Switch branches/tags
Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
..
Failed to load latest commit information.
templates
.helmignore
Chart.yaml
OWNERS
README.md
requirements.yaml
values.yaml

README.md

Scanner

Scanner by AppsCode - Docker Image Scanner.

TL;DR;

$ helm repo add appscode https://charts.appscode.com/stable/
$ helm repo update
$ helm install appscode/scanner

Introduction

This chart bootstraps a Scanner server deployment on a Kubernetes cluster using the Helm package manager.

Prerequisites

  • Kubernetes 1.9+

Installing the Chart

To install the chart with the release name my-release:

$ helm install appscode/scanner --name my-release

The command deploys Scanner server on the Kubernetes cluster in the default configuration. The configuration section lists the parameters that can be configured during installation.

Tip: List all releases using helm list

Uninstalling the Chart

To uninstall/delete the my-release:

$ helm delete my-release

The command removes all the Kubernetes components associated with the chart and deletes the release.

Configuration

The following table lists the configurable parameters of the Scanner chart and their default values.

Parameter Description Default
replicaCount Number of Scanner server replicas to create (only 1 is supported) 1
scanner.registry Docker registry used to pull Scanner image appscode
scanner.repository Scanner container image scanner
scanner.tag Scanner container image tag 0.1.0
imagePullPolicy container image pull policy IfNotPresent
criticalAddon If true, installs Scanner server as critical addon false
affinity Affinity rules for pod assignment {}
annotations Annotations applied to operator pod(s) {}
nodeSelector Node labels for pod assignment {}
tolerations Tolerations used pod assignment {}
rbac.create If true, create and use RBAC resources true
serviceAccount.create If true, create a new service account true
serviceAccount.name Service account to be used. If not set and serviceAccount.create is true, a name is generated using the fullname template ``
apiserver.groupPriorityMinimum The minimum priority the group should have. 10000
apiserver.versionPriority The ordering of this API inside of the group. 15
apiserver.enableValidatingWebhook Enable validating webhooks for Kubernetes workloads false
apiserver.enableMutatingWebhook Enable mutating webhooks for Kubernetes workloads false
apiserver.ca CA certificate used by main Kubernetes api server ``
enableAnalytics Send usage events to Google Analytics true

Specify each parameter using the --set key=value[,key=value] argument to helm install. For example:

$ helm install --name my-release --set image.tag=v0.2.1 appscode/scanner

Alternatively, a YAML file that specifies the values for the parameters can be provided while installing the chart. For example:

$ helm install --name my-release --values values.yaml appscode/scanner

RBAC

By default the chart will not install the recommended RBAC roles and rolebindings.

You need to have the flag --authorization-mode=RBAC on the api server. See the following document for how to enable RBAC.

To determine if your cluster supports RBAC, run the following command:

$ kubectl api-versions | grep rbac

If the output contains "beta", you may install the chart with RBAC enabled (see below).

Enable RBAC role/rolebinding creation

To enable the creation of RBAC resources (On clusters with RBAC). Do the following:

$ helm install --name my-release appscode/scanner --set rbac.create=true