retry: - limit: 5 - backoff: - duration: 5s - factor: 2 - maxDuration: 3m - - ignoreDifferences: - - group: apiextensions.k8s.io - kind: CustomResourceDefinition - jsonPointers: - - /metadata/labels - - /metadata/annotations - - /metadata/finalizers diff --git a/infra/dashboards/kustomization.yaml b/infra/dashboards/kustomization.yaml index 98af3cf..b668299 100644 --- a/infra/dashboards/kustomization.yaml +++ b/infra/dashboards/kustomization.yaml @@ -8,9 +8,6 @@ generatorOptions: grafana_dashboard: "1" configMapGenerator: -- name: grafana-dashboard-trivy - files: - - trivy.json - name: grafana-dashboard-traefik-loki files: - traefik-loki.json diff --git a/infra/dashboards/trivy.json b/infra/dashboards/trivy.json deleted file mode 100644 index ddc241d..0000000 --- a/infra/dashboards/trivy.json +++ /dev/null @@ -1,1841 +0,0 @@ -{ - "annotations": { - "list": [ - { - "builtIn": 1, - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "enable": true, - "hide": true, - "iconColor": "rgba(0, 211, 255, 1)", - "name": "Annotations & Alerts", - "target": { - "limit": 100, - "matchAny": false, - "tags": [], - "type": "dashboard" - }, - "type": "dashboard" - } - ] - }, - "description": "Monitore Trivy Image Vulnerabilities.\r\n\r\nBased on https://grafana.com/grafana/dashboards/17080-trivy-image-vulnerabilities/ and https://grafana.com/grafana/dashboards/16652-trivy-operator-reports/.", - "editable": true, - "fiscalYearStartMonth": 0, - "gnetId": 17214, - "graphTooltip": 1, - "id": 8, - "links": [], - "liveNow": false, - "panels": [ - { - "collapsed": false, - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "gridPos": { - "h": 1, - "w": 24, - "x": 0, - "y": 0 - }, - "id": 43, - "panels": [], - "targets": [ - { - "datasource": { - "type": "datasource", - "uid": "grafana" - }, - "refId": "A" - } - ], - "title": "Image Vulnerabilities", - "type": "row" - }, - { - "datasource": { - "type": "prometheus", - "uid": "PBFA97CFB590B2093" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "purple", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 0, - "y": 1 - }, - "id": 52, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showPercentChange": false, - "text": {}, - "textMode": "auto", - "wideLayout": true - }, - "pluginVersion": "11.0.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "PBFA97CFB590B2093" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_vulnerability_id{severity=\"Unknown\", namespace=~\"$namespace\"})", - "instant": true, - "interval": "", - "legendFormat": "", - "refId": "A" - } - ], - "title": "UNKNOWN", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "PBFA97CFB590B2093" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "blue", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 4, - "y": 1 - }, - "id": 60, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showPercentChange": false, - "textMode": "auto", - "wideLayout": true - }, - "pluginVersion": "11.0.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "PBFA97CFB590B2093" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_vulnerability_id{severity=\"Low\", namespace=~\"$namespace\"})", - "format": "time_series", - "hide": false, - "instant": true, - "interval": "", - "legendFormat": "", - "refId": "A" - } - ], - "title": "LOW", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "PBFA97CFB590B2093" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "yellow", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 8, - "y": 1 - }, - "id": 49, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showPercentChange": false, - "textMode": "auto", - "wideLayout": true - }, - "pluginVersion": "11.0.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "PBFA97CFB590B2093" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_vulnerability_id{severity=\"Medium\", namespace=~\"$namespace\"})", - "instant": true, - "interval": "", - "legendFormat": "", - "refId": "A" - } - ], - "title": "MEDIUM", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "PBFA97CFB590B2093" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "orange", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 12, - "y": 1 - }, - "id": 50, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showPercentChange": false, - "textMode": "auto", - "wideLayout": true - }, - "pluginVersion": "11.0.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "PBFA97CFB590B2093" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_vulnerability_id{severity=\"High\", namespace=~\"$namespace\"})", - "instant": true, - "interval": "", - "legendFormat": "", - "refId": "A" - } - ], - "title": "HIGH", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "PBFA97CFB590B2093" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "red", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 16, - "y": 1 - }, - "id": 51, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showPercentChange": false, - "textMode": "auto", - "wideLayout": true - }, - "pluginVersion": "11.0.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "PBFA97CFB590B2093" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_vulnerability_id{severity=\"Critical\", namespace=~\"$namespace\"})", - "instant": true, - "interval": "", - "legendFormat": "", - "refId": "A" - } - ], - "title": "CRITICAL", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "PBFA97CFB590B2093" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "thresholds" - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "text", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 3, - "w": 4, - "x": 20, - "y": 1 - }, - "id": 39, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { - "calcs": [ - "lastNotNull" - ], - "fields": "", - "values": false - }, - "showPercentChange": false, - "textMode": "auto", - "wideLayout": true - }, - "pluginVersion": "11.0.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "PBFA97CFB590B2093" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_vulnerability_id{namespace=~\"$namespace\"})", - "instant": true, - "interval": "", - "legendFormat": "", - "refId": "A" - } - ], - "title": "TOTAL", - "type": "stat" - }, - { - "datasource": { - "type": "prometheus", - "uid": "PBFA97CFB590B2093" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 15, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineStyle": { - "fill": "solid" - }, - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": true, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "blue", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [ - { - "__systemRef": "hideSeriesFrom", - "matcher": { - "id": "byNames", - "options": { - "mode": "exclude", - "names": [ - "kube-system" - ], - "prefix": "All except:", - "readOnly": true - } - }, - "properties": [ - { - "id": "custom.hideFrom", - "value": { - "legend": false, - "tooltip": false, - "viz": true - } - } - ] - } - ] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 0, - "y": 4 - }, - "id": 58, - "options": { - "legend": { - "calcs": [], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "maxHeight": 600, - "mode": "single", - "sort": "none" - } - }, - "pluginVersion": "8.5.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "PBFA97CFB590B2093" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_vulnerability_id{namespace=~\"$namespace\"}) by (namespace)", - "instant": false, - "interval": "", - "legendFormat": "{{namespace}}", - "range": true, - "refId": "A" - } - ], - "title": "Image Vulnerabilities by namespace", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "PBFA97CFB590B2093" - }, - "fieldConfig": { - "defaults": { - "color": { - "mode": "palette-classic" - }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 15, - "gradientMode": "opacity", - "hideFrom": { - "legend": false, - "tooltip": false, - "viz": false - }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { - "type": "linear" - }, - "showPoints": "never", - "spanNulls": true, - "stacking": { - "group": "A", - "mode": "none" - }, - "thresholdsStyle": { - "mode": "off" - } - }, - "mappings": [], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - }, - { - "color": "blue", - "value": 1 - } - ] - }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { - "h": 8, - "w": 12, - "x": 12, - "y": 4 - }, - "id": 61, - "options": { - "legend": { - "calcs": [], - "displayMode": "table", - "placement": "right", - "showLegend": true - }, - "tooltip": { - "maxHeight": 600, - "mode": "multi", - "sort": "desc" - } - }, - "pluginVersion": "8.5.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "PBFA97CFB590B2093" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_vulnerability_id{namespace=~\"$namespace\"}) by (severity)", - "instant": false, - "interval": "", - "legendFormat": "{{severity}}", - "range": true, - "refId": "A" - } - ], - "title": "Image Vulnerabilities by severity", - "type": "timeseries" - }, - { - "datasource": { - "type": "prometheus", - "uid": "PBFA97CFB590B2093" - }, - "description": "", - "fieldConfig": { - "defaults": { - "color": { - "fixedColor": "transparent", - "mode": "fixed" - }, - "custom": { - "align": "left", - "cellOptions": { - "mode": "basic", - "type": "color-background" - }, - "filterable": true, - "inspect": false - }, - "links": [ - { - "targetBlank": true, - "title": "Go to CVE", - "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=${__data.fields.vuln_id}" - } - ], - "mappings": [ - { - "options": { - "CRITICAL": { - "color": "dark-red", - "index": 0 - }, - "HIGH": { - "color": "yellow", - "index": 1 - }, - "LOW": { - "color": "dark-blue", - "index": 3 - }, - "MEDIUM": { - "color": "dark-orange", - "index": 2 - }, - "UNKNOWN": { - "color": "super-light-blue", - "index": 4 - } - }, - "type": "value" - } - ], - "thresholds": { - "mode": "absolute", - "steps": [ - { - "color": "green", - "value": null - } - ] - }, - "unit": "short" - }, - "overrides": [ - { - "matcher": { - "id": "byName", - "options": "namespace" - }, - "properties": [ - { - "id": "custom.width" - } - ] - }, - { - "matcher": { - "id": "byName", - "options": "pod" - }, - "properties": [ - { - "id": "custom.width" - } - ] - } - ] - }, - "gridPos": { - "h": 10, - "w": 24, - "x": 0, - "y": 12 - }, - "id": 67, - "options": { - "cellHeight": "sm", - "footer": { - "countRows": false, - "fields": "", - "reducer": [ - "sum" - ], - "show": false - }, - "frameIndex": 2, - "showHeader": true, - "sortBy": [ - { - "desc": false, - "displayName": "severity" - } - ] - }, - "pluginVersion": "11.0.0", - "targets": [ - { - "datasource": { - "type": "prometheus", - "uid": "PBFA97CFB590B2093" - }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_vulnerability_id{namespace=~\"$namespace\"}) without (namespace, last_modified_date, instance, job, endpoint, service, container, image_digest, resource, resource_name)", - "format": "table", - "instant": true, - "interval": "", - "legendFormat": "", - "refId": "A" - } - ], - "title": "Image by CVE", - "transformations": [ - { - "id": "organize", - "options": { - "excludeByName": { - "Time": true, - "Value": true, - "instance": true, - "job": true - }, - "indexByName": { - "Time": 10, - "Value": 9, - "image_digest": 7, - "image_registry": 4, - "image_repository": 5, - "image_tag": 6, - "name": 8, - "namespace": 2, - "pod": 3, - "severity": 0, - "vuln_id": 1 - }, - "renameByName": { - "image_digest": "", - "name": "source workload" - } - } - } - ], - "type": "table" - }, - { - "collapsed": false, - "gridPos": { "h": 1, "w": 24, "x": 0, "y": 22 }, - "id": 70, - "panels": [], - "title": "Config Audits", - "type": "row" - }, - { - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "fieldConfig": { - "defaults": { - "color": { "mode": "thresholds" }, - "mappings": [], - "thresholds": { "mode": "absolute", "steps": [{ "color": "green", "value": null }, { "color": "red", "value": 1 }] }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { "h": 3, "w": 6, "x": 0, "y": 23 }, - "id": 71, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { "calcs": ["lastNotNull"], "fields": "", "values": false }, - "showPercentChange": false, - "textMode": "auto", - "wideLayout": true - }, - "pluginVersion": "11.0.0", - "targets": [{ - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_resource_configaudits{severity=\"Critical\", namespace=~\"$namespace\"}) or vector(0)", - "instant": true, - "legendFormat": "", - "refId": "A" - }], - "title": "CRITICAL", - "type": "stat" - }, - { - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "fieldConfig": { - "defaults": { - "color": { "mode": "thresholds" }, - "mappings": [], - "thresholds": { "mode": "absolute", "steps": [{ "color": "green", "value": null }, { "color": "orange", "value": 1 }] }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { "h": 3, "w": 6, "x": 6, "y": 23 }, - "id": 72, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { "calcs": ["lastNotNull"], "fields": "", "values": false }, - "showPercentChange": false, - "textMode": "auto", - "wideLayout": true - }, - "pluginVersion": "11.0.0", - "targets": [{ - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_resource_configaudits{severity=\"High\", namespace=~\"$namespace\"}) or vector(0)", - "instant": true, - "legendFormat": "", - "refId": "A" - }], - "title": "HIGH", - "type": "stat" - }, - { - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "fieldConfig": { - "defaults": { - "color": { "mode": "thresholds" }, - "mappings": [], - "thresholds": { "mode": "absolute", "steps": [{ "color": "green", "value": null }, { "color": "yellow", "value": 1 }] }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { "h": 3, "w": 6, "x": 12, "y": 23 }, - "id": 73, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { "calcs": ["lastNotNull"], "fields": "", "values": false }, - "showPercentChange": false, - "textMode": "auto", - "wideLayout": true - }, - "pluginVersion": "11.0.0", - "targets": [{ - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_resource_configaudits{severity=\"Medium\", namespace=~\"$namespace\"}) or vector(0)", - "instant": true, - "legendFormat": "", - "refId": "A" - }], - "title": "MEDIUM", - "type": "stat" - }, - { - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "fieldConfig": { - "defaults": { - "color": { "mode": "thresholds" }, - "mappings": [], - "thresholds": { "mode": "absolute", "steps": [{ "color": "green", "value": null }, { "color": "blue", "value": 1 }] }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { "h": 3, "w": 6, "x": 18, "y": 23 }, - "id": 74, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { "calcs": ["lastNotNull"], "fields": "", "values": false }, - "showPercentChange": false, - "textMode": "auto", - "wideLayout": true - }, - "pluginVersion": "11.0.0", - "targets": [{ - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_resource_configaudits{severity=\"Low\", namespace=~\"$namespace\"}) or vector(0)", - "instant": true, - "legendFormat": "", - "refId": "A" - }], - "title": "LOW", - "type": "stat" - }, - { - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "fieldConfig": { - "defaults": { - "color": { "mode": "palette-classic" }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 15, - "gradientMode": "opacity", - "hideFrom": { "legend": false, "tooltip": false, "viz": false }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { "type": "linear" }, - "showPoints": "never", - "spanNulls": true, - "stacking": { "group": "A", "mode": "none" }, - "thresholdsStyle": { "mode": "off" } - }, - "mappings": [], - "thresholds": { "mode": "absolute", "steps": [{ "color": "green", "value": null }] }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { "h": 8, "w": 12, "x": 0, "y": 26 }, - "id": 75, - "options": { - "legend": { "calcs": [], "displayMode": "table", "placement": "right", "showLegend": true }, - "tooltip": { "maxHeight": 600, "mode": "multi", "sort": "desc" } - }, - "pluginVersion": "11.0.0", - "targets": [{ - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "editorMode": "code", - "expr": "sum(trivy_resource_configaudits{namespace=~\"$namespace\"}) by (namespace)", - "legendFormat": "{{namespace}}", - "range": true, - "refId": "A" - }], - "title": "Config Audits by Namespace", - "type": "timeseries" - }, - { - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "fieldConfig": { - "defaults": { - "color": { "mode": "palette-classic" }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 15, - "gradientMode": "opacity", - "hideFrom": { "legend": false, "tooltip": false, "viz": false }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { "type": "linear" }, - "showPoints": "never", - "spanNulls": true, - "stacking": { "group": "A", "mode": "none" }, - "thresholdsStyle": { "mode": "off" } - }, - "mappings": [], - "thresholds": { "mode": "absolute", "steps": [{ "color": "green", "value": null }] }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { "h": 8, "w": 12, "x": 12, "y": 26 }, - "id": 76, - "options": { - "legend": { "calcs": [], "displayMode": "table", "placement": "right", "showLegend": true }, - "tooltip": { "maxHeight": 600, "mode": "multi", "sort": "desc" } - }, - "pluginVersion": "11.0.0", - "targets": [{ - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "editorMode": "code", - "expr": "sum(trivy_resource_configaudits{namespace=~\"$namespace\"}) by (severity)", - "legendFormat": "{{severity}}", - "range": true, - "refId": "A" - }], - "title": "Config Audits by Severity", - "type": "timeseries" - }, - { - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "fieldConfig": { - "defaults": { - "color": { "fixedColor": "transparent", "mode": "fixed" }, - "custom": { "align": "left", "cellOptions": { "mode": "basic", "type": "color-background" }, "filterable": true, "inspect": false }, - "links": [], - "mappings": [{ - "options": { - "Critical": { "color": "dark-red", "index": 0 }, - "High": { "color": "yellow", "index": 1 }, - "Medium": { "color": "dark-orange", "index": 2 }, - "Low": { "color": "dark-blue", "index": 3 } - }, - "type": "value" - }], - "thresholds": { "mode": "absolute", "steps": [{ "color": "green", "value": null }] }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { "h": 10, "w": 24, "x": 0, "y": 34 }, - "id": 77, - "options": { - "cellHeight": "sm", - "footer": { "countRows": false, "fields": "", "reducer": ["sum"], "show": false }, - "showHeader": true, - "sortBy": [{ "desc": false, "displayName": "severity" }] - }, - "pluginVersion": "11.0.0", - "targets": [{ - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_resource_configaudits{namespace=~\"$namespace\"}) by (namespace, severity, config_audit_id, config_audit_title)", - "format": "table", - "instant": true, - "legendFormat": "", - "refId": "A" - }], - "title": "Config Audit Findings", - "transformations": [{ - "id": "organize", - "options": { - "excludeByName": { "Time": true, "Value": true }, - "indexByName": { "severity": 0, "config_audit_id": 1, "config_audit_title": 2, "namespace": 3 }, - "renameByName": { "config_audit_id": "Audit ID", "config_audit_title": "Description" } - } - }], - "type": "table" - }, - { - "collapsed": false, - "gridPos": { "h": 1, "w": 24, "x": 0, "y": 44 }, - "id": 80, - "panels": [], - "title": "Exposed Secrets", - "type": "row" - }, - { - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "fieldConfig": { - "defaults": { - "color": { "mode": "thresholds" }, - "mappings": [], - "thresholds": { "mode": "absolute", "steps": [{ "color": "green", "value": null }, { "color": "red", "value": 1 }] }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { "h": 3, "w": 6, "x": 0, "y": 45 }, - "id": 81, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { "calcs": ["lastNotNull"], "fields": "", "values": false }, - "showPercentChange": false, - "textMode": "auto", - "wideLayout": true - }, - "pluginVersion": "11.0.0", - "targets": [{ - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_image_exposedsecrets{severity=\"Critical\", namespace=~\"$namespace\"}) or vector(0)", - "instant": true, - "legendFormat": "", - "refId": "A" - }], - "title": "CRITICAL", - "type": "stat" - }, - { - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "fieldConfig": { - "defaults": { - "color": { "mode": "thresholds" }, - "mappings": [], - "thresholds": { "mode": "absolute", "steps": [{ "color": "green", "value": null }, { "color": "orange", "value": 1 }] }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { "h": 3, "w": 6, "x": 6, "y": 45 }, - "id": 82, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { "calcs": ["lastNotNull"], "fields": "", "values": false }, - "showPercentChange": false, - "textMode": "auto", - "wideLayout": true - }, - "pluginVersion": "11.0.0", - "targets": [{ - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_image_exposedsecrets{severity=\"High\", namespace=~\"$namespace\"}) or vector(0)", - "instant": true, - "legendFormat": "", - "refId": "A" - }], - "title": "HIGH", - "type": "stat" - }, - { - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "fieldConfig": { - "defaults": { - "color": { "mode": "thresholds" }, - "mappings": [], - "thresholds": { "mode": "absolute", "steps": [{ "color": "green", "value": null }, { "color": "yellow", "value": 1 }] }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { "h": 3, "w": 6, "x": 12, "y": 45 }, - "id": 83, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { "calcs": ["lastNotNull"], "fields": "", "values": false }, - "showPercentChange": false, - "textMode": "auto", - "wideLayout": true - }, - "pluginVersion": "11.0.0", - "targets": [{ - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_image_exposedsecrets{severity=\"Medium\", namespace=~\"$namespace\"}) or vector(0)", - "instant": true, - "legendFormat": "", - "refId": "A" - }], - "title": "MEDIUM", - "type": "stat" - }, - { - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "fieldConfig": { - "defaults": { - "color": { "mode": "thresholds" }, - "mappings": [], - "thresholds": { "mode": "absolute", "steps": [{ "color": "green", "value": null }, { "color": "blue", "value": 1 }] }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { "h": 3, "w": 6, "x": 18, "y": 45 }, - "id": 84, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { "calcs": ["lastNotNull"], "fields": "", "values": false }, - "showPercentChange": false, - "textMode": "auto", - "wideLayout": true - }, - "pluginVersion": "11.0.0", - "targets": [{ - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_image_exposedsecrets{severity=\"Low\", namespace=~\"$namespace\"}) or vector(0)", - "instant": true, - "legendFormat": "", - "refId": "A" - }], - "title": "LOW", - "type": "stat" - }, - { - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "fieldConfig": { - "defaults": { - "color": { "mode": "palette-classic" }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 15, - "gradientMode": "opacity", - "hideFrom": { "legend": false, "tooltip": false, "viz": false }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { "type": "linear" }, - "showPoints": "never", - "spanNulls": true, - "stacking": { "group": "A", "mode": "none" }, - "thresholdsStyle": { "mode": "off" } - }, - "mappings": [], - "thresholds": { "mode": "absolute", "steps": [{ "color": "green", "value": null }] }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { "h": 8, "w": 12, "x": 0, "y": 48 }, - "id": 85, - "options": { - "legend": { "calcs": [], "displayMode": "table", "placement": "right", "showLegend": true }, - "tooltip": { "maxHeight": 600, "mode": "multi", "sort": "desc" } - }, - "pluginVersion": "11.0.0", - "targets": [{ - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "editorMode": "code", - "expr": "sum(trivy_image_exposedsecrets{namespace=~\"$namespace\"}) by (namespace)", - "legendFormat": "{{namespace}}", - "range": true, - "refId": "A" - }], - "title": "Exposed Secrets by Namespace", - "type": "timeseries" - }, - { - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "fieldConfig": { - "defaults": { - "color": { "mode": "palette-classic" }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 15, - "gradientMode": "opacity", - "hideFrom": { "legend": false, "tooltip": false, "viz": false }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { "type": "linear" }, - "showPoints": "never", - "spanNulls": true, - "stacking": { "group": "A", "mode": "none" }, - "thresholdsStyle": { "mode": "off" } - }, - "mappings": [], - "thresholds": { "mode": "absolute", "steps": [{ "color": "green", "value": null }] }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { "h": 8, "w": 12, "x": 12, "y": 48 }, - "id": 86, - "options": { - "legend": { "calcs": [], "displayMode": "table", "placement": "right", "showLegend": true }, - "tooltip": { "maxHeight": 600, "mode": "multi", "sort": "desc" } - }, - "pluginVersion": "11.0.0", - "targets": [{ - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "editorMode": "code", - "expr": "sum(trivy_image_exposedsecrets{namespace=~\"$namespace\"}) by (severity)", - "legendFormat": "{{severity}}", - "range": true, - "refId": "A" - }], - "title": "Exposed Secrets by Severity", - "type": "timeseries" - }, - { - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "fieldConfig": { - "defaults": { - "color": { "fixedColor": "transparent", "mode": "fixed" }, - "custom": { "align": "left", "cellOptions": { "mode": "basic", "type": "color-background" }, "filterable": true, "inspect": false }, - "links": [], - "mappings": [{ - "options": { - "Critical": { "color": "dark-red", "index": 0 }, - "High": { "color": "yellow", "index": 1 }, - "Medium": { "color": "dark-orange", "index": 2 }, - "Low": { "color": "dark-blue", "index": 3 } - }, - "type": "value" - }], - "thresholds": { "mode": "absolute", "steps": [{ "color": "green", "value": null }] }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { "h": 10, "w": 24, "x": 0, "y": 56 }, - "id": 87, - "options": { - "cellHeight": "sm", - "footer": { "countRows": false, "fields": "", "reducer": ["sum"], "show": false }, - "showHeader": true, - "sortBy": [{ "desc": false, "displayName": "severity" }] - }, - "pluginVersion": "11.0.0", - "targets": [{ - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_image_exposedsecrets{namespace=~\"$namespace\"}) by (namespace, severity, secret_category, secret_title, image_registry, image_repository, image_tag)", - "format": "table", - "instant": true, - "legendFormat": "", - "refId": "A" - }], - "title": "Exposed Secrets Detail", - "transformations": [{ - "id": "organize", - "options": { - "excludeByName": { "Time": true, "Value": true }, - "indexByName": { "severity": 0, "secret_category": 1, "secret_title": 2, "namespace": 3, "image_registry": 4, "image_repository": 5, "image_tag": 6 }, - "renameByName": { "secret_category": "Category", "secret_title": "Secret", "image_registry": "Registry", "image_repository": "Repository", "image_tag": "Tag" } - } - }], - "type": "table" - }, - { - "collapsed": false, - "gridPos": { "h": 1, "w": 24, "x": 0, "y": 66 }, - "id": 90, - "panels": [], - "title": "RBAC Assessments", - "type": "row" - }, - { - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "fieldConfig": { - "defaults": { - "color": { "mode": "thresholds" }, - "mappings": [], - "thresholds": { "mode": "absolute", "steps": [{ "color": "green", "value": null }, { "color": "red", "value": 1 }] }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { "h": 3, "w": 6, "x": 0, "y": 67 }, - "id": 91, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { "calcs": ["lastNotNull"], "fields": "", "values": false }, - "showPercentChange": false, - "textMode": "auto", - "wideLayout": true - }, - "pluginVersion": "11.0.0", - "targets": [{ - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_resource_rbacassessments{severity=\"Critical\", namespace=~\"$namespace\"}) or vector(0)", - "instant": true, - "legendFormat": "", - "refId": "A" - }], - "title": "CRITICAL", - "type": "stat" - }, - { - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "fieldConfig": { - "defaults": { - "color": { "mode": "thresholds" }, - "mappings": [], - "thresholds": { "mode": "absolute", "steps": [{ "color": "green", "value": null }, { "color": "orange", "value": 1 }] }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { "h": 3, "w": 6, "x": 6, "y": 67 }, - "id": 92, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { "calcs": ["lastNotNull"], "fields": "", "values": false }, - "showPercentChange": false, - "textMode": "auto", - "wideLayout": true - }, - "pluginVersion": "11.0.0", - "targets": [{ - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_resource_rbacassessments{severity=\"High\", namespace=~\"$namespace\"}) or vector(0)", - "instant": true, - "legendFormat": "", - "refId": "A" - }], - "title": "HIGH", - "type": "stat" - }, - { - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "fieldConfig": { - "defaults": { - "color": { "mode": "thresholds" }, - "mappings": [], - "thresholds": { "mode": "absolute", "steps": [{ "color": "green", "value": null }, { "color": "yellow", "value": 1 }] }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { "h": 3, "w": 6, "x": 12, "y": 67 }, - "id": 93, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { "calcs": ["lastNotNull"], "fields": "", "values": false }, - "showPercentChange": false, - "textMode": "auto", - "wideLayout": true - }, - "pluginVersion": "11.0.0", - "targets": [{ - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_resource_rbacassessments{severity=\"Medium\", namespace=~\"$namespace\"}) or vector(0)", - "instant": true, - "legendFormat": "", - "refId": "A" - }], - "title": "MEDIUM", - "type": "stat" - }, - { - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "fieldConfig": { - "defaults": { - "color": { "mode": "thresholds" }, - "mappings": [], - "thresholds": { "mode": "absolute", "steps": [{ "color": "green", "value": null }, { "color": "blue", "value": 1 }] }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { "h": 3, "w": 6, "x": 18, "y": 67 }, - "id": 94, - "options": { - "colorMode": "value", - "graphMode": "area", - "justifyMode": "auto", - "orientation": "auto", - "reduceOptions": { "calcs": ["lastNotNull"], "fields": "", "values": false }, - "showPercentChange": false, - "textMode": "auto", - "wideLayout": true - }, - "pluginVersion": "11.0.0", - "targets": [{ - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_resource_rbacassessments{severity=\"Low\", namespace=~\"$namespace\"}) or vector(0)", - "instant": true, - "legendFormat": "", - "refId": "A" - }], - "title": "LOW", - "type": "stat" - }, - { - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "fieldConfig": { - "defaults": { - "color": { "mode": "palette-classic" }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 15, - "gradientMode": "opacity", - "hideFrom": { "legend": false, "tooltip": false, "viz": false }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { "type": "linear" }, - "showPoints": "never", - "spanNulls": true, - "stacking": { "group": "A", "mode": "none" }, - "thresholdsStyle": { "mode": "off" } - }, - "mappings": [], - "thresholds": { "mode": "absolute", "steps": [{ "color": "green", "value": null }] }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { "h": 8, "w": 12, "x": 0, "y": 70 }, - "id": 95, - "options": { - "legend": { "calcs": [], "displayMode": "table", "placement": "right", "showLegend": true }, - "tooltip": { "maxHeight": 600, "mode": "multi", "sort": "desc" } - }, - "pluginVersion": "11.0.0", - "targets": [{ - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "editorMode": "code", - "expr": "sum(trivy_resource_rbacassessments{namespace=~\"$namespace\"}) by (namespace)", - "legendFormat": "{{namespace}}", - "range": true, - "refId": "A" - }], - "title": "RBAC Assessments by Namespace", - "type": "timeseries" - }, - { - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "fieldConfig": { - "defaults": { - "color": { "mode": "palette-classic" }, - "custom": { - "axisBorderShow": false, - "axisCenteredZero": false, - "axisColorMode": "text", - "axisLabel": "", - "axisPlacement": "auto", - "barAlignment": 0, - "drawStyle": "line", - "fillOpacity": 15, - "gradientMode": "opacity", - "hideFrom": { "legend": false, "tooltip": false, "viz": false }, - "insertNulls": false, - "lineInterpolation": "linear", - "lineWidth": 2, - "pointSize": 5, - "scaleDistribution": { "type": "linear" }, - "showPoints": "never", - "spanNulls": true, - "stacking": { "group": "A", "mode": "none" }, - "thresholdsStyle": { "mode": "off" } - }, - "mappings": [], - "thresholds": { "mode": "absolute", "steps": [{ "color": "green", "value": null }] }, - "unit": "none" - }, - "overrides": [] - }, - "gridPos": { "h": 8, "w": 12, "x": 12, "y": 70 }, - "id": 96, - "options": { - "legend": { "calcs": [], "displayMode": "table", "placement": "right", "showLegend": true }, - "tooltip": { "maxHeight": 600, "mode": "multi", "sort": "desc" } - }, - "pluginVersion": "11.0.0", - "targets": [{ - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "editorMode": "code", - "expr": "sum(trivy_resource_rbacassessments{namespace=~\"$namespace\"}) by (severity)", - "legendFormat": "{{severity}}", - "range": true, - "refId": "A" - }], - "title": "RBAC Assessments by Severity", - "type": "timeseries" - }, - { - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "fieldConfig": { - "defaults": { - "color": { "fixedColor": "transparent", "mode": "fixed" }, - "custom": { "align": "left", "cellOptions": { "mode": "basic", "type": "color-background" }, "filterable": true, "inspect": false }, - "links": [], - "mappings": [{ - "options": { - "Critical": { "color": "dark-red", "index": 0 }, - "High": { "color": "yellow", "index": 1 }, - "Medium": { "color": "dark-orange", "index": 2 }, - "Low": { "color": "dark-blue", "index": 3 } - }, - "type": "value" - }], - "thresholds": { "mode": "absolute", "steps": [{ "color": "green", "value": null }] }, - "unit": "short" - }, - "overrides": [] - }, - "gridPos": { "h": 10, "w": 24, "x": 0, "y": 78 }, - "id": 97, - "options": { - "cellHeight": "sm", - "footer": { "countRows": false, "fields": "", "reducer": ["sum"], "show": false }, - "showHeader": true, - "sortBy": [{ "desc": false, "displayName": "severity" }] - }, - "pluginVersion": "11.0.0", - "targets": [{ - "datasource": { "type": "prometheus", "uid": "PBFA97CFB590B2093" }, - "editorMode": "code", - "exemplar": false, - "expr": "sum(trivy_resource_rbacassessments{namespace=~\"$namespace\"}) by (namespace, severity, rbac_assessment_id, rbac_assessment_title)", - "format": "table", - "instant": true, - "legendFormat": "", - "refId": "A" - }], - "title": "RBAC Assessment Findings", - "transformations": [{ - "id": "organize", - "options": { - "excludeByName": { "Time": true, "Value": true }, - "indexByName": { "severity": 0, "rbac_assessment_id": 1, "rbac_assessment_title": 2, "namespace": 3 }, - "renameByName": { "rbac_assessment_id": "Assessment ID", "rbac_assessment_title": "Description" } - } - }], - "type": "table" - } - ], - "refresh": "30s", - "schemaVersion": 39, - "tags": [ - "Prometheus", - "Addons", - "Trivy", - "Security" - ], - "templating": { - "list": [ - { - "current": { - "selected": true, - "text": [ - "kube-system" - ], - "value": [ - "kube-system" - ] - }, - "datasource": { - "type": "prometheus", - "uid": "PBFA97CFB590B2093" - }, - "definition": "label_values({job=\"trivy-operator\", __name__=~\"trivy_vulnerability_id|trivy_resource_configaudits|trivy_image_exposedsecrets|trivy_resource_rbacassessments\"}, namespace)", - "hide": 0, - "includeAll": false, - "label": "namespace", - "multi": true, - "name": "namespace", - "options": [], - "query": { - "query": "label_values({job=\"trivy-operator\", __name__=~\"trivy_vulnerability_id|trivy_resource_configaudits|trivy_image_exposedsecrets|trivy_resource_rbacassessments\"}, namespace)", - "refId": "StandardVariableQuery" - }, - "refresh": 2, - "regex": "", - "skipUrlSync": false, - "sort": 1, - "type": "query" - } - ] - }, - "time": { - "from": "now-3h", - "to": "now" - }, - "timeRangeUpdatedDuringEditOrView": false, - "timepicker": {}, - "timezone": "", - "title": "Trivy Operator / Security Overview", - "uid": "trivy_starboard_operator", - "version": 7, - "weekStart": "" -} diff --git a/infra/values/base/prometheus-values.yaml b/infra/values/base/prometheus-values.yaml index 5fa1e1e..915adc4 100644 --- a/infra/values/base/prometheus-values.yaml +++ b/infra/values/base/prometheus-values.yaml @@ -36,28 +36,6 @@ extraScrapeConfigs: | - source_labels: [__meta_kubernetes_namespace] target_label: namespace - - job_name: trivy-operator - scrape_interval: 30s - metrics_path: /metrics - kubernetes_sd_configs: - - role: pod - namespaces: - names: - - trivy-system - relabel_configs: - - source_labels: [__meta_kubernetes_pod_label_app_kubernetes_io_name] - regex: trivy-operator - action: keep - - source_labels: [__meta_kubernetes_pod_container_port_number] - regex: "8080" - action: keep - - source_labels: [__meta_kubernetes_pod_name] - target_label: pod - - source_labels: [__meta_kubernetes_namespace] - target_label: namespace - - source_labels: [__meta_kubernetes_pod_label_app_kubernetes_io_instance] - target_label: instance - - job_name: traefik scrape_interval: 15s metrics_path: /metrics