Newer
Older
{{- if .Values.addons.anchore.enabled }}
apiVersion: helm.toolkit.fluxcd.io/v2beta1
kind: HelmRelease
metadata:
name: anchore
namespace: {{ .Release.Namespace }}
spec:
releaseName: anchore
targetNamespace: anchore
chart:
spec:
chart: {{ .Values.addons.anchore.git.path }}
interval: 5m
sourceRef:
kind: GitRepository
name: anchore
namespace: {{ .Release.Namespace }}
{{- with .Values.flux }}
interval: {{ .interval }}
test:
enable: false
install:
remediation:
retries: {{ .install.retries }}
upgrade:
remediation:
retries: {{ .upgrade.retries }}
remediateLastFailure: true
cleanupOnFail: true
rollback:
timeout: {{ .rollback.timeout }}
cleanupOnFail: {{ .rollback.cleanupOnFail }}
{{- end }}
valuesFrom:
- name: values
kind: Secret
valuesKey: "anchore.yaml"
values:
hostname: {{ .Values.hostname }}
istio:
enabled: {{ .Values.istio.enabled }}
monitoring:
enabled: {{ .Values.monitoring.enabled }}
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
{{- if and .Values.addons.anchore.enterprise.enabled .Values.addons.anchore.enterprise.licenseYaml }}
enterpriseLicenseYaml: |
{{ .Values.addons.anchore.enterprise.licenseYaml | nindent 6 }}
{{- end }}
{{- if .Values.addons.anchore.enterprise.enabled }}
sso:
enabled: {{ .Values.addons.anchore.sso.enabled }}
spEntityId: {{ .Values.addons.anchore.sso.client_id }}
acsUrl: "https://anchore.{{ .Values.hostname }}/service/sso/auth/keycloak"
idpMetadataUrl: "https://{{ .Values.sso.oidc.host }}/auth/realms/{{ .Values.sso.oidc.realm }}/protocol/saml/descriptor"
roleAttribute: {{ .Values.addons.anchore.sso.role_attribute }}
{{- end }}
anchoreEnterpriseGlobal:
enabled: {{ .Values.addons.anchore.enterprise.enabled }}
imagePullSecretName: private-registry
postgresql:
imagePullSecrets: private-registry
{{- if and .Values.addons.anchore.database.host .Values.addons.anchore.database.port .Values.addons.anchore.database.username .Values.addons.anchore.database.password .Values.addons.anchore.database.database }}
enabled: false
postgresUser: {{ .Values.addons.anchore.database.username }}
postgresPassword: {{ .Values.addons.anchore.database.password }}
postgresDatabase: {{ .Values.addons.anchore.database.database }}
externalEndpoint: "{{ .Values.addons.anchore.database.host }}:{{ .Values.addons.anchore.database.port }}"
{{- end }}
anchoreGlobal:
{{- if .Values.addons.anchore.adminPassword }}
defaultAdminPassword: {{ .Values.addons.anchore.adminPassword }}
{{- end }}
imagePullSecretName: private-registry
{{- if .Values.addons.anchore.enterprise.enabled }}
anchore-feeds-db:
imagePullSecrets: private-registry
{{- if and .Values.addons.anchore.database.host .Values.addons.anchore.database.port .Values.addons.anchore.database.username .Values.addons.anchore.database.password .Values.addons.anchore.database.feeds_database }}
enabled: false
postgresUser: {{ .Values.addons.anchore.database.username }}
postgresPassword: {{ .Values.addons.anchore.database.password }}
postgresDatabase: {{ .Values.addons.anchore.database.feeds_database }}
externalEndpoint: "{{ .Values.addons.anchore.database.host }}:{{ .Values.addons.anchore.database.port }}"
{{- end }}
anchoreEnterpriseUi:
imagePullSecretName: private-registry
anchore-ui-redis:
{{- if and .Values.addons.anchore.redis.host .Values.addons.anchore.redis.port .Values.addons.anchore.redis.password }}
enabled: false
externalEndpoint: "redis://:{{ .Values.addons.anchore.redis.password }}@{{ .Values.addons.anchore.redis.host }}:{{ .Values.addons.anchore.redis.port }}"
password: {{ .Values.addons.anchore.redis.password }}
{{- end }}
image:
pullSecrets:
- private-registry
{{- end }}
{{- if or .Values.istio.enabled .Values.monitoring.enabled }}
dependsOn:
{{- if .Values.istio.enabled }}
- name: istio
namespace: {{ .Release.Namespace }}
{{- end }}
{{- if .Values.monitoring.enabled }}
- name: monitoring
namespace: {{ .Release.Namespace }}
{{- end }}
{{- end }}
{{- end }}