Update documentation and playbook to clarify Trivy Operator installation via Argo CD, removing direct Ansible role references. Adjust README and related files to reflect the new deployment order and ensure proper resource ownership, enhancing overall clarity for users.

2026-05-14 17:04:25 -04:00
parent c3c89b8f0a
commit a5869c242a
11 changed files with 25 additions and 20 deletions
--- a/clusters/noble/bootstrap/trivy/namespace.yaml
+++ b/clusters/noble/bootstrap/trivy/namespace.yaml
@@ -1,4 +1,4 @@
-# Trivy Operator — apply before Helm (Ansible **noble_trivy**).
+# Trivy Operator — namespace + PSA; applied with **noble_platform** bootstrap kustomize before Argo syncs the chart.
 # Scan jobs may use elevated capabilities; align with other operator namespaces.
 apiVersion: v1
 kind: Namespace
--- a/clusters/noble/bootstrap/trivy/values.yaml
+++ b/clusters/noble/bootstrap/trivy/values.yaml
@@ -1,5 +1,7 @@
 # Trivy Operator — in-cluster image vulnerability + config reports (Aqua trivy-operator Helm chart).
+# Deploy via Argo CD: **noble-trivy-operator** (`clusters/noble/bootstrap/argocd/app-of-apps/trivy-operator-application.yaml`).
 #
+# Manual Helm (if not using Argo):
 #   helm repo add aqua https://aquasecurity.github.io/helm-charts/ && helm repo update
 #   kubectl apply -f clusters/noble/bootstrap/trivy/namespace.yaml
 #   helm upgrade --install trivy-operator aqua/trivy-operator -n trivy-system \