Update .gitignore to include .tmp files, remove Trivy namespace from kustomization.yaml, and add Trivy dashboard application to app-of-apps kustomization. Delete obsolete Trivy namespace and values files to streamline deployment configuration.

clusters/noble/apps/trivy/dashboard-values.yaml

@@ -0,0 +1,42 @@
+# Trivy Operator Dashboard — web UI for Trivy Operator CRDs (community chart; not Aqua).
+# Helm: oci://ghcr.io/raoulx24/charts/trivy-operator-dashboard — Argo: **noble-trivy-dashboard**.
+# OAuth: Traefik **ForwardAuth** → **oauth2-proxy** (OIDC to Authentik), same pattern as Longhorn / Prometheus UIs.
+#
+# Sync **noble-trivy-operator** first so CRDs and reports exist. DNS: host below → Traefik LB.
+
+kubernetes:
+  # Match **clusters/noble/bootstrap/trivy/values.yaml** operator feature flags (no SBOM / cluster compliance cache).
+  trivyUseClusterComplianceReport: false
+  trivyUseClusterSbomReport: false
+  trivyUseClusterVulnerabilityReport: false
+  trivyUseSbomReport: false
+
+image:
+  pullPolicy: IfNotPresent
+
+ingress:
+  enabled: true
+  className: traefik
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+    traefik.ingress.kubernetes.io/router.middlewares: oauth2-proxy-forward-auth@kubernetescrd
+  hosts:
+    - host: trivy.apps.noble.lab.pcenicni.dev
+      paths:
+        - path: /
+          pathType: Prefix
+  tls:
+    - secretName: trivy-apps-noble-tls
+      hosts:
+        - trivy.apps.noble.lab.pcenicni.dev
+
+tolerations:
+  - operator: Exists
+
+resources:
+  requests:
+    cpu: 100m
+    memory: 384Mi
+  limits:
+    cpu: "1"
+    memory: 512Mi