Trivy Scanner Schema¶
Note
This is auto-generated documentation from a JSON schema that is under construction, this will improve over time.
Return to the root config schema
https://raw.githubusercontent.com/elastisys/compliantkubernetes-apps/v0.40.1/config/schemas/config.yaml#/properties/trivy/properties/scanner
Configure the scanner used by Trivy.
Note
Many of these must be configured to support an air-gapped environment. See the admin documentation for reference.
Abstract | Extensible | Status | Identifiable | Custom Properties | Additional Properties | Access Restrictions | Defined In |
---|---|---|---|---|---|---|---|
Can be instantiated | No | Unknown status | No | Forbidden | Forbidden | none | config/schemas/config.yaml* |
TYPE:
object
(Trivy Scanner)
PROPERTIES:
Property | Type | Required | Nullable | Defined by |
---|---|---|---|---|
offlineScanEnabled | boolean |
Optional | cannot be null | Compliant Kubernetes Apps Config |
dbRegistry | string |
Optional | cannot be null | Compliant Kubernetes Apps Config |
dbRepository | string |
Optional | cannot be null | Compliant Kubernetes Apps Config |
dbRepositoryInsecure | boolean |
Optional | cannot be null | Compliant Kubernetes Apps Config |
javaDbRegistry | string |
Optional | cannot be null | Compliant Kubernetes Apps Config |
javaDbRepository | string |
Optional | cannot be null | Compliant Kubernetes Apps Config |
imagePullSecret | object |
Optional | cannot be null | Compliant Kubernetes Apps Config |
registry | object |
Optional | cannot be null | Compliant Kubernetes Apps Config |
timeout | string |
Optional | cannot be null | Compliant Kubernetes Apps Config |
resources | object |
Optional | cannot be null | Compliant Kubernetes Apps Config |
offlineScanEnabled¶
offlineScanEnabled
-
is optional
-
Type:
boolean
(Trivy Offline Scan Enabled) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
boolean
(Trivy Offline Scan Enabled)
dbRegistry¶
dbRegistry
-
is optional
-
Type:
string
(Trivy DB Registry) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
string
(Trivy DB Registry)
dbRepository¶
dbRepository
-
is optional
-
Type:
string
(Trivy DB Repository) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
string
(Trivy DB Repository)
dbRepositoryInsecure¶
dbRepositoryInsecure
-
is optional
-
Type:
boolean
(Trivy DB Repository Insecure) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
boolean
(Trivy DB Repository Insecure)
javaDbRegistry¶
javaDbRegistry
-
is optional
-
Type:
string
(Trivy Java DB Registry) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
string
(Trivy Java DB Registry)
javaDbRepository¶
javaDbRepository
-
is optional
-
Type:
string
(Trivy Java DB Repository) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
string
(Trivy Java DB Repository)
imagePullSecret¶
Configure an image pull secret for Trivy to use.
Create the secret in the monitoring
namespace then configure the name here.
imagePullSecret
-
is optional
-
Type:
object
(Trivy Image Pull Secret) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
object
(Trivy Image Pull Secret)
registry¶
Configure registries for Trivy.
registry
-
is optional
-
Type:
object
(Trivy Registry) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
object
(Trivy Registry)
timeout¶
A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m".
Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h".
timeout
-
is optional
-
Type:
string
(Duration String) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
string
(Duration String)
CONSTRAINTS:
pattern: the string must match the following regular expression:
^([-+]?[0-9]+(.[0-9]+)?(ns|us|µs|ms|s|m|h))+$
EXAMPLES:
2h45m0s
resources¶
Resource requests are used by the kube-scheduler to pick a node to schedule pods on.
Limits are enforced. Resources are commonly 'cpu' and 'memory'.
resources
-
is optional
-
Type:
object
(Kubernetes Resource Requirements) -
cannot be null
-
defined in: Compliant Kubernetes Apps Config
TYPE:
object
(Kubernetes Resource Requirements)
EXAMPLES:
requests:
memory: 128Mi
cpu: 100m
limits:
memory: 256Mi
cpu: 250m
Return to the root config schema
Generated Thu Nov 14 16:18:57 UTC 2024 from elastisys/compliantkubernetes-apps@v0.40.1