Skip to content

Commit

Permalink
Merge pull request #141 from kubescape/dev
Browse files Browse the repository at this point in the history 
Pulling dev branch into master - Automated PR by CICD
  • Loading branch information
David Wertenteil authored Apr 20, 2023
2 parents 0c52be3 + 1f64daf commit 7caeb0d
Show file tree
Hide file tree
Showing 8 changed files with 50 additions and 15 deletions.
4 changes: 2 additions & 2 deletions charts/kubescape-cloud-operator/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,14 +9,14 @@ type: application
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)

version: 1.10.10
version: 1.10.11

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.

appVersion: 1.10.10
appVersion: 1.10.11

maintainers:
- name: Ben Hirschberg
Expand Down
2 changes: 1 addition & 1 deletion charts/kubescape-cloud-operator/assets/host-scanner-definition.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ spec:
- name: CLUSTER_NAME
value: "{{ regexReplaceAll "\\W+" .Values.clusterName "-" }}"
- name: OTEL_COLLECTOR_SVC
value: "otel-collector:4317"
value: "otel-collector.kubescape.svc:4317"
{{- end }}
ports:
- name: scanner # Do not change port name
Expand Down
2 changes: 2 additions & 0 deletions charts/kubescape-cloud-operator/assets/kubescape-cronjob-full.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,8 @@ apiVersion: batch/v1
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 100
resources:
{{ toYaml .Values.kubescapeScheduler.resources | indent 18 }}
args:
- -method=post
- -scheme=http
Expand Down
6 changes: 4 additions & 2 deletions charts/kubescape-cloud-operator/assets/kubevuln-cronjob-full.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,10 +16,10 @@ apiVersion: batch/v1
labels:
armo.tier: "vuln-scan"
spec:
{{- if .Values.imagePullSecrets }}
{{- if .Values.imagePullSecrets }}
imagePullSecrets:
- name: {{ toYaml .Values.imagePullSecrets }}
{{- end }}
{{- end }}
containers:
- name: {{ .Values.kubevulnScheduler.name }}
image: "{{ .Values.kubevulnScheduler.image.repository }}:{{ .Values.kubevulnScheduler.image.tag }}"
Expand All @@ -29,6 +29,8 @@ apiVersion: batch/v1
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 100
resources:
{{ toYaml .Values.kubevulnScheduler.resources | indent 18 }}
args:
- -method=post
- -scheme=http
Expand Down
2 changes: 2 additions & 0 deletions charts/kubescape-cloud-operator/assets/registry-scan-cronjob-full.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,8 @@ apiVersion: batch/v1
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 100
resources:
{{ toYaml .Values.registryScanScheduler.resources | indent 18 }}
args:
- -method=post
- -scheme=http
Expand Down
2 changes: 2 additions & 0 deletions charts/kubescape-cloud-operator/templates/kubescape-scheduler/cronjob.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,8 @@ spec:
- name: {{ .Values.kubescapeScheduler.name }}
image: "{{ .Values.kubescapeScheduler.image.repository }}:{{ .Values.kubescapeScheduler.image.tag }}"
imagePullPolicy: {{ .Values.kubescapeScheduler.image.pullPolicy }}
resources:
{{ toYaml .Values.kubescapeScheduler.resources | indent 14 }}
args:
- -method=post
- -scheme=http
Expand Down
2 changes: 2 additions & 0 deletions charts/kubescape-cloud-operator/templates/kubevuln-scheduler/cronjob.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,8 @@ spec:
- name: {{ .Values.kubevulnScheduler.name }}
image: "{{ .Values.kubevulnScheduler.image.repository }}:{{ .Values.kubevulnScheduler.image.tag }}"
imagePullPolicy: {{ .Values.kubevulnScheduler.image.pullPolicy }}
resources:
{{ toYaml .Values.kubevulnScheduler.resources | indent 14 }}
args:
- -method=post
- -scheme=http
Expand Down
45 changes: 35 additions & 10 deletions charts/kubescape-cloud-operator/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -121,6 +121,15 @@ kubescapeScheduler:
# Additional volumeMounts to be mounted on the scan scheduler
volumeMounts: []

resources:
requests:
cpu: 1m
memory: 2Mi
limits:
cpu: 10m
memory: 6Mi


# kubescape scanner - https://github.com/kubescape/kubescape
kubescape:

Expand Down Expand Up @@ -247,6 +256,14 @@ kubevulnScheduler:
# Additional volumeMounts to be mounted on the vuln scan scheduler
volumeMounts: []

resources:
requests:
cpu: 1m
memory: 2Mi
limits:
cpu: 10m
memory: 6Mi

# kubevuln - image vulnerability scanning microservice
kubevuln:

Expand Down Expand Up @@ -316,10 +333,10 @@ kollector:

resources:
requests:
cpu: 10m
cpu: 0.1
memory: 40Mi
limits:
cpu: 500m
cpu: 0.5
memory: 500Mi


Expand Down Expand Up @@ -364,16 +381,16 @@ gateway:
# -- source code: https://github.com/kubescape/gateway
repository: quay.io/kubescape/gateway
tag: v0.1.11
pullPolicy: Always
pullPolicy: IfNotPresent

replicaCount: 1
resources:
requests:
cpu: 10m
cpu: 0.0001
memory: 10Mi
limits:
cpu: 100m
memory: 50Mi
cpu: 0.001
memory: 20Mi

env: {}
labels: {}
Expand Down Expand Up @@ -426,6 +443,14 @@ registryScanScheduler:
# Additional volumeMounts to be mounted on the scan scheduler
volumeMounts: []

resources:
requests:
cpu: 1m
memory: 2Mi
limits:
cpu: 10m
memory: 6Mi

# opentelemetry collector
otelCollector:

Expand Down Expand Up @@ -453,8 +478,8 @@ otelCollector:

resources:
requests:
cpu: 200m
memory: 400Mi
cpu: 0.01
memory: 50Mi
limits:
cpu: 1
memory: 2Gi
cpu: 0.01
memory: 100Mi

0 comments on commit 7caeb0d

Please sign in to comment.