diff --git a/chart/templates/anchore/values.yaml b/chart/templates/anchore/values.yaml
index 7ebb6ffa4895679ca4ce130529b7bd476982ab1b..c22fcf1dea47d6e55f97a60553ebf23d4992691d 100644
--- a/chart/templates/anchore/values.yaml
+++ b/chart/templates/anchore/values.yaml
@@ -19,6 +19,17 @@ istio:
monitoring:
enabled: {{ .Values.monitoring.enabled }}
+ {{- if and .Values.istio.enabled (eq (dig "istio" "injection" "enabled" .Values.addons.anchore) "enabled") }}
+ {{- if (eq (dig "values" "istio" "mtls" "mode" "STRICT" .Values.addons.anchore) "STRICT") }}
+ serviceMonitor:
+ scheme: "https"
+ tlsConfig:
+ caFile: /etc/prom-certs/root-cert.pem
+ certFile: /etc/prom-certs/cert-chain.pem
+ keyFile: /etc/prom-certs/key.pem
+ insecureSkipVerify: true
+ {{- end }}
+ {{- end }}
networkPolicies:
enabled: {{ .Values.networkPolicies.enabled }}
@@ -122,6 +133,16 @@ ui-redis:
selector:
app.kubernetes.io/name: anchore-ui-redis
app.kubernetes.io/instance: anchore
+ {{- if and .Values.istio.enabled (eq (dig "istio" "injection" "enabled" .Values.addons.anchore) "enabled") }}
+ {{- if (eq (dig "values" "istio" "mtls" "mode" "STRICT" .Values.addons.anchore) "STRICT") }}
+ scheme: "https"
+ tlsConfig:
+ caFile: /etc/prom-certs/root-cert.pem
+ certFile: /etc/prom-certs/cert-chain.pem
+ keyFile: /etc/prom-certs/key.pem
+ insecureSkipVerify: true
+ {{- end }}
+ {{- end }}
prometheusRule:
enabled: true
namespace: monitoring
diff --git a/chart/values.yaml b/chart/values.yaml
index f07b087ad9641a3f53e8d3c118615fc57753f5ef..bca44b7c28e0d29c898994bfc20cf39d04d86a30 100644
--- a/chart/values.yaml
+++ b/chart/values.yaml
@@ -1145,7 +1145,7 @@ addons:
git:
repo: https://repo1.dso.mil/platform-one/big-bang/apps/security-tools/anchore-enterprise.git
path: "./chart"
- tag: "1.19.7-bb.2"
+ tag: "1.19.7-bb.3"
# -- Flux reconciliation overrides specifically for the Anchore Package
flux: