30 lines
961 B
YAML
30 lines
961 B
YAML
# Bootstrap app-of-apps leaf: Trivy Operator (vulnerability + config audit reports).
|
|
apiVersion: argoproj.io/v1alpha1
|
|
kind: Application
|
|
metadata:
|
|
name: noble-trivy-operator
|
|
namespace: argocd
|
|
finalizers:
|
|
- resources-finalizer.argocd.argoproj.io/background
|
|
spec:
|
|
project: default
|
|
sources:
|
|
- repoURL: https://aquasecurity.github.io/helm-charts/
|
|
chart: trivy-operator
|
|
targetRevision: 0.32.1
|
|
helm:
|
|
releaseName: trivy-operator
|
|
valueFiles:
|
|
- $values/clusters/noble/apps/trivy/values.yaml
|
|
- repoURL: https://gitea.pcenicni.ca/gsdavidp/home-server.git
|
|
targetRevision: HEAD
|
|
ref: values
|
|
destination:
|
|
server: https://kubernetes.default.svc
|
|
namespace: trivy-system
|
|
# Manual sync after **noble.yml**: install Trivy via Argo only (not Ansible). Enable automation after cutover (../README.md §5).
|
|
syncPolicy:
|
|
syncOptions:
|
|
- CreateNamespace=true
|
|
- ServerSideApply=true
|