fix: update olm defaults (#2138)

* fix: update olm defaults Signed-off-by: chenk <hen.keinan@gmail.com> * fix: update olm defaults Signed-off-by: chenk <hen.keinan@gmail.com> --------- Signed-off-by: chenk <hen.keinan@gmail.com>
aquasecurity · Jun 13, 2024 · 181ebae · 181ebae
1 parent 20acccc
commit 181ebae
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 3 deletions.
diff --git a/deploy/helm/README.md b/deploy/helm/README.md
@@ -15,7 +15,7 @@ Keeps security report resources updated
 | affinity | object | `{}` | affinity set the operator affinity |
 | automountServiceAccountToken | bool | `true` | automountServiceAccountToken the flag to enable automount for service account token |
 | compliance.cron | string | `"0 */6 * * *"` | cron this flag control the cron interval for compliance report generation |
-| compliance.failEntriesLimit | int | `10` | failEntriesLimit the flag to limit the number of fail entries per control check in the cluster compliance detail report |
+| compliance.failEntriesLimit | int | `10` | failEntriesLimit the flag to limit the number of fail entries per control check in the cluster compliance detail report this limit is for preventing the report from being too large per control checks |
 | compliance.reportType | string | `"summary"` | reportType this flag control the type of report generated (summary or all) |
 | excludeNamespaces | string | `""` | excludeNamespaces is a comma separated list of namespaces (or glob patterns) to be excluded from scanning. Only applicable in the all namespaces install mode, i.e. when the targetNamespaces values is a blank string. |
 | fullnameOverride | string | `""` | fullnameOverride override operator full name |

diff --git a/deploy/helm/values.yaml b/deploy/helm/values.yaml
@@ -594,6 +594,7 @@ trivy:
 
 compliance:
   # -- failEntriesLimit the flag to limit the number of fail entries per control check in the cluster compliance detail report
+  # this limit is for preventing the report from being too large per control checks
   failEntriesLimit: 10
   # -- reportType this flag control the type of report generated (summary or all)
   reportType: summary

diff --git a/pkg/trivyoperator/config.go b/pkg/trivyoperator/config.go
@@ -114,8 +114,8 @@ func GetDefaultConfig() ConfigData {
 		KeyScanJobcompressLogs:          "true",
 		keyComplianceFailEntriesLimit:   "10",
 		KeyReportRecordFailedChecksOnly: "true",
-		KeyNodeCollectorImageRef:        "ghcr.io/aquasecurity/node-collector:0.1.2",
-		KeyPoliciesBundleOciRef:         "ghcr.io/aquasecurity/trivy-policies:0",
+		KeyNodeCollectorImageRef:        "ghcr.io/aquasecurity/node-collector:0.2.1",
+		KeyPoliciesBundleOciRef:         "ghcr.io/aquasecurity/trivy-checks:0",
 	}
 }