feat: configure some logon, intelligence, and scan settings via helm values
General MR
Summary
Several settings that were previously managed only through the UI are now configured by the init job using helm values.
Relevant logs/screenshots
Linked Issue
Upgrade Notices
A few settings that were previously manually configured through the user interface are now configured with helm values. It is recommended to review your current settings and override as needed to avoid unexpected configuration changes. Note that basic authentication is enabled by default, because prometheus's metrics scraping depends on it. If don't need those metrics, basic authentication can be disabled.
| Helm Value | Default | Corresponding Setting in Console UI |
|---|---|---|
console.options.intelligence.uploadDisabled |
true |
Allow admins and operators to upload logs to Customer Support directly from the Console UI |
console.options.scan.scanRunningImages |
false |
Only scan images with running containers |
console.options.logon.useSupportCredentials |
false |
Enable context sensitive help and single sign on to the Prisma Cloud Support site |
console.options.logon.requireStrongPassword |
true |
Require strong passwords for local accounts |
console.options.logon.basicAuthDisabled |
false |
Disable basic authentication for the API |
Example values for the Big Bang chart:
twistlock:
values:
console:
options:
intelligence:
uploadDisabled: true
scan:
scanRunningImages: false
logon:
useSupportCredentials: false
requireStrongPassword: true
basicAuthDisabled: falseEdited by Jonathan Braswell