Trivy Scanner Schema¶
Note
This is auto-generated documentation from a JSON schema that is under construction, this will improve over time.
Return to the root config schema
https://raw.githubusercontent.com/elastisys/compliantkubernetes-apps/main/config/schemas/config.yaml#/properties/trivy/properties/scanner
Configure the scanner used by Trivy.
Note
Many of these must be configured to support an air-gapped environment. See the admin documentation for reference.
| Abstract | Extensible | Status | Identifiable | Custom Properties | Additional Properties | Access Restrictions | Defined In |
|---|---|---|---|---|---|---|---|
| Can be instantiated | No | Unknown status | No | Forbidden | Forbidden | none | config/schemas/config.yaml* |
TYPE:
object (Trivy Scanner)
PROPERTIES:
| Property | Type | Required | Nullable | Defined by |
|---|---|---|---|---|
| offlineScanEnabled | boolean |
Optional | cannot be null | Compliant Kubernetes Apps Config |
| dbRegistry | string |
Optional | cannot be null | Compliant Kubernetes Apps Config |
| dbRepository | string |
Optional | cannot be null | Compliant Kubernetes Apps Config |
| dbRepositoryInsecure | boolean |
Optional | cannot be null | Compliant Kubernetes Apps Config |
| javaDbRegistry | string |
Optional | cannot be null | Compliant Kubernetes Apps Config |
| javaDbRepository | string |
Optional | cannot be null | Compliant Kubernetes Apps Config |
| imagePullSecret | object |
Optional | cannot be null | Compliant Kubernetes Apps Config |
| registry | object |
Optional | cannot be null | Compliant Kubernetes Apps Config |
| timeout | string |
Optional | cannot be null | Compliant Kubernetes Apps Config |
| resources | object |
Optional | cannot be null | Compliant Kubernetes Apps Config |
offlineScanEnabled¶
offlineScanEnabled
-
is optional
-
Type:
boolean(Trivy Offline Scan Enabled) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
boolean (Trivy Offline Scan Enabled)
dbRegistry¶
dbRegistry
-
is optional
-
Type:
string(Trivy DB Registry) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
string (Trivy DB Registry)
dbRepository¶
dbRepository
-
is optional
-
Type:
string(Trivy DB Repository) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
string (Trivy DB Repository)
dbRepositoryInsecure¶
dbRepositoryInsecure
-
is optional
-
Type:
boolean(Trivy DB Repository Insecure) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
boolean (Trivy DB Repository Insecure)
javaDbRegistry¶
javaDbRegistry
-
is optional
-
Type:
string(Trivy Java DB Registry) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
string (Trivy Java DB Registry)
javaDbRepository¶
javaDbRepository
-
is optional
-
Type:
string(Trivy Java DB Repository) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
string (Trivy Java DB Repository)
imagePullSecret¶
Configure an image pull secret for Trivy to use.
Create the secret in the monitoring namespace then configure the name here.
imagePullSecret
-
is optional
-
Type:
object(Trivy Image Pull Secret) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
object (Trivy Image Pull Secret)
registry¶
Configure registries for Trivy.
registry
-
is optional
-
Type:
object(Trivy Registry) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
object (Trivy Registry)
timeout¶
A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m".
Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h".
timeout
-
is optional
-
Type:
string(Duration String) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
string (Duration String)
CONSTRAINTS:
pattern: the string must match the following regular expression:
^([-+]?[0-9]+(.[0-9]+)?(ns|us|µs|ms|s|m|h))+$
EXAMPLES:
2h45m0s
resources¶
Resource requests are used by the kube-scheduler to pick a node to schedule pods on.
Limits are enforced. Resources are commonly 'cpu' and 'memory'.
resources
-
is optional
-
Type:
object(Kubernetes Resource Requirements) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
object (Kubernetes Resource Requirements)
EXAMPLES:
requests:
memory: 128Mi
cpu: 100m
limits:
memory: 256Mi
cpu: 250m
Return to the root config schema
Generated Sun Jun 23 03:48:25 UTC 2024 from elastisys/compliantkubernetes-apps@main