/
values.yaml
56 lines (46 loc) · 3.28 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
# SPDX-FileCopyrightText: the secureCodeBox authors
#
# SPDX-License-Identifier: Apache-2.0
# Default values for dispatcher.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
# -- Define imagePullSecrets when a private registry is used (see: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/)
imagePullSecrets: []
hook:
image:
# hook.image.repository -- Hook image repository
repository: docker.io/securecodebox/hook-persistence-defectdojo
# -- Container image tag
# @default -- defaults to the charts version
tag: null
# -- Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images
pullPolicy: IfNotPresent
# hook.labels -- Add Kubernetes Labels to the hook definition
labels: {}
# -- Hook priority. Higher priority Hooks are guaranteed to execute before low priority Hooks.
priority: 0
# -- Seconds after which the kubernetes job for the hook will be deleted. Requires the Kubernetes TTLAfterFinished controller: https://kubernetes.io/docs/concepts/workloads/controllers/ttlafterfinished/
ttlSecondsAfterFinished: null
# hook.affinity -- Optional affinity settings that control how the hook job is scheduled (see: https://kubernetes.io/docs/tasks/configure-pod-container/assign-pods-nodes-using-node-affinity/)
affinity: {}
# hook.tolerations -- Optional tolerations settings that control how the hook job is scheduled (see: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/)
tolerations: []
# -- Optional resources lets you control resource limits and requests for the hook container. See https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
# @default -- { requests: { cpu: "200m", memory: "100Mi" }, limits: { cpu: "400m", memory: "200Mi" } }
resources: {}
defectdojo:
# -- Syncs back (two way sync) all imported findings from DefectDojo to SCB Findings Store. When set to false the hook will only import the findings to DefectDojo (one way sync).
syncFindingsBack: true
# -- Allows the hook to run with a users token whose access rights are restricted to one / multiple product types but doesn't have global platform rights. If set to true, the DefectDojo User ID has to be configured instead of the username (`defectdojo.authentication.userId`). User needs to have at least the `Maintainer` role in the used Product Type.
lowPrivilegedMode: false
# -- Url to the DefectDojo Instance
url: "http://defectdojo-django.default.svc"
authentication:
# -- Link a pre-existing generic secret with `username` and `apikey` key / value pairs
userSecret: defectdojo-credentials
# -- Name of the username key in the `userSecret` secret. Use this if you already have a secret with different key / value pairs
usernameKey: username
# -- Name of the apikey key in the `userSecret` secret. Use this if you already have a secret with different key / value pairs
apiKeyKey: apikey # what a name 🙃
# -- Set the userId explicitly. When not set the configured username is used to look up the userId via the DefectDojo API (which is only available for privileged users.)
userId: null