Skip to content

Commit

Permalink
anchore-enterprise 5.13 add max_scan_time for analyzer malware
Browse files Browse the repository at this point in the history 
Signed-off-by: Hung Nguyen <hung.tran.nguyen.585@gmail.com>
  • Loading branch information
@HN23
HN23 committed Dec 12, 2024
1 parent 84f3c85 commit a0cb475
Show file tree
Hide file tree
Showing 4 changed files with 4 additions and 19 deletions.
2 changes: 1 addition & 1 deletion stable/enterprise/Chart.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
apiVersion: v2
name: enterprise
version: "3.2.3"
version: "3.2.4"
appVersion: "5.12.0"
kubeVersion: 1.23.x - 1.31.x || 1.23.x-x - 1.31.x-x
description: |
Expand Down
18 changes: 0 additions & 18 deletions stable/enterprise/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -639,7 +639,6 @@ To restore your deployment to using your previous driver configurations:
| `global.fullnameOverride` | overrides the fullname set on resources | `""` |
| `global.nameOverride` | overrides the name set on resources | `""` |
### Common Resource Parameters
| Name | Description | Value |
Expand Down Expand Up @@ -694,7 +693,6 @@ To restore your deployment to using your previous driver configurations:
| `scripts` | Collection of helper scripts usable in all anchore enterprise pods | `{}` |
| `domainSuffix` | domain suffix for appending to the ANCHORE_ENDPOINT_HOSTNAME. If blank, domainSuffix will be "namespace.svc.cluster.local". | `""` |
### Anchore Configuration Parameters
| Name | Description | Value |
Expand Down Expand Up @@ -824,7 +822,6 @@ To restore your deployment to using your previous driver configurations:
| `anchoreConfig.ui.dbUser` | allows overriding and separation of the ui database user. | `""` |
| `anchoreConfig.ui.dbPassword` | allows overriding and separation of the ui database user authentication | `""` |
### Anchore Analyzer k8s Deployment Parameters
| Name | Description | Value |
Expand All @@ -842,7 +839,6 @@ To restore your deployment to using your previous driver configurations:
| `analyzer.serviceAccountName` | Service account name for Anchore API pods | `""` |
| `analyzer.scratchVolume.details` | Details for the k8s volume to be created for Anchore Analyzer scratch space | `{}` |
### Anchore API k8s Deployment Parameters
| Name | Description | Value |
Expand All @@ -865,7 +861,6 @@ To restore your deployment to using your previous driver configurations:
| `api.affinity` | Affinity for Anchore API pod assignment | `{}` |
| `api.serviceAccountName` | Service account name for Anchore API pods | `""` |
### Anchore Catalog k8s Deployment Parameters
| Name | Description | Value |
Expand All @@ -889,7 +884,6 @@ To restore your deployment to using your previous driver configurations:
| `catalog.serviceAccountName` | Service account name for Anchore Catalog pods | `""` |
| `catalog.scratchVolume.details` | Details for the k8s volume to be created for Anchore Catalog scratch space | `{}` |
### Anchore DataSyncer k8s Deployment Parameters
| Name | Description | Value |
Expand All @@ -913,7 +907,6 @@ To restore your deployment to using your previous driver configurations:
| `dataSyncer.serviceAccountName` | Service account name for Anchore DataSyncer pods | `""` |
| `dataSyncer.scratchVolume.details` | Details for the k8s volume to be created for Anchore DataSyncer scratch space | `{}` |
### Anchore Notifications Parameters
| Name | Description | Value |
Expand All @@ -936,7 +929,6 @@ To restore your deployment to using your previous driver configurations:
| `notifications.affinity` | Affinity for Anchore Notifications pod assignment | `{}` |
| `notifications.serviceAccountName` | Service account name for Anchore Notifications pods | `""` |
### Anchore Policy Engine k8s Deployment Parameters
| Name | Description | Value |
Expand All @@ -960,7 +952,6 @@ To restore your deployment to using your previous driver configurations:
| `policyEngine.serviceAccountName` | Service account name for Anchore Policy Engine pods | `""` |
| `policyEngine.scratchVolume.details` | Details for the k8s volume to be created for Anchore Policy Engine scratch space | `{}` |
### Anchore Reports Parameters
| Name | Description | Value |
Expand All @@ -984,7 +975,6 @@ To restore your deployment to using your previous driver configurations:
| `reports.serviceAccountName` | Service account name for Anchore Reports pods | `""` |
| `reports.scratchVolume.details` | Details for the k8s volume to be created for Anchore Reports scratch space | `{}` |
### Anchore Reports Worker Parameters
| Name | Description | Value |
Expand All @@ -1007,7 +997,6 @@ To restore your deployment to using your previous driver configurations:
| `reportsWorker.affinity` | Affinity for Anchore Reports Worker pod assignment | `{}` |
| `reportsWorker.serviceAccountName` | Service account name for Anchore Reports Worker pods | `""` |
### Anchore Simple Queue Parameters
| Name | Description | Value |
Expand All @@ -1030,7 +1019,6 @@ To restore your deployment to using your previous driver configurations:
| `simpleQueue.affinity` | Affinity for Anchore Simple Queue pod assignment | `{}` |
| `simpleQueue.serviceAccountName` | Service account name for Anchore Simple Queue pods | `""` |
### Anchore UI Parameters
| Name | Description | Value |
Expand All @@ -1057,7 +1045,6 @@ To restore your deployment to using your previous driver configurations:
| `ui.affinity` | Affinity for Anchore ui pod assignment | `{}` |
| `ui.serviceAccountName` | Service account name for Anchore UI pods | `""` |
### Anchore Upgrade Job Parameters
| Name | Description | Value |
Expand All @@ -1076,7 +1063,6 @@ To restore your deployment to using your previous driver configurations:
| `upgradeJob.labels` | Labels for the Anchore upgrade job | `{}` |
| `upgradeJob.ttlSecondsAfterFinished` | The time period in seconds the upgrade job, and it's related pods should be retained for | `-1` |
### Ingress Parameters
| Name | Description | Value |
Expand All @@ -1091,7 +1077,6 @@ To restore your deployment to using your previous driver configurations:
| `ingress.tls` | Configure tls for the ingress resource | `[]` |
| `ingress.ingressClassName` | sets the ingress class name. As of k8s v1.18, this should be nginx | `nginx` |
### Google CloudSQL DB Parameters
| Name | Description | Value |
Expand All @@ -1105,7 +1090,6 @@ To restore your deployment to using your previous driver configurations:
| `cloudsql.serviceAccJsonName` | | `""` |
| `cloudsql.extraArgs` | a list of extra arguments to be passed into the cloudsql container command. eg | `[]` |
### Anchore UI Redis Parameters
| Name | Description | Value |
Expand All @@ -1119,7 +1103,6 @@ To restore your deployment to using your previous driver configurations:
| `ui-redis.image.repository` | Specifies the image repository to use for this chart. | `bitnami/redis` |
| `ui-redis.image.tag` | Specifies the image to use for this chart. | `7.0.12-debian-11-r0` |
### Anchore Database Parameters
| Name | Description | Value |
Expand All @@ -1138,7 +1121,6 @@ To restore your deployment to using your previous driver configurations:
| `postgresql.image.registry` | Specifies the image registry to use for this chart. | `docker.io` |
| `postgresql.image.tag` | Specifies the image to use for this chart. | `13.11.0-debian-11-r15` |
### Anchore Object Store and Analysis Archive Migration
| Name | Description | Value |
Expand Down
1 change: 1 addition & 0 deletions stable/enterprise/tests/__snapshot__/configmap_test.yaml.snap
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ should render the configmaps:
clamav:
db_update_enabled: true
enabled: <ALLOW_API_CONFIGURATION>
max_scan_time: 600000
retrieve_files:
file_list:
- /etc/passwd
Expand Down
2 changes: 2 additions & 0 deletions stable/enterprise/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -503,6 +503,8 @@ anchoreConfig:
clamav:
enabled: "<ALLOW_API_CONFIGURATION>" # false
db_update_enabled: true
# Maximum time in milliseconds that a ClamAV scan is allowed to run
max_scan_time: 600000

catalog:
## @param anchoreConfig.catalog.cycle_timers.image_watcher Interval (seconds) to check for an update to a tag
Expand Down

0 comments on commit a0cb475

Please sign in to comment.