disable redis-ha external

chart/values.yaml

@@ -12,11 +12,8 @@ monitoring:
   enabled: false
   namespace: monitoring
 
-# This key configures Redis-HA subchart and when enabled (redis-ha.enabled=true)
-# the custom redis deployment is omitted
 redis-ha:
-  enabled: true
-  # Check the redis-ha chart for more properties
+  enabled: false
 
 # Enterprise license: Specify your multiline license
 # enterpriseLicenseYaml: |
@@ -147,7 +144,7 @@ ingress:
 # Global configuration shared by all anchore-engine services.
 anchoreGlobal:
   # Image used for all anchore engine deployments (excluding enterprise components).
-  image: registry1.dso.mil/ironbank/anchore/engine/engine:0.9.0
+  image: registry1.dso.mil/ironbank/anchore/engine/engine:0.9.2
   imagePullPolicy: IfNotPresent
 
   # Set image pull secret name if using an anchore-engine image from a private registry
@@ -473,6 +470,8 @@ anchoreCatalog:
     repo_watcher: 60
     # Interval for when the catalog garbage collects images marked for deletion
     image_gc: 60
+    # Interval for the runtime inventory image execution poll
+    k8s_watcher: 300
 
   # Event log configuration for webhooks
   events:
@@ -600,6 +599,13 @@ anchoreCatalog:
   tolerations: []
   affinity: {}
 
+  runtime_inventory:
+    # This setting tells Anchore how long an image can be missing from an inventory report before it is removed from
+    # The working set. Note: The image will still have a historical record in the reports service, subject to data history
+    # constraints as part of that service.
+    # Note: if a runtime inventory image's digest is also in anchore for regular image analysis, it won't be removed.
+    image_ttl_days: 1
+
 # Pod configuration for the anchore engine policy service.
 anchorePolicyEngine:
   replicaCount: 1
@@ -682,7 +688,7 @@ anchoreEnterpriseGlobal:
   # Create this secret with the following command - kubectl create secret generic anchore-enterprise-license --from-file=license.yaml=<PATH TO LICENSE.YAML>
   licenseSecretName: anchore-enterprise-license
 
-  image: registry1.dso.mil/ironbank/anchore/enterprise/enterprise:3.0.0
+  image: registry1.dso.mil/ironbank/anchore/enterprise/enterprise:3.0.1
   imagePullPolicy: IfNotPresent
   # Name of the kubernetes secret containing your dockerhub creds with access to the anchore enterprise images.
   # Create this secret with the following command - kubectl create secret docker-registry anchore-dockerhub-creds --docker-server=docker.io --docker-username=<USERNAME> --docker-password=<PASSWORD> --docker-email=<EMAIL_ADDRESS>
@@ -931,7 +937,7 @@ anchoreEnterpriseNotifications:
 anchoreEnterpriseUi:
   # If enabled is set to false, set anchore-ui-redis.enabled to false to ensure that helm doesn't stand up a unneccessary redis instance.
   enabled: true
-  image: registry1.dso.mil/ironbank/anchore/enterpriseui/enterpriseui:3.0.0
+  image: registry1.dso.mil/ironbank/anchore/enterpriseui/enterpriseui:3.0.1
   imagePullPolicy: IfNotPresent
   imagePullSecretName: private-registry
 
@@ -1041,29 +1047,28 @@ anchoreEnterpriseUi:
 anchore-ui-redis:
   # Use Ironbank image + pull secret
   image:
-    registry: 
-    repository: 
-    tag: 
-    pullSecrets: [ ]
-      
+    registry: registry1.dso.mil/ironbank
+    repository: opensource/redis/redis6
+    tag: 6.0.4
+    pullSecrets:
+      - private-registry
   # Use Ironbank start-up script
-  #master:
-   # command:
-  #slave:
-   # command: 
-  #password: 
-  #cluster:
-   # enabled: 
-  #persistence:
-   # enabled: 
+  master:
+    command: "docker-entrypoint.sh"
+  slave:
+    command: "docker-entrypoint.sh"
+  password: anchore-redis,123
+  cluster:
+    enabled: false
+  persistence:
+    enabled: false
 
   # To use an external redis endpoint, uncomment to set 'enabled: false'
-  enabled: false
+  # enabled: false
 
   # If 'enabled: false', specify an external redis endpoint -
   # eg redis://:<password>@hostname:6379
-  externalEndpoint: redis://:password@redis-master.default.svc.cluster.local :6379
-
+  externalEndpoint: Null
 
 # Pod configuration for the helm post-install-hook enterprise engine upgrade Job
 anchoreEnterpriseEngineUpgradeJob: