Update Trivy configuration paths in Ansible tasks and Argo CD application manifests to reflect new directory structure. Adjust references in values.yaml and dashboard-values.yaml for consistency and clarity in deployment processes.

2026-05-14 17:21:49 -04:00
parent c347416668
commit e48283fc43
5 changed files with 7 additions and 7 deletions
--- a/ansible/roles/noble_trivy/tasks/main.yml
+++ b/ansible/roles/noble_trivy/tasks/main.yml
@@ -56,7 +56,7 @@
      - kubectl
      - apply
      - -f
-      - "{{ noble_repo_root }}/clusters/noble/bootstrap/trivy/namespace.yaml"
+      - "{{ noble_repo_root }}/clusters/noble/apps/trivy/namespace.yaml"
  environment:
    KUBECONFIG: "{{ noble_kubeconfig }}"
  changed_when: true
@@ -74,7 +74,7 @@
      - --version
      - "{{ noble_trivy_chart_version }}"
      - -f
-      - "{{ noble_repo_root }}/clusters/noble/bootstrap/trivy/values.yaml"
+      - "{{ noble_repo_root }}/clusters/noble/apps/trivy/values.yaml"
      - --force-conflicts
      - --wait
      - --timeout
--- a/clusters/noble/apps/trivy/dashboard-values.yaml
+++ b/clusters/noble/apps/trivy/dashboard-values.yaml
@@ -5,7 +5,7 @@
 # Sync **noble-trivy-operator** first so CRDs and reports exist. DNS: host below → Traefik LB.

 kubernetes:
-  # Match **clusters/noble/bootstrap/trivy/values.yaml** operator feature flags (no SBOM / cluster compliance cache).
+  # Match **clusters/noble/apps/trivy/values.yaml** operator feature flags (no SBOM / cluster compliance cache).
  trivyUseClusterComplianceReport: false
  trivyUseClusterSbomReport: false
  trivyUseClusterVulnerabilityReport: false
--- a/clusters/noble/apps/trivy/values.yaml
+++ b/clusters/noble/apps/trivy/values.yaml
@@ -6,9 +6,9 @@
 #
 # Manual Helm (if not using Argo):
 #   helm repo add aqua https://aquasecurity.github.io/helm-charts/ && helm repo update
-#   kubectl apply -f clusters/noble/bootstrap/trivy/namespace.yaml
+#   kubectl apply -f clusters/noble/apps/trivy/namespace.yaml
 #   helm upgrade --install trivy-operator aqua/trivy-operator -n trivy-system \
-#     --version 0.32.1 -f clusters/noble/bootstrap/trivy/values.yaml --wait --timeout 15m
+#     --version 0.32.1 -f clusters/noble/apps/trivy/values.yaml --wait --timeout 15m
 #
 # Inspect: kubectl get vulnerabilityreports,configauditreports -A
 # Docs: https://aquasecurity.github.io/trivy-operator/
--- a/clusters/noble/bootstrap/argocd/app-of-apps/trivy-dashboard-application.yaml
+++ b/clusters/noble/bootstrap/argocd/app-of-apps/trivy-dashboard-application.yaml
@@ -15,7 +15,7 @@ spec:
      helm:
        releaseName: trivy-operator-dashboard
        valueFiles:
-          - $values/clusters/noble/bootstrap/trivy/dashboard-values.yaml
+          - $values/clusters/noble/apps/trivy/dashboard-values.yaml
    - repoURL: https://gitea.pcenicni.ca/gsdavidp/home-server.git
      targetRevision: HEAD
      ref: values
--- a/clusters/noble/bootstrap/argocd/app-of-apps/trivy-operator-application.yaml
+++ b/clusters/noble/bootstrap/argocd/app-of-apps/trivy-operator-application.yaml
@@ -15,7 +15,7 @@ spec:
      helm:
        releaseName: trivy-operator
        valueFiles:
-          - $values/clusters/noble/bootstrap/trivy/values.yaml
+          - $values/clusters/noble/apps/trivy/values.yaml
    - repoURL: https://gitea.pcenicni.ca/gsdavidp/home-server.git
      targetRevision: HEAD
      ref: values