Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

trivy-operator integration with kube-enforcer #566

Open
wants to merge 1 commit into
base: 2022.4
Choose a base branch
from

Conversation

KiranBodipi
Copy link
Contributor

With this change, we are replacing starboard operator with trivy operator

  1. We have updated kube_enforcer,kube_enforcer_advanced manifest files with Trivy Operator Resources
  2. Moved starboard manifest files to kube_enforcer_starbaord and kube_enforcer_advanced_starboard
  3. Upgraded trivy-operator version with latest (0.20.1) as the existing version has critical vulnerabilities
  4. Added CONTROLLER_CACHE_SYNC_TIMEOUT to trivy deployment config manifest to avoid CRD sync issue
  5. Upgraded kube-bench version with latest (v0.7.3)
  6. Updated relevant gen_ke_certs.sh and readme files

With this change, we are replacing starboard operator with trivy operator
1. We have updated kube_enforcer,kube_enforcer_advanced manifest files with Trivy Operator Resources
2. Moved starboard manifest files to kube_enforcer_starbaord and kube_enforcer_advanced_starboard
3. Upgraded trivy-operator version to  latest (0.20.1)as the existing version has critical vulnerabilities
4. Upgraded kube-bench version with latest (v0.7.3)
5. Upgraded relevant gen_ke_certs.sh and readme files
KiranBodipi added a commit to KiranBodipi/deployments that referenced this pull request May 16, 2024
With this change, we are replacing starboard operator with trivy operator
1. We have updated kube_enforcer,kube_enforcer_advanced manifest files with Trivy Operator Resources
2. Moved starboard manifest files to kube_enforcer_starbaord and kube_enforcer_advanced_starboard
3. Updated relevant gen_ke_certs.sh and readme files
Reference PR: aquasecurity#566

4. Upgraded trivy-operator version to  latest (0.20.1)as the existing version has critical vulnerabilities
5. Upgraded kube-bench version with latest (v0.7.3)
Reference PR: aquasecurity#567

6. Added keys for Admission Control when the GW is disconnected, Enable workload discovery, Register discovered pod images, and Add discovered registries.
7. Removed the AQUA_WATCH_CONFIG_AUDIT_REPORT key as it is no longer supported.
Reference PR: aquasecurity#565
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant