Skip to content

Commit

Permalink
feat(trivy-operator-crds): new chart (#882)
Browse files Browse the repository at this point in the history
Signed-off-by: Nicolas Lamirault <[email protected]>
  • Loading branch information
nlamirault authored Sep 10, 2024
1 parent 952d197 commit 485c956
Show file tree
Hide file tree
Showing 16 changed files with 2,696 additions and 0 deletions.
42 changes: 42 additions & 0 deletions charts/trivy-operator-crds/Chart.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
---
apiVersion: v2
description: Trivy Operator CRDs
name: trivy-operator-crds
version: 1.0.0
appVersion: v0.22.0
home: https://github.com/aquasecurity/trivy-operator
icon: https://github.com/devopstales/helm-charts/raw/main/icons/trivy.png
sources:
- https://github.com/portefaix/portefaix-hub
- hthttps://github.com/aquasecurity/trivy-operator
keywords:
- trivy
- operator
- crds

dependencies:
- name: crds
version: "0.0.0"

maintainers:
- name: nlamirault
email: [email protected]
url: https://github.com/nlamirault

# https://artifacthub.io/docs/topics/repositories/
annotations:
artifacthub.io/license: Apache-2.0
artifacthub.io/links: |
- name: Trivy Operator
url: https://github.com/aquasecurity/trivy-operator
- name: Portefaix Hub
url: https://github.com/portefaix/portefaix-hub
artifacthub.io/maintainers: |
- name: nlamirault
email: [email protected]
artifacthub.io/signKey: |
fingerprint: C39918B3EBDE35C23B8D0B8E5F99269A6FCA437C
url: https://keybase.io/nlamirault/pgp_keys.asc
artifacthub.io/changes: |
- kind: added
description: Init chart
33 changes: 33 additions & 0 deletions charts/trivy-operator-crds/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
# traefik-crds

![Version: 1.0.0](https://img.shields.io/badge/Version-1.0.0-informational?style=flat-square) ![AppVersion: v30.0.2](https://img.shields.io/badge/AppVersion-v30.0.2-informational?style=flat-square)

Traefik CRDs

**Homepage:** <https://traefik.io/>

## Maintainers

| Name | Email | Url |
| ---- | ------ | --- |
| nlamirault | <[email protected]> | <https://github.com/nlamirault> |

## Source Code

* <https://github.com/portefaix/portefaix-hub>
* <https://github.com/traefik/traefik>

## Requirements

| Repository | Name | Version |
|------------|------|---------|
| | crds | 0.0.0 |

## Values

| Key | Type | Default | Description |
|-----|------|---------|-------------|
| crds.annotations | object | `{}` | |

----------------------------------------------
Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0)
4 changes: 4 additions & 0 deletions charts/trivy-operator-crds/charts/crds/Chart.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
---
apiVersion: v2
name: crds
version: 0.0.0
Original file line number Diff line number Diff line change
@@ -0,0 +1,283 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
{{- with .Values.annotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
controller-gen.kubebuilder.io/version: v0.14.0
name: clustercompliancereports.aquasecurity.github.io
spec:
group: aquasecurity.github.io
names:
kind: ClusterComplianceReport
listKind: ClusterComplianceReportList
plural: clustercompliancereports
shortNames:
- compliance
singular: clustercompliancereport
scope: Cluster
versions:
- additionalPrinterColumns:
- description: The age of the report
jsonPath: .metadata.creationTimestamp
name: Age
type: date
- description: The number of checks that failed
jsonPath: .status.summary.failCount
name: Fail
priority: 1
type: integer
- description: The number of checks that passed
jsonPath: .status.summary.passCount
name: Pass
priority: 1
type: integer
name: v1alpha1
schema:
openAPIV3Schema:
description: ClusterComplianceReport is a specification for the ClusterComplianceReport
resource.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: ReportSpec represent the compliance specification
properties:
compliance:
properties:
controls:
description: Control represent the cps controls data and mapping
checks
items:
description: Control represent the cps controls data and mapping
checks
properties:
checks:
items:
description: SpecCheck represent the scanner who perform
the control check
properties:
id:
description: id define the check id as produced by
scanner
type: string
required:
- id
type: object
type: array
commands:
items:
description: Commands represent the commands to be executed
by the node-collector
properties:
id:
description: id define the commands id
type: string
required:
- id
type: object
type: array
defaultStatus:
description: define the default value for check status in
case resource not found
enum:
- PASS
- WARN
- FAIL
type: string
description:
type: string
id:
description: id define the control check id
type: string
name:
type: string
severity:
description: define the severity of the control
enum:
- CRITICAL
- HIGH
- MEDIUM
- LOW
- UNKNOWN
type: string
required:
- id
- name
- severity
type: object
type: array
description:
type: string
id:
type: string
platform:
type: string
relatedResources:
items:
type: string
type: array
title:
type: string
type:
type: string
version:
type: string
required:
- controls
- description
- id
- platform
- relatedResources
- title
- type
- version
type: object
cron:
description: cron define the intervals for report generation
pattern: ^(((([\*]{1}){1})|((\*\/){0,1}(([0-9]{1}){1}|(([1-5]{1}){1}([0-9]{1}){1}){1})))
((([\*]{1}){1})|((\*\/){0,1}(([0-9]{1}){1}|(([1]{1}){1}([0-9]{1}){1}){1}|([2]{1}){1}([0-3]{1}){1})))
((([\*]{1}){1})|((\*\/){0,1}(([1-9]{1}){1}|(([1-2]{1}){1}([0-9]{1}){1}){1}|([3]{1}){1}([0-1]{1}){1})))
((([\*]{1}){1})|((\*\/){0,1}(([1-9]{1}){1}|(([1-2]{1}){1}([0-9]{1}){1}){1}|([3]{1}){1}([0-1]{1}){1}))|(jan|feb|mar|apr|may|jun|jul|aug|sep|okt|nov|dec))
((([\*]{1}){1})|((\*\/){0,1}(([0-7]{1}){1}))|(sun|mon|tue|wed|thu|fri|sat)))$
type: string
reportType:
enum:
- summary
- all
type: string
required:
- compliance
- cron
- reportType
type: object
status:
properties:
detailReport:
description: ComplianceReport represents a kubernetes scan report
properties:
description:
type: string
id:
type: string
relatedVersion:
items:
type: string
type: array
results:
items:
properties:
checks:
items:
description: ComplianceCheck provides the result of conducting
a single compliance step.
properties:
category:
type: string
checkID:
type: string
description:
type: string
messages:
items:
type: string
type: array
remediation:
description: Remediation provides description or links
to external resources to remediate failing check.
type: string
severity:
description: Severity level of a vulnerability or
a configuration audit check.
type: string
success:
type: boolean
target:
type: string
title:
type: string
required:
- checkID
- severity
- success
type: object
type: array
description:
type: string
id:
type: string
name:
type: string
severity:
type: string
status:
type: string
required:
- checks
type: object
type: array
title:
type: string
version:
type: string
type: object
x-kubernetes-preserve-unknown-fields: true
summary:
properties:
failCount:
type: integer
passCount:
type: integer
type: object
summaryReport:
description: SummaryReport represents a kubernetes scan report with
consolidated findings
properties:
controlCheck:
items:
properties:
id:
type: string
name:
type: string
severity:
type: string
totalFail:
type: integer
type: object
type: array
id:
type: string
title:
type: string
type: object
x-kubernetes-preserve-unknown-fields: true
updateTimestamp:
format: date-time
type: string
required:
- updateTimestamp
type: object
type: object
x-kubernetes-preserve-unknown-fields: true
served: true
storage: true
subresources:
status: {}
Loading

0 comments on commit 485c956

Please sign in to comment.