# Default values for harbor-scanner-sysdig-secure. # This is a YAML-formatted file. # Declare variables to be passed into your templates. replicaCount: 1 image: repository: sysdiglabs/harbor-scanner-sysdig-secure pullPolicy: IfNotPresent imagePullSecrets: [] nameOverride: "" fullnameOverride: "" podAnnotations: {} serviceAccount: # Specifies whether a service account should be created create: true # Annotations to add to the service account annotations: {} # The name of the service account to use. # If not set and create is true, a name is generated using the fullname template name: rbac: create: true podSecurityContext: {} # fsGroup: 2000 securityContext: {} # capabilities: # drop: # - ALL # readOnlyRootFilesystem: true # runAsNonRoot: true # runAsUser: 1000 service: type: ClusterIP port: 5000 resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little # resources, such as Minikube. If you do want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. # limits: # cpu: 100m # memory: 128Mi # requests: # cpu: 100m # memory: 128Mi nodeSelector: {} tolerations: [] affinity: {} # Custom entrypoint for the harbor plugin customEntryPoint: [] sysdig: secure: # **required** # API Token to access Sysdig Secure. # If neither this value nor `sysdig.secure.existingSecureAPITokenSecret` are configured, the # user will be required to provide the deployment the `SECURE_API_TOKEN` environment variables. apiToken: "" # Alternatively, specify the name of a Kubernetes secret containing an 'sysdig_secure_api_token' entry existingSecureAPITokenSecret: "" # Sysdig backend URL (SaaS Regions API endpoints are listed here: https://docs.sysdig.com/en/docs/administration/saas-regions-and-ip-ranges/) url: "https://secure.sysdig.com" verifySSL: true proxy: httpProxy: httpsProxy: # Comma-separated list of domain extensions proxy should not be used for. # Include in noProxy the internal IP of the kubeapi server, # and you probably need to add your registry if it is inside the cluster noProxy: inlineScanning: enabled: true asyncMode: enabled: "false"