48 lines
1.1 KiB
YAML
48 lines
1.1 KiB
YAML
apiVersion: argoproj.io/v1alpha1
|
|
kind: Application
|
|
metadata:
|
|
name: trivy
|
|
namespace: argocd
|
|
annotations:
|
|
argocd.argoproj.io/sync-wave: "1"
|
|
labels:
|
|
app.kubernetes.io/name: trivy
|
|
app.kubernetes.io/part-of: platform
|
|
app.kubernetes.io/managed-by: argocd
|
|
finalizers:
|
|
- resources-finalizer.argocd.argoproj.io
|
|
spec:
|
|
project: default
|
|
|
|
source:
|
|
chart: trivy-operator
|
|
repoURL: https://aquasecurity.github.io/helm-charts
|
|
targetRevision: v0.31.0
|
|
helm:
|
|
releaseName: trivy-operator
|
|
parameters:
|
|
- name: trivy.ignoreUnfixed
|
|
value: "true"
|
|
- name: targetWorkloads
|
|
value: "pod,cronjob,job"
|
|
- name: metrics.vulnerabilityReport.enabled
|
|
value: "true"
|
|
- name: metrics.imageMetrics
|
|
value: "true"
|
|
- name: metrics.resourceMetrics
|
|
value: "true"
|
|
|
|
destination:
|
|
server: https://kubernetes.default.svc
|
|
namespace: kube-system
|
|
|
|
syncPolicy:
|
|
automated:
|
|
prune: true
|
|
selfHeal: true
|
|
allowEmpty: false
|
|
syncOptions:
|
|
- CreateNamespace=false # kube-system already exists
|
|
- Validate=true
|
|
- ServerSideApply=true
|