Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(helm): add support for setting trivy container commands and args and statefulset automountServiceAccountToken #5688

Closed
wants to merge 10 commits into from
Closed

feat(helm): add support for setting trivy container commands and args and statefulset automountServiceAccountToken #5688

wants to merge 10 commits into from

Conversation

meDracula
Copy link

Description

This PR add helm support feature for modifying Trivy container command and args and the statefulset automountServiceAccountToken boolean logic.

A specific use-case this PR solves is if the user wants to inject secrets from the vault agent injector sidecar

See #5677

Related issues

Checklist

  • I've read the guidelines for contributing to this repository.
  • I've followed the conventions in the PR title.
  • I've added tests that prove my fix is effective or that my feature works.
  • I've updated the documentation with the relevant information (if needed).
  • I've added usage information (if the PR introduces new options)
  • I've included a "before" and "after" example to the description (if the PR is a user interface change).

@CLAassistant
Copy link

CLAassistant commented Nov 30, 2023
edited

CLA assistant check
All committers have signed the CLA.

@meDracula meDracula force-pushed the feat/trivy-helm-allow-vault-agent-inject-capability branch from 7eeb6b9 to e984d3e Compare November 30, 2023 10:39
@chen-keinan chen-keinan changed the title feat(helm) add support for setting trivy container commands and args and statefulset automountServiceAccountToken feat(helm): add support for setting trivy container commands and args and statefulset automountServiceAccountToken Nov 30, 2023
@meDracula meDracula force-pushed the feat/trivy-helm-allow-vault-agent-inject-capability branch from e984d3e to ade0d19 Compare November 30, 2023 14:35
@meDracula
Copy link
Author

Is it possible to re-run the workflow, was unclear of why it failed 🙏

The workflow original issue was appeared to be a download failure of permission denied 🤷 . However it also failed since I hadn't properly signed the commits with the author of my Github user. This have been fixed. And I would like to see if the error is still left or if the author reassignment fixed it.

chen-keinan
chen-keinan reviewed Jan 10, 2024
View reviewed changes
helm/trivy/templates/statefulset.yaml
args:
- server
{{- if .Values.trivy.command }}
command: {{ .Values.trivy.command | toJson }}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I didn't saw trivy.command on values.yaml file , am I missing anything ?

@github-actions GitHub Actions
Copy link

This PR is stale because it has been labeled with inactivity.

@github-actions github-actions bot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and will be auto-closed. label Mar 11, 2024
@github-actions github-actions bot closed this Mar 31, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chen-keinan chen-keinan chen-keinan left review comments

Assignees
No one assigned
Labels
lifecycle/stale Denotes an issue or PR has remained open with no activity and will be auto-closed.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Helm doesn't support custom container commands and args and setting automountServiceAccountToken
3 participants
@meDracula @CLAassistant @chen-keinan