From 68c1f4514d0080378db39b9e28b709dbbcdff572 Mon Sep 17 00:00:00 2001 From: afdesk Date: Wed, 20 Nov 2024 15:39:43 +0600 Subject: [PATCH] chore: use mirror.gcr.io for trivy-check by default --- deploy/helm/README.md | 4 ++-- deploy/helm/values.yaml | 4 ++-- deploy/static/trivy-operator.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/deploy/helm/README.md b/deploy/helm/README.md index ffafca4ca..29f5f78fd 100644 --- a/deploy/helm/README.md +++ b/deploy/helm/README.md @@ -95,10 +95,10 @@ Keeps security report resources updated | podSecurityContext | object | `{}` | | | policiesBundle.existingSecret | bool | `false` | existingSecret if a secret containing registry credentials that have been created outside the chart (e.g external-secrets, sops, etc...). Keys must be at least one of the following: policies.bundle.oci.user, policies.bundle.oci.password Overrides policiesBundle.registryUser, policiesBundle.registryPassword values. Note: The secret has to be named "trivy-operator". | | policiesBundle.insecure | bool | `false` | insecure is the flag to enable insecure connection to the policy bundle registry | -| policiesBundle.registry | string | `"ghcr.io"` | registry of the policies bundle | +| policiesBundle.registry | string | `"mirror.gcr.io"` | registry of the policies bundle | | policiesBundle.registryPassword | string | `nil` | registryPassword is the password for the registry | | policiesBundle.registryUser | string | `nil` | registryUser is the user for the registry | -| policiesBundle.repository | string | `"aquasecurity/trivy-checks"` | repository of the policies bundle | +| policiesBundle.repository | string | `"aquasec/trivy-checks"` | repository of the policies bundle | | policiesBundle.tag | int | `1` | tag version of the policies bundle | | priorityClassName | string | `""` | priorityClassName set the operator priorityClassName | | rbac.create | bool | `true` | | diff --git a/deploy/helm/values.yaml b/deploy/helm/values.yaml index 7f6b749c0..d14cdf860 100644 --- a/deploy/helm/values.yaml +++ b/deploy/helm/values.yaml @@ -686,9 +686,9 @@ automountServiceAccountToken: true policiesBundle: # -- registry of the policies bundle - registry: ghcr.io + registry: mirror.gcr.io # -- repository of the policies bundle - repository: aquasecurity/trivy-checks + repository: aquasec/trivy-checks # -- tag version of the policies bundle tag: 1 # -- registryUser is the user for the registry diff --git a/deploy/static/trivy-operator.yaml b/deploy/static/trivy-operator.yaml index 40d3db80c..aac9f81c5 100644 --- a/deploy/static/trivy-operator.yaml +++ b/deploy/static/trivy-operator.yaml @@ -2970,7 +2970,7 @@ data: compliance.failEntriesLimit: "10" report.recordFailedChecksOnly: "true" node.collector.imageRef: "ghcr.io/aquasecurity/node-collector:0.3.1" - policies.bundle.oci.ref: "ghcr.io/aquasecurity/trivy-checks:1" + policies.bundle.oci.ref: "mirror.gcr.io/aquasec/trivy-checks:1" policies.bundle.insecure: "false" node.collector.nodeSelector: "true"