From a208788f17356c3e29df202eae1397791a599c5a Mon Sep 17 00:00:00 2001 From: CatalogBot Date: Tue, 24 Dec 2024 11:15:43 +0000 Subject: [PATCH] add security-bundle-1.9.1-dabb992d25c53af3876c9c8e9f19347801bc7ce7.tgz security-bundle-1.9.1-dabb992d25c53af3876c9c8e9f19347801bc7ce7.tgz-meta/README.md security-bundle-1.9.1-dabb992d25c53af3876c9c8e9f19347801bc7ce7.tgz-meta/main.yaml security-bundle-1.9.1-dabb992d25c53af3876c9c8e9f19347801bc7ce7.tgz-meta/values.schema.json --- index.yaml | 22 +- ...bb992d25c53af3876c9c8e9f19347801bc7ce7.tgz | Bin 0 -> 3262 bytes .../README.md | 185 ++++++++++ .../main.yaml | 13 + .../values.schema.json | 348 ++++++++++++++++++ 5 files changed, 567 insertions(+), 1 deletion(-) create mode 100644 security-bundle-1.9.1-dabb992d25c53af3876c9c8e9f19347801bc7ce7.tgz create mode 100644 security-bundle-1.9.1-dabb992d25c53af3876c9c8e9f19347801bc7ce7.tgz-meta/README.md create mode 100644 security-bundle-1.9.1-dabb992d25c53af3876c9c8e9f19347801bc7ce7.tgz-meta/main.yaml create mode 100644 security-bundle-1.9.1-dabb992d25c53af3876c9c8e9f19347801bc7ce7.tgz-meta/values.schema.json diff --git a/index.yaml b/index.yaml index 9dff764682..69ef32b265 100644 --- a/index.yaml +++ b/index.yaml @@ -13280,6 +13280,26 @@ entries: urls: - https://giantswarm.github.io/giantswarm-test-catalog/security-bundle-1.9.1-db97629c339185fbae7e93bc252676e2d94a7f35.tgz version: 1.9.1-db97629c339185fbae7e93bc252676e2d94a7f35 + - annotations: + application.giantswarm.io/app-type: bundle + application.giantswarm.io/in-cluster-app: "true" + application.giantswarm.io/metadata: https://giantswarm.github.io/giantswarm-test-catalog/security-bundle-1.9.1-dabb992d25c53af3876c9c8e9f19347801bc7ce7.tgz-meta/main.yaml + application.giantswarm.io/readme: https://giantswarm.github.io/giantswarm-test-catalog/security-bundle-1.9.1-dabb992d25c53af3876c9c8e9f19347801bc7ce7.tgz-meta/README.md + application.giantswarm.io/team: shield + application.giantswarm.io/values-schema: https://giantswarm.github.io/giantswarm-test-catalog/security-bundle-1.9.1-dabb992d25c53af3876c9c8e9f19347801bc7ce7.tgz-meta/values.schema.json + apiVersion: v2 + created: "2024-12-24T11:15:43.446788028Z" + description: A Helm chart for Giant Swarm's collection of open-source security + tools. + digest: dff0b5131e112f136bca8634143fc4dbad5b51fcc3cec23d0cee302e3933b7bf + home: https://github.com/giantswarm/security-bundle + icon: https://s.giantswarm.io/app-icons/giantswarm/1/dark.svg + name: security-bundle + sources: + - https://github.com/giantswarm/security-bundle + urls: + - https://giantswarm.github.io/giantswarm-test-catalog/security-bundle-1.9.1-dabb992d25c53af3876c9c8e9f19347801bc7ce7.tgz + version: 1.9.1-dabb992d25c53af3876c9c8e9f19347801bc7ce7 - annotations: application.giantswarm.io/app-type: bundle application.giantswarm.io/in-cluster-app: "true" @@ -16717,4 +16737,4 @@ entries: urls: - https://giantswarm.github.io/giantswarm-test-catalog/zot-2.0.0-9afe78380a7b5315ff0f2c37eb29bb4c27eb545d.tgz version: 2.0.0-9afe78380a7b5315ff0f2c37eb29bb4c27eb545d -generated: "2024-12-24T11:12:23.096192574Z" +generated: "2024-12-24T11:15:43.44575359Z" diff --git a/security-bundle-1.9.1-dabb992d25c53af3876c9c8e9f19347801bc7ce7.tgz b/security-bundle-1.9.1-dabb992d25c53af3876c9c8e9f19347801bc7ce7.tgz new file mode 100644 index 0000000000000000000000000000000000000000..b4ecea58dab35372c9790831338c10003137c2c9 GIT binary patch literal 3262 zcmV;v3_Dc zVQyr3R8em|NM&qo0PH>MbKAC)`OLp!hxTvI?v<2e#de~Z&YUN8dpEtbp1RkY`_zHR zm4t>OPykY_I{x2p@ZeLVBtIg@De=W3u)sdBFTm1LVzdxct%C6)jT7v>n-QVH6`3cm zo~-rz{r=hO*XD1(->?5Y>G#iH4PKuQPfiEJ^WpGSfAD%ZIC};Crz4@gEudd{6M$(iiq9{w{$O9mpCp0q8;gph8$&WN~@{f$%Rs7Oo{8No~`E=RpyX?#l6Y%$hgMQ5N;svshYBy8HN>2WX!--d%ACgbtj zw>Xyli{25v*>N~2H#EwZ-=kX-}DFL=sd#nP)+|1GzGmmp{Y^-jl>Eh@f@F- z)L$*o6JQ+EK(d915Hfl}F_y^C zo3ZMy8h#@-FEL!_(W8+jA)6x`%tk}V@)CnyOvHy!E~j2fG{*XxmOMG~f_oCP%tUlQ z$$QW3hPw7ltseiKBsw)XfQux73(h5cq)7r}1e!`kk_2O*DX1Bhpxv3|BtlrE2}%iUi9*mg#uUbw zu#ce!1<(lmn*RBocL4t*QGiuMh=`sDT(BjLF@_~2K;RuqCv^Ira9{$iF%oF~K9Xn# zG>z$!#tV|@Xy+ZkLeg{!YK9<{SVU?e5af(~%t`VV5`|q;bBZ?+n#l4iMr=OEG)AHO z0iq1AeFR5k_5@IfD{Gv^*N(?)MbemvSeC~DFr6?FVLSqzCFMh+j@-6LAW`^pA;Jks zq@Fb)NyPR~W(jSnBfuNZgsPHW!E(hC8m+3s8FvL!e^Nmb6l$M*eON6~q|YGAs0QfF ztB{7H>|GAGSAm!vqqr+-H!I+kX*n#7jhFd>&}1R-BC;;$(&DZmUH!sQ5XJUtg-X!n zYDa`6Slh&yL^aiy{4youL}SSI(@eW3Z}pYe*YybJWWS>%=EQGYZJ&pStRvi%sqwDN^40zgK*$g zqhu}+(^nTjsk4RQ&&!kzqYWGV)-qC!j5#k^cb%PT|FdwEkqJt~IkJUv9{M0Zug5H^-vvxjDVk0Led16U zo4bL`tMpv3H_j%=mN!p5vohoPB^{J`Yx8nwkhZK?Yb{hIquT+$>1dHdzqj@*2f*E!w-WK$^ii_f4aFN`oFIk}AQ?iO`9b ziFUGMMnrsBIf>?S$;b1fYF##M5W5G@Co{$tQc7IEvEHh55Xm_;eRbwaozIdC82pXV zWN3A|;cQgpsMXCjjXoof86l0#>a6`)@Bdove@p*)c|4BI_rE9S!_%|c{qI@-b-%m+ z-AB7MD(N5E4fjXj>i|6J_4L-ee+Gt3Ondg@f&ZuveJMKY?qWNYePJs5Ri`0)J|wt*u*0Hv2E+drgA-Y*D>6yS4j6ZP@ypM)wc%PWG-nnd~=0 zw2!{D`1wx6?OWQ#&|Q&z&1v61`R1$kMUBo+GbnlP||k{>fo%?JJ+1X}&Pi>}+LUwqm}U+Sx~EA1_K_yR%8BxI18bKE?H# zpGw5~dBu(PFGSbLDNnb*ZGY-7Q*RH2TV=Hi@8$X;4`aWm)Uj0rUX_+R@2)FzwASjs z|4=yR2~j9}f6Or9C}gPkBTE5otN%9`)a(D9oezfH??3j@4&b-T_gDXY@!Mr^adkC< z-)2+-l^{_8kw8Eok<55+h;c#|iTV~MhzU#tqWLNGjHFWxJ@59m_YExRd}Jn1XoA`x zzng0bM>8D3H@&+%1La-baFWKRB#-tyz$WIi2}+^o-~x@1rf9vB4}t3qZH-DDyxkYS{&*-;XHcA$8q4HrFyu63c?asP(&(VvP4CyN#$cwlq~9Y&KBZ zsZ1wpX~H3Vf>g)GRKaUI)fV2py)AS)?{+`_*JI7QEIFDQY=?p^LV8pJ-l!chlXytC;^VO;Gp|>oS;!8`Wuwa%D=z11Uhrs&su4^l9mkc$G;g`yLFl5Rbr_W@ zy_v-qz;2^AXl>!@1HIUT6t&Uql*w$@syccL_gMT}A8H@lckCYfB-4ycmCf;tG!mG`E?|p=VdF8dvOY;Q<~xkrcCkVK`(B}U$Uap{Kvdz#oPHM zN)LE1lD*pX?F)Q1gBGu7^0T)oY~BC5{YSLtlEmQ2UIntv{s(7k_1{j_bIB6Onhj1wL`T!>T`45wXSuoYhC;Q00030{{hOV`2chP0DUERAOHXW literal 0 HcmV?d00001 diff --git a/security-bundle-1.9.1-dabb992d25c53af3876c9c8e9f19347801bc7ce7.tgz-meta/README.md b/security-bundle-1.9.1-dabb992d25c53af3876c9c8e9f19347801bc7ce7.tgz-meta/README.md new file mode 100644 index 0000000000..2cace3fd6a --- /dev/null +++ b/security-bundle-1.9.1-dabb992d25c53af3876c9c8e9f19347801bc7ce7.tgz-meta/README.md @@ -0,0 +1,185 @@ +[![CircleCI](https://circleci.com/gh/giantswarm/security-bundle.svg?style=shield)](https://circleci.com/gh/giantswarm/security-bundle) + +# Giant Swarm Security Bundle + +Giant Swarm offers a [managed security bundle][security-bundle] which provides an unintrusive baseline for security observability and enforcement in Kubernetes clusters. This App is a convenient wrapper containing multiple other Apps which make up the security bundle. See our full [App Bundle reference][app-bundle] to learn more. + +By default, installing the security bundle in a cluster includes: + +- Kyverno, from our [`kyverno-app`][kyverno-app] + - our [`kyverno-policies`][kyverno-policies] app for Kubernetes Pod Security Standards (PSS) + +- components supporting our Policy API features + - our [`kyverno-policy-operator`][kyverno-policy-operator] app, which orchestrates our managed Kyverno policies. + - our [`exception-recommender`][exception-recommender] app, which recommends possible Giant Swarm PolicyExceptions for non-compliant workloads. + +Some optional components are also installable from this bundle, including: + +- Falco, from our [`falco-app`][falco-app] +- Trivy, from our [`trivy-app`][trivy-app] +- Trivy Operator, from our [`trivy-operator`][trivy-operator-app] app + - our [`starboard-exporter`][starboard-exporter] for exposing metrics +- Jiralert, from our [`jiralert-app`][jiralert-app], for automatically creating Jira issues from security findings + +Several additional components deployable from the bundle are under development for future platform features. These are platform-internal and not intended for direct customer use, but can be optionally enabled to test upcoming improvements to report storage. + +- CloudNative PG, from our [`cloudnative-pg-app`][cnpg-app] +- EdgeDB, from our [`edgedb-app`][edgedb-app] +- Kyverno Reports Server, from our [`reports-server-app`][reports-server-app] + +Previous versions of the pack included Starboard, from our [`starboard-app`][starboard-app]. Starboard has been deprecated in favor of Trivy Operator, and we have removed the Starboard app from this app bundle as of v0.13.0. + +Apps can be selectively enabled or disabled using the `enabled` setting for that app in the `security-bundle` Helm values. + +More information and configuration options can be found in each app repository. + +## Installing + +:warning: **In version `v1.0.0` PSPs are disabled by default. Clusters running versions older than `1.25.0` must enable the PSPs in the userconfig of the `values.yaml` file before installing the Security Bundle or use older `v0.x.x` versions.** + +### Compatibility Matrix + +| Bundle Version | K8s Version | GS Release | Branch | PSS Policy State | PSPs installed | +|:---:|:---:|:---:|:---:|:---:|:---:| +| v1.x.x | >= v1.25.0 | >= v20.0.0 | `main` | enforce | no | +| v1.x.x | v1.24.x | >= v19.3.0, < v20.0.0 | `main` | enforce | no | +| v0.x.x | < v1.25.0 | >= v19.1.0, < v19.3.0 | `legacy` | audit | yes | + +### Upgrading from a self-managed to a preinstalled `security-bundle` + +The `security-bundle` is now being installed by default in new Giant Swarm cluster versions. + +When upgrading from a cluster where the bundle was not preinstalled, it is possible that the installation of the bundle will fail if the bundle itself, or one of its apps (like Kyverno) was installed as an optional app prior to the upgrade. + +We are working on an automated way to resolve this condition, but due to technical limitations and variation between how customers manage Apps (e.g. gitops) we currently recommend uninstalling any customer-installed `security-bundle`, `kyverno-app`, and `kyverno-policies` Apps installed in a cluster when upgrading to a version containing the bundle by default. + +### Updating from `security-pack` + +To change an existing `security-pack` install to a `security-bundle`, the following changes must be made: +- any overrides to the Apps `configMap` or `secret` inside the `userConfig` key must be switched from string to object. +- any overrides to the `kyverno-policies` App in the `security-bundle` App values configuration must be replaced with equivalent overrides under the `kyvernoPolicies` key. The key `kyverno-policies` has been renamed to `kyvernoPolicies` only to simplify its usage in Helm. The name of the `kyverno-policies` App itself is unchanged. +- if using the default installation namespace (`security-pack`), any logic which depends on that namespace must be updated to reference the new default namespaces (`security-bundle`). If setting a custom installation namespace, no change is required. +- if the existing `security-pack` App CR is installing from the `playground` catalog, the catalog must be changed to `giantswarm`. The `security-bundle` will not be pushed to the `playground` catalog. +- after the above changes have been made, the old `security-pack` CR must be deleted before the new `security-bundle` CR can then be created. + + +This "App of Apps" method is rather new and our UX tooling is still catching up, so our normal App installation methods may or may not work for you depending on your management cluster and component versions. + +The currently recommended way to install the security bundle is: + +1. Create `user-values.yaml` containing the name of the cluster where the Apps should be installed, and the organization where that cluster is running: + + ```yaml + clusterID: demo1 + organization: demo-team + ``` + +2. Use `kubectl gs` to template the "outer" App CR: + + ```shell + $ kubectl gs template app \ + --catalog giantswarm \ + --name security-bundle \ + --app-name demo01-security-bundle \ + --in-cluster \ + --cluster-name demo01 \ + --target-namespace demo01 \ + --version 0.0.1 \ + --user-configmap user-values.yaml > outerApp.yaml + ``` + +3. Apply the generated App CR and ConfigMap to the management cluster: + + ```shell + $ kubectl --context= apply -f outerApp.yaml + configmap/security-bundle-userconfig created + app.application.giantswarm.io/security-bundle created + ``` + +Support for these methods are not yet officially supported, but may still work: + +1. [Using our web interface](https://docs.giantswarm.io/ui-api/web/app-platform/#installing-an-app) +2. [Using our API](https://docs.giantswarm.io/api/#operation/createClusterAppV5) + +### **Important** + +If you are not using `kubectl gs` plugin, plese remember to ensure the correct label: `app-operator.giantswarm.io/version: 0.0.0` is set on the App CR. Missing this configuration will result with stuck deployment of an app. + +When naming the App CR, please make sure the name is unique within the Management Cluster, using just `security-bundle` +name for two or more App CRs may lead to unexpected behavior. It is recommended to use cluster name as a prefix or suffix, +for example `demo01-security-bundle` or `security-bundle-demo1`. + +## Configuring + +### values.yaml + +**This is an example of a values file you could upload using our web interface.** + +```yaml +# values.yaml +clusterID: demo1 +organization: demo-team +``` + +### Sample App CR and ConfigMap for the management cluster + +If you have access to the Kubernetes API on the management cluster, you could create +the App CR and ConfigMap directly. + +Here is an example that would install the app to +workload cluster `abc12`: + +```yaml +# appCR.yaml +apiVersion: application.giantswarm.io/v1alpha1 +kind: App +metadata: + labels: + app-operator.giantswarm.io/version: 0.0.0 + giantswarm.io/cluster: demo1 + name: security-bundle + namespace: demo1 +spec: + catalog: giantswarm + kubeConfig: + inCluster: true + name: security-bundle + namespace: demo1 + userConfig: + configMap: + name: security-bundle-userconfig + namespace: demo1 + version: 0.0.1 +``` + +```yaml +# user-values-configmap.yaml +apiVersion: v1 +data: + values: | + clusterID: demo1 + organization: giantswarm +kind: ConfigMap +metadata: + creationTimestamp: null + name: security-bundle-userconfig + namespace: demo1 +``` + +See our [full reference page on how to configure applications](https://docs.giantswarm.io/app-platform/app-configuration/) for more details. + +[app-bundle]: https://docs.giantswarm.io/getting-started/app-platform/app-bundle/ +[cnpg-app]: https://github.com/giantswarm/cloudnative-pg-app +[edgedb-app]: https://github.com/giantswarm/edgedb-app +[exception-recommender]: https://github.com/giantswarm/exception-recommender +[falco-app]: https://github.com/giantswarm/falco-app +[jiralert-app]: https://github.com/giantswarm/jiralert-app +[kyverno-app]: https://github.com/giantswarm/kyverno-app +[kyverno-policies]: https://github.com/giantswarm/kyverno-policies/ +[kyverno-policy-operator]: https://github.com/giantswarm/kyverno-policy-operator +[reports-server-app]: https://github.com/giantswarm/reports-server-app +[security-bundle]: https://docs.giantswarm.io/app-platform/apps/security/ +[starboard-app]: https://github.com/giantswarm/starboard-app +[starboard-exporter]: https://github.com/giantswarm/starboard-exporter/ +[trivy-app]: https://github.com/giantswarm/trivy-app/ +[trivy-operator-app]: https://github.com/giantswarm/trivy-operator-app diff --git a/security-bundle-1.9.1-dabb992d25c53af3876c9c8e9f19347801bc7ce7.tgz-meta/main.yaml b/security-bundle-1.9.1-dabb992d25c53af3876c9c8e9f19347801bc7ce7.tgz-meta/main.yaml new file mode 100644 index 0000000000..73dfca7177 --- /dev/null +++ b/security-bundle-1.9.1-dabb992d25c53af3876c9c8e9f19347801bc7ce7.tgz-meta/main.yaml @@ -0,0 +1,13 @@ +annotations: + application.giantswarm.io/app-type: bundle + application.giantswarm.io/in-cluster-app: 'true' + application.giantswarm.io/metadata: https://giantswarm.github.io/giantswarm-test-catalog/security-bundle-1.9.1-dabb992d25c53af3876c9c8e9f19347801bc7ce7.tgz-meta/main.yaml + application.giantswarm.io/readme: https://giantswarm.github.io/giantswarm-test-catalog/security-bundle-1.9.1-dabb992d25c53af3876c9c8e9f19347801bc7ce7.tgz-meta/README.md + application.giantswarm.io/team: shield + application.giantswarm.io/values-schema: https://giantswarm.github.io/giantswarm-test-catalog/security-bundle-1.9.1-dabb992d25c53af3876c9c8e9f19347801bc7ce7.tgz-meta/values.schema.json +chartApiVersion: v2 +chartFile: security-bundle-1.9.1-dabb992d25c53af3876c9c8e9f19347801bc7ce7.tgz +dateCreated: '2024-12-24T11:15:38.508608Z' +digest: dff0b5131e112f136bca8634143fc4dbad5b51fcc3cec23d0cee302e3933b7bf +home: https://github.com/giantswarm/security-bundle +icon: https://s.giantswarm.io/app-icons/giantswarm/1/dark.svg diff --git a/security-bundle-1.9.1-dabb992d25c53af3876c9c8e9f19347801bc7ce7.tgz-meta/values.schema.json b/security-bundle-1.9.1-dabb992d25c53af3876c9c8e9f19347801bc7ce7.tgz-meta/values.schema.json new file mode 100644 index 0000000000..f2b55a6d47 --- /dev/null +++ b/security-bundle-1.9.1-dabb992d25c53af3876c9c8e9f19347801bc7ce7.tgz-meta/values.schema.json @@ -0,0 +1,348 @@ +{ + "$schema": "http://json-schema.org/schema#", + "type": "object", + "properties": { + "apps": { + "type": "object", + "properties": { + "cloudnativePG": { + "type": "object", + "properties": { + "appName": { + "type": "string" + }, + "catalog": { + "type": "string" + }, + "chartName": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "namespace": { + "type": "string" + }, + "version": { + "type": "string" + } + } + }, + "edgedb": { + "type": "object", + "properties": { + "appName": { + "type": "string" + }, + "catalog": { + "type": "string" + }, + "chartName": { + "type": "string" + }, + "dependsOn": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "namespace": { + "type": "string" + }, + "version": { + "type": "string" + } + } + }, + "exceptionRecommender": { + "type": "object", + "properties": { + "appName": { + "type": "string" + }, + "catalog": { + "type": "string" + }, + "chartName": { + "type": "string" + }, + "dependsOn": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "version": { + "type": "string" + } + } + }, + "falco": { + "type": "object", + "properties": { + "appName": { + "type": "string" + }, + "catalog": { + "type": "string" + }, + "chartName": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "version": { + "type": "string" + } + } + }, + "jiralert": { + "type": "object", + "properties": { + "appName": { + "type": "string" + }, + "catalog": { + "type": "string" + }, + "chartName": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "version": { + "type": "string" + } + } + }, + "kyverno": { + "type": "object", + "properties": { + "appName": { + "type": "string" + }, + "catalog": { + "type": "string" + }, + "chartName": { + "type": "string" + }, + "dependsOn": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "namespace": { + "type": "string" + }, + "options": { + "type": "object", + "properties": { + "install": { + "type": "object", + "properties": { + "timeout": { + "type": "string" + } + } + }, + "upgrade": { + "type": "object", + "properties": { + "timeout": { + "type": "string" + } + } + } + } + }, + "version": { + "type": "string" + } + } + }, + "kyvernoCrds": { + "type": "object", + "properties": { + "appName": { + "type": "string" + }, + "catalog": { + "type": "string" + }, + "chartName": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "namespace": { + "type": "string" + }, + "version": { + "type": "string" + } + } + }, + "kyvernoPolicies": { + "type": "object", + "properties": { + "appName": { + "type": "string" + }, + "catalog": { + "type": "string" + }, + "chartName": { + "type": "string" + }, + "dependsOn": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "namespace": { + "type": "string" + }, + "version": { + "type": "string" + } + } + }, + "kyvernoPolicyOperator": { + "type": "object", + "properties": { + "appName": { + "type": "string" + }, + "catalog": { + "type": "string" + }, + "chartName": { + "type": "string" + }, + "dependsOn": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "version": { + "type": "string" + } + } + }, + "reportsServer": { + "type": "object", + "properties": { + "appName": { + "type": "string" + }, + "catalog": { + "type": "string" + }, + "chartName": { + "type": "string" + }, + "dependsOn": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "namespace": { + "type": "string" + }, + "version": { + "type": "string" + } + } + }, + "starboardExporter": { + "type": "object", + "properties": { + "appName": { + "type": "string" + }, + "catalog": { + "type": "string" + }, + "chartName": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "namespace": { + "type": "string" + }, + "version": { + "type": "string" + } + } + }, + "trivy": { + "type": "object", + "properties": { + "appName": { + "type": "string" + }, + "catalog": { + "type": "string" + }, + "chartName": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "version": { + "type": "string" + } + } + }, + "trivyOperator": { + "type": "object", + "properties": { + "appName": { + "type": "string" + }, + "catalog": { + "type": "string" + }, + "chartName": { + "type": "string" + }, + "enabled": { + "type": "boolean" + }, + "version": { + "type": "string" + } + } + } + } + }, + "clusterID": { + "type": "string" + }, + "global": { + "type": "object", + "properties": { + "namespace": { + "type": "string" + } + } + }, + "organization": { + "type": "string" + }, + "userConfig": { + "type": "object" + } + } +}