diff --git a/charts/stackrox/Chart.yaml b/charts/stackrox/Chart.yaml index 558d4cf3..4e7c1a12 100644 --- a/charts/stackrox/Chart.yaml +++ b/charts/stackrox/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: stackrox-chart description: Install and Configure Stackrox type: application -version: 0.0.8 +version: 0.0.9 home: https://github.com/redhat-cop/helm-charts icon: https://avatars.githubusercontent.com/u/40638982?s=200&v=4 maintainers: diff --git a/charts/stackrox/templates/configure-stackrox-job.yaml b/charts/stackrox/templates/configure-stackrox-job.yaml index 4fe0c5a7..1f94c3df 100644 --- a/charts/stackrox/templates/configure-stackrox-job.yaml +++ b/charts/stackrox/templates/configure-stackrox-job.yaml @@ -35,36 +35,64 @@ spec: apiVersion: platform.stackrox.io/v1alpha1 kind: Central metadata: - namespace: {{ .Values.stackrox.namespace | quote }} - name: stackrox-central-services + name: stackrox-central-services + namespace: {{ .Values.stackrox.namespace | quote }} spec: - central: - exposure: - loadBalancer: - enabled: false - port: 443 - nodePort: - enabled: false - route: - enabled: true + monitoring: + openshift: + enabled: true + central: + notifierSecretsEncryption: + enabled: false + exposure: + loadBalancer: + enabled: false + port: 443 + nodePort: + enabled: false + route: + enabled: true + telemetry: + enabled: true + db: + isEnabled: Default persistence: persistentVolumeClaim: - claimName: stackrox-db - egress: - connectivityPolicy: Online - scanner: - analyzer: - resources: - {{- toYaml .Values.stackrox.analyzer.resources | nindent 24 }} - scaling: - autoScaling: Enabled - maxReplicas: 5 - minReplicas: 2 - replicas: 3 - scannerComponent: Enabled + claimName: central-db + persistence: + persistentVolumeClaim: + claimName: stackrox-db + egress: + connectivityPolicy: Online + scannerV4: + db: + persistence: + persistentVolumeClaim: + claimName: scanner-v4-db + indexer: + scaling: + autoScaling: Enabled + maxReplicas: 5 + minReplicas: 2 + replicas: 3 + matcher: + scaling: + autoScaling: Enabled + maxReplicas: 5 + minReplicas: 2 + replicas: 3 + scannerComponent: Default + scanner: + analyzer: + scaling: + autoScaling: Enabled + maxReplicas: 5 + minReplicas: 2 + replicas: 3 + {{- toYaml .Values.stackrox.analyzer.resources | nindent 24 }} EOF } - + install_central until [ "$?" == 0 ] do @@ -122,19 +150,47 @@ spec: name: {{ .Values.stackrox.clusterName }}-secured-cluster namespace: {{ .Values.stackrox.namespace | quote }} spec: - admissionControl: - listenOnCreates: false - listenOnEvents: true - listenOnUpdates: false + monitoring: + openshift: + enabled: true auditLogs: collection: Auto - centralEndpoint: 'central.{{ .Values.stackrox.namespace }}:443' - clusterName: {{ .Values.stackrox.clusterName | quote }} + admissionControl: + listenOnUpdates: true + bypass: BreakGlassAnnotation + contactImageScanners: DoNotScanInline + listenOnCreates: true + replicas: 3 + timeoutSeconds: 20 + listenOnEvents: true + scannerV4: + db: + persistence: + persistentVolumeClaim: + claimName: scanner-v4-db + indexer: + scaling: + autoScaling: Enabled + maxReplicas: 5 + minReplicas: 2 + replicas: 3 + scannerComponent: Default + scanner: + analyzer: + scaling: + autoScaling: Enabled + maxReplicas: 5 + minReplicas: 2 + replicas: 3 + scannerComponent: AutoSense perNode: collector: - collection: KernelModule + collection: CORE_BPF + forceCollection: false imageFlavor: Regular taintToleration: TolerateTaints + clusterName: {{ .Values.stackrox.clusterName | quote }} + centralEndpoint: 'central.{{ .Values.stackrox.namespace }}:443' EOF exit 0; imagePullPolicy: Always @@ -143,4 +199,4 @@ spec: restartPolicy: OnFailure serviceAccount: configure-stackrox serviceAccountName: configure-stackrox - terminationGracePeriodSeconds: 10 + terminationGracePeriodSeconds: 10 \ No newline at end of file diff --git a/charts/stackrox/values.yaml b/charts/stackrox/values.yaml index e7e8f89b..1b8779b6 100644 --- a/charts/stackrox/values.yaml +++ b/charts/stackrox/values.yaml @@ -6,7 +6,7 @@ stackrox: operator: namespace: openshift-operators name: rhacs-operator - channel: latest + channel: stable approval: Automatic operatorName: rhacs-operator sourceName: redhat-operators @@ -18,4 +18,4 @@ stackrox: limits: cpu: 500m requests: - cpu: 100m + cpu: 100m \ No newline at end of file