From 731dc3785aca38282b95d7650d95638d655ca445 Mon Sep 17 00:00:00 2001 From: chenk Date: Thu, 20 Jun 2024 13:17:51 +0300 Subject: [PATCH] chore: make operator policies-config optional Signed-off-by: chenk --- deploy/helm/README.md | 2 +- deploy/helm/values.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy/helm/README.md b/deploy/helm/README.md index 8cc929f54..0c9d94240 100644 --- a/deploy/helm/README.md +++ b/deploy/helm/README.md @@ -133,7 +133,7 @@ Keeps security report resources updated | trivy.dbRepositoryPassword | string | `nil` | The password for dbRepository authentication | | trivy.dbRepositoryUsername | string | `nil` | The username for dbRepository authentication | | trivy.debug | bool | `false` | debug One of `true` or `false`. Enables debug mode. | -| trivy.externalRegoPoliciesEnabled | bool | `false` | The Flag to enable the usage of external rego policies, this should be used when the user wants to use their own rego policies | +| trivy.externalRegoPoliciesEnabled | bool | `false` | The Flag to enable the usage of external rego policies config-map, this should be used when the user wants to use their own rego policies | | trivy.filesystemScanCacheDir | string | `"/var/trivyoperator/trivy-db"` | filesystemScanCacheDir the flag to set custom path for trivy filesystem scan `cache-dir` parameter. Only applicable in filesystem scan mode. | | trivy.githubToken | string | `nil` | githubToken is the GitHub access token used by Trivy to download the vulnerabilities database from GitHub. Only applicable in Standalone mode. | | trivy.httpProxy | string | `nil` | httpProxy is the HTTP proxy used by Trivy to download the vulnerabilities database from GitHub. | diff --git a/deploy/helm/values.yaml b/deploy/helm/values.yaml index 9feaf98c9..8c3a08e68 100644 --- a/deploy/helm/values.yaml +++ b/deploy/helm/values.yaml @@ -538,7 +538,7 @@ trivy: # -- The Flag to enable the usage of builtin rego policies by default, these policies are downloaded by default from ghcr.io/aquasecurity/trivy-checks # useBuiltinRegoPolicies: "true" - # -- The Flag to enable the usage of external rego policies, this should be used when the user wants to use their own rego policies + # -- The Flag to enable the usage of external rego policies config-map, this should be used when the user wants to use their own rego policies # externalRegoPoliciesEnabled: false # -- To enable the usage of embedded rego policies, set the flag useEmbeddedRegoPolicies. This should serve as a fallback for air-gapped environments.