diff --git a/stable/feeds/Chart.yaml b/stable/feeds/Chart.yaml index 2d50e449..671f894a 100644 --- a/stable/feeds/Chart.yaml +++ b/stable/feeds/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v2 name: feeds type: application -version: "2.4.1" -appVersion: "5.4.0" +version: "2.4.2" +appVersion: "5.4.1" kubeVersion: 1.23.x - 1.27.x || 1.23.x-x - 1.29.x-x description: Anchore feeds service keywords: diff --git a/stable/feeds/README.md b/stable/feeds/README.md index 613bfccc..05304411 100644 --- a/stable/feeds/README.md +++ b/stable/feeds/README.md @@ -313,7 +313,7 @@ anchoreConfig: | `url` | Set a custom feeds URL. Useful when using a feeds service endpoint that is external from the cluster. | `""` | | `fullnameOverride` | overrides the fullname set on resources | `""` | | `nameOverride` | overrides the name set on resources | `""` | -| `image` | Image used for feeds deployment | `docker.io/anchore/enterprise:v5.4.0` | +| `image` | Image used for feeds deployment | `docker.io/anchore/enterprise:v5.4.1` | | `imagePullPolicy` | Image pull policy used by all deployments | `IfNotPresent` | | `imagePullSecretName` | Name of Docker credentials secret for access to private repos | `anchore-enterprise-pullcreds` | | `serviceAccountName` | Name of a service account used to run all Feeds pods | `""` | @@ -368,7 +368,6 @@ anchoreConfig: | `configOverride` | Allows for overriding the default Anchore configuration file | `{}` | | `scripts` | Collection of helper scripts usable in all anchore enterprise pods | `{}` | - ### Anchore Feeds Configuration Parameters | Name | Description | Value | @@ -408,7 +407,6 @@ anchoreConfig: | `anchoreConfig.feeds.drivers.github.enabled` | Enable GitHub advisory feeds (requires GitHub PAT) | `false` | | `anchoreConfig.feeds.drivers.github.token` | GitHub developer personal access token with zero permission scopes | `""` | - ### Anchore Feeds Database Parameters | Name | Description | Value | @@ -423,7 +421,6 @@ anchoreConfig: | `feeds-db.primary.extraEnvVars` | An array to add extra environment variables | `[]` | | `feeds-db.image.tag` | Specifies the image to use for this chart. | `13.11.0-debian-11-r15` | - ### Feeds Gem Database Parameters | Name | Description | Value | @@ -438,7 +435,6 @@ anchoreConfig: | `gem-db.primary.extraEnvVars` | An array to add extra environment variables | `[]` | | `gem-db.image.tag` | Specifies the image to use for this chart. | `13.11.0-debian-11-r15` | - ### Anchore Feeds Upgrade Job Parameters | Name | Description | Value | @@ -457,7 +453,6 @@ anchoreConfig: | `feedsUpgradeJob.resources` | Resources for the Anchore Feeds upgrade job | `{}` | | `feedsUpgradeJob.ttlSecondsAfterFinished` | The time period in seconds the upgrade job, and it's related pods should be retained for | `-1` | - ### Ingress Parameters | Name | Description | Value | @@ -470,7 +465,6 @@ anchoreConfig: | `ingress.tls` | Configure tls for the ingress resource | `[]` | | `ingress.ingressClassName` | sets the ingress class name. As of k8s v1.18, this should be nginx | `nginx` | - ### Google CloudSQL DB Parameters | Name | Description | Value | diff --git a/stable/feeds/files/default_config.yaml b/stable/feeds/files/default_config.yaml index 956135e0..2db8efa2 100644 --- a/stable/feeds/files/default_config.yaml +++ b/stable/feeds/files/default_config.yaml @@ -73,8 +73,16 @@ services: drivers: amzn: enabled: ${ANCHORE_FEEDS_DRIVER_AMAZON_ENABLED} + import_results: + enabled: "${ANCHORE_ENTERPRISE_FEEDS_AMAZON_PROVIDER_IMPORT_RESULTS_ENABLED}" + host: "${ANCHORE_ENTERPRISE_FEEDS_AMAZON_PROVIDER_IMPORT_RESULTS_HOST}" + path: "${ANCHORE_ENTERPRISE_FEEDS_AMAZON_PROVIDER_IMPORT_RESULTS_PATH}" alpine: enabled: ${ANCHORE_FEEDS_DRIVER_ALPINE_ENABLED} + import_results: + enabled: "${ANCHORE_ENTERPRISE_FEEDS_ALPINE_PROVIDER_IMPORT_RESULTS_ENABLED}" + host: "${ANCHORE_ENTERPRISE_FEEDS_ALPINE_PROVIDER_IMPORT_RESULTS_HOST}" + path: "${ANCHORE_ENTERPRISE_FEEDS_ALPINE_PROVIDER_IMPORT_RESULTS_PATH}" centos: enabled: false debian: @@ -82,8 +90,16 @@ services: {{- with .Values.anchoreConfig.feeds.drivers.debian.releases }} releases: {{- toYaml . | nindent 10 }} {{- end }} + import_results: + enabled: "${ANCHORE_ENTERPRISE_FEEDS_DEBIAN_PROVIDER_IMPORT_RESULTS_ENABLED}" + host: "${ANCHORE_ENTERPRISE_FEEDS_DEBIAN_PROVIDER_IMPORT_RESULTS_HOST}" + path: "${ANCHORE_ENTERPRISE_FEEDS_DEBIAN_PROVIDER_IMPORT_RESULTS_PATH}" ol: enabled: ${ANCHORE_FEEDS_DRIVER_OL_ENABLED} + import_results: + enabled: "${ANCHORE_ENTERPRISE_FEEDS_ORACLE_PROVIDER_IMPORT_RESULTS_ENABLED}" + host: "${ANCHORE_ENTERPRISE_FEEDS_ORACLE_PROVIDER_IMPORT_RESULTS_HOST}" + path: "${ANCHORE_ENTERPRISE_FEEDS_ORACLE_PROVIDER_IMPORT_RESULTS_PATH}" ubuntu: enabled: ${ANCHORE_FEEDS_DRIVER_UBUNTU_ENABLED} git_url: ${ANCHORE_FEEDS_DRIVER_UBUNTU_URL} @@ -91,9 +107,17 @@ services: {{- with .Values.anchoreConfig.feeds.drivers.ubuntu.releases }} releases: {{- toYaml . | nindent 10 }} {{- end }} + import_results: + enabled: "${ANCHORE_ENTERPRISE_FEEDS_UBUNTU_PROVIDER_IMPORT_RESULTS_ENABLED}" + host: "${ANCHORE_ENTERPRISE_FEEDS_UBUNTU_PROVIDER_IMPORT_RESULTS_HOST}" + path: "${ANCHORE_ENTERPRISE_FEEDS_UBUNTU_PROVIDER_IMPORT_RESULTS_PATH}" rhel: enabled: ${ANCHORE_FEEDS_DRIVER_RHEL_ENABLED} concurrency: ${ANCHORE_FEEDS_DRIVER_RHEL_CONCURRENCY} + import_results: + enabled: "${ANCHORE_ENTERPRISE_FEEDS_RHEL_PROVIDER_IMPORT_RESULTS_ENABLED}" + host: "${ANCHORE_ENTERPRISE_FEEDS_RHEL_PROVIDER_IMPORT_RESULTS_HOST}" + path: "${ANCHORE_ENTERPRISE_FEEDS_RHEL_PROVIDER_IMPORT_RESULTS_PATH}" npm: enabled: ${ANCHORE_FEEDS_DRIVER_NPM_ENABLED} gem: @@ -104,8 +128,19 @@ services: nvdv2: enabled: ${ANCHORE_FEEDS_DRIVER_NVDV2_ENABLED} api_key: ${ANCHORE_NVD_API_KEY} + overrides: + enabled: "${ANCHORE_ENTERPRISE_FEEDS_NVD_PROVIDER_OVERRIDES_ENABLED}" + url: "${ANCHORE_ENTERPRISE_FEEDS_NVD_PROVIDER_OVERRIDES_URL}" + import_results: + enabled: "${ANCHORE_ENTERPRISE_FEEDS_NVD_PROVIDER_IMPORT_RESULTS_ENABLED}" + host: "${ANCHORE_ENTERPRISE_FEEDS_NVD_PROVIDER_IMPORT_RESULTS_HOST}" + path: "${ANCHORE_ENTERPRISE_FEEDS_NVD_PROVIDER_IMPORT_RESULTS_PATH}" mariner: enabled: ${ANCHORE_FEEDS_DRIVER_MARINER_ENABLED} + import_results: + enabled: "${ANCHORE_ENTERPRISE_FEEDS_MARINER_PROVIDER_IMPORT_RESULTS_ENABLED}" + host: "${ANCHORE_ENTERPRISE_FEEDS_MARINER_PROVIDER_IMPORT_RESULTS_HOST}" + path: "${ANCHORE_ENTERPRISE_FEEDS_MARINER_PROVIDER_IMPORT_RESULTS_PATH}" msrc: enabled: ${ANCHORE_FEEDS_DRIVER_MSRC_ENABLED} {{- with .Values.anchoreConfig.feeds.drivers.msrc.whitelist }} @@ -115,6 +150,10 @@ services: github: enabled: ${ANCHORE_FEEDS_DRIVER_GITHUB_ENABLED} token: ${ANCHORE_GITHUB_TOKEN} + import_results: + enabled: "${ANCHORE_ENTERPRISE_FEEDS_GITHUB_PROVIDER_IMPORT_RESULTS_ENABLED}" + host: "${ANCHORE_ENTERPRISE_FEEDS_GITHUB_PROVIDER_IMPORT_RESULTS_HOST}" + path: "${ANCHORE_ENTERPRISE_FEEDS_GITHUB_PROVIDER_IMPORT_RESULTS_PATH}" grypedb: enabled: ${ANCHORE_FEEDS_DRIVER_GRYPEDB_ENABLED} external_feeds_url: ${ANCHORE_FEEDS_EXTERNAL_URL} @@ -125,9 +164,21 @@ services: restore_provider_workspaces: ${ANCHORE_FEEDS_GRYPEDB_RESTORE_WORKSPACE} sles: enabled: ${ANCHORE_FEEDS_DRIVER_SLES_ENABLED} + import_results: + enabled: "${ANCHORE_ENTERPRISE_FEEDS_SLES_PROVIDER_IMPORT_RESULTS_ENABLED}" + host: "${ANCHORE_ENTERPRISE_FEEDS_SLES_PROVIDER_IMPORT_RESULTS_HOST}" + path: "${ANCHORE_ENTERPRISE_FEEDS_SLES_PROVIDER_IMPORT_RESULTS_PATH}" anchore_match_exclusions: enabled: ${ANCHORE_FEEDS_DRIVER_MATCH_EXCLUSIONS} wolfi: enabled: ${ANCHORE_FEEDS_DRIVER_WOLFI_ENABLED} + import_results: + enabled: "${ANCHORE_ENTERPRISE_FEEDS_WOLFI_PROVIDER_IMPORT_RESULTS_ENABLED}" + host: "${ANCHORE_ENTERPRISE_FEEDS_WOLFI_PROVIDER_IMPORT_RESULTS_HOST}" + path: "${ANCHORE_ENTERPRISE_FEEDS_WOLFI_PROVIDER_IMPORT_RESULTS_PATH}" chainguard: enabled: ${ANCHORE_FEEDS_DRIVER_CHAINGUARD_ENABLED} + import_results: + enabled: "${ANCHORE_ENTERPRISE_FEEDS_CHAINGUARD_PROVIDER_IMPORT_RESULTS_ENABLED}" + host: "${ANCHORE_ENTERPRISE_FEEDS_CHAINGUARD_PROVIDER_IMPORT_RESULTS_HOST}" + path: "${ANCHORE_ENTERPRISE_FEEDS_CHAINGUARD_PROVIDER_IMPORT_RESULTS_PATH}" diff --git a/stable/feeds/tests/__snapshot__/configmap_test.yaml.snap b/stable/feeds/tests/__snapshot__/configmap_test.yaml.snap index 3a3ff1ce..2361fcbf 100644 --- a/stable/feeds/tests/__snapshot__/configmap_test.yaml.snap +++ b/stable/feeds/tests/__snapshot__/configmap_test.yaml.snap @@ -74,21 +74,45 @@ should render the configmaps: drivers: amzn: enabled: ${ANCHORE_FEEDS_DRIVER_AMAZON_ENABLED} + import_results: + enabled: "${ANCHORE_ENTERPRISE_FEEDS_AMAZON_PROVIDER_IMPORT_RESULTS_ENABLED}" + host: "${ANCHORE_ENTERPRISE_FEEDS_AMAZON_PROVIDER_IMPORT_RESULTS_HOST}" + path: "${ANCHORE_ENTERPRISE_FEEDS_AMAZON_PROVIDER_IMPORT_RESULTS_PATH}" alpine: enabled: ${ANCHORE_FEEDS_DRIVER_ALPINE_ENABLED} + import_results: + enabled: "${ANCHORE_ENTERPRISE_FEEDS_ALPINE_PROVIDER_IMPORT_RESULTS_ENABLED}" + host: "${ANCHORE_ENTERPRISE_FEEDS_ALPINE_PROVIDER_IMPORT_RESULTS_HOST}" + path: "${ANCHORE_ENTERPRISE_FEEDS_ALPINE_PROVIDER_IMPORT_RESULTS_PATH}" centos: enabled: false debian: enabled: ${ANCHORE_FEEDS_DRIVER_DEBIAN_ENABLED} + import_results: + enabled: "${ANCHORE_ENTERPRISE_FEEDS_DEBIAN_PROVIDER_IMPORT_RESULTS_ENABLED}" + host: "${ANCHORE_ENTERPRISE_FEEDS_DEBIAN_PROVIDER_IMPORT_RESULTS_HOST}" + path: "${ANCHORE_ENTERPRISE_FEEDS_DEBIAN_PROVIDER_IMPORT_RESULTS_PATH}" ol: enabled: ${ANCHORE_FEEDS_DRIVER_OL_ENABLED} + import_results: + enabled: "${ANCHORE_ENTERPRISE_FEEDS_ORACLE_PROVIDER_IMPORT_RESULTS_ENABLED}" + host: "${ANCHORE_ENTERPRISE_FEEDS_ORACLE_PROVIDER_IMPORT_RESULTS_HOST}" + path: "${ANCHORE_ENTERPRISE_FEEDS_ORACLE_PROVIDER_IMPORT_RESULTS_PATH}" ubuntu: enabled: ${ANCHORE_FEEDS_DRIVER_UBUNTU_ENABLED} git_url: ${ANCHORE_FEEDS_DRIVER_UBUNTU_URL} git_branch: ${ANCHORE_FEEDS_DRIVER_UBUNTU_BRANCH} + import_results: + enabled: "${ANCHORE_ENTERPRISE_FEEDS_UBUNTU_PROVIDER_IMPORT_RESULTS_ENABLED}" + host: "${ANCHORE_ENTERPRISE_FEEDS_UBUNTU_PROVIDER_IMPORT_RESULTS_HOST}" + path: "${ANCHORE_ENTERPRISE_FEEDS_UBUNTU_PROVIDER_IMPORT_RESULTS_PATH}" rhel: enabled: ${ANCHORE_FEEDS_DRIVER_RHEL_ENABLED} concurrency: ${ANCHORE_FEEDS_DRIVER_RHEL_CONCURRENCY} + import_results: + enabled: "${ANCHORE_ENTERPRISE_FEEDS_RHEL_PROVIDER_IMPORT_RESULTS_ENABLED}" + host: "${ANCHORE_ENTERPRISE_FEEDS_RHEL_PROVIDER_IMPORT_RESULTS_HOST}" + path: "${ANCHORE_ENTERPRISE_FEEDS_RHEL_PROVIDER_IMPORT_RESULTS_PATH}" npm: enabled: ${ANCHORE_FEEDS_DRIVER_NPM_ENABLED} gem: @@ -96,13 +120,28 @@ should render the configmaps: nvdv2: enabled: ${ANCHORE_FEEDS_DRIVER_NVDV2_ENABLED} api_key: ${ANCHORE_NVD_API_KEY} + overrides: + enabled: "${ANCHORE_ENTERPRISE_FEEDS_NVD_PROVIDER_OVERRIDES_ENABLED}" + url: "${ANCHORE_ENTERPRISE_FEEDS_NVD_PROVIDER_OVERRIDES_URL}" + import_results: + enabled: "${ANCHORE_ENTERPRISE_FEEDS_NVD_PROVIDER_IMPORT_RESULTS_ENABLED}" + host: "${ANCHORE_ENTERPRISE_FEEDS_NVD_PROVIDER_IMPORT_RESULTS_HOST}" + path: "${ANCHORE_ENTERPRISE_FEEDS_NVD_PROVIDER_IMPORT_RESULTS_PATH}" mariner: enabled: ${ANCHORE_FEEDS_DRIVER_MARINER_ENABLED} + import_results: + enabled: "${ANCHORE_ENTERPRISE_FEEDS_MARINER_PROVIDER_IMPORT_RESULTS_ENABLED}" + host: "${ANCHORE_ENTERPRISE_FEEDS_MARINER_PROVIDER_IMPORT_RESULTS_HOST}" + path: "${ANCHORE_ENTERPRISE_FEEDS_MARINER_PROVIDER_IMPORT_RESULTS_PATH}" msrc: enabled: ${ANCHORE_FEEDS_DRIVER_MSRC_ENABLED} github: enabled: ${ANCHORE_FEEDS_DRIVER_GITHUB_ENABLED} token: ${ANCHORE_GITHUB_TOKEN} + import_results: + enabled: "${ANCHORE_ENTERPRISE_FEEDS_GITHUB_PROVIDER_IMPORT_RESULTS_ENABLED}" + host: "${ANCHORE_ENTERPRISE_FEEDS_GITHUB_PROVIDER_IMPORT_RESULTS_HOST}" + path: "${ANCHORE_ENTERPRISE_FEEDS_GITHUB_PROVIDER_IMPORT_RESULTS_PATH}" grypedb: enabled: ${ANCHORE_FEEDS_DRIVER_GRYPEDB_ENABLED} external_feeds_url: ${ANCHORE_FEEDS_EXTERNAL_URL} @@ -113,12 +152,24 @@ should render the configmaps: restore_provider_workspaces: ${ANCHORE_FEEDS_GRYPEDB_RESTORE_WORKSPACE} sles: enabled: ${ANCHORE_FEEDS_DRIVER_SLES_ENABLED} + import_results: + enabled: "${ANCHORE_ENTERPRISE_FEEDS_SLES_PROVIDER_IMPORT_RESULTS_ENABLED}" + host: "${ANCHORE_ENTERPRISE_FEEDS_SLES_PROVIDER_IMPORT_RESULTS_HOST}" + path: "${ANCHORE_ENTERPRISE_FEEDS_SLES_PROVIDER_IMPORT_RESULTS_PATH}" anchore_match_exclusions: enabled: ${ANCHORE_FEEDS_DRIVER_MATCH_EXCLUSIONS} wolfi: enabled: ${ANCHORE_FEEDS_DRIVER_WOLFI_ENABLED} + import_results: + enabled: "${ANCHORE_ENTERPRISE_FEEDS_WOLFI_PROVIDER_IMPORT_RESULTS_ENABLED}" + host: "${ANCHORE_ENTERPRISE_FEEDS_WOLFI_PROVIDER_IMPORT_RESULTS_HOST}" + path: "${ANCHORE_ENTERPRISE_FEEDS_WOLFI_PROVIDER_IMPORT_RESULTS_PATH}" chainguard: enabled: ${ANCHORE_FEEDS_DRIVER_CHAINGUARD_ENABLED} + import_results: + enabled: "${ANCHORE_ENTERPRISE_FEEDS_CHAINGUARD_PROVIDER_IMPORT_RESULTS_ENABLED}" + host: "${ANCHORE_ENTERPRISE_FEEDS_CHAINGUARD_PROVIDER_IMPORT_RESULTS_HOST}" + path: "${ANCHORE_ENTERPRISE_FEEDS_CHAINGUARD_PROVIDER_IMPORT_RESULTS_PATH}" kind: ConfigMap metadata: annotations: diff --git a/stable/feeds/tests/__snapshot__/prehook_upgrade_resources_test.yaml.snap b/stable/feeds/tests/__snapshot__/prehook_upgrade_resources_test.yaml.snap index b68b53ca..cf3ff883 100644 --- a/stable/feeds/tests/__snapshot__/prehook_upgrade_resources_test.yaml.snap +++ b/stable/feeds/tests/__snapshot__/prehook_upgrade_resources_test.yaml.snap @@ -143,6 +143,6 @@ should render proper initContainers: value: test-release-feeds - name: ANCHORE_PORT value: "8448" - image: docker.io/anchore/enterprise:v5.4.0 + image: docker.io/anchore/enterprise:v5.4.1 imagePullPolicy: IfNotPresent name: wait-for-db diff --git a/stable/feeds/values.yaml b/stable/feeds/values.yaml index d8e126a4..694a93f0 100644 --- a/stable/feeds/values.yaml +++ b/stable/feeds/values.yaml @@ -21,7 +21,7 @@ nameOverride: "" ## @param image Image used for feeds deployment ## -image: docker.io/anchore/enterprise:v5.4.0 +image: docker.io/anchore/enterprise:v5.4.1 ## @param imagePullPolicy Image pull policy used by all deployments ## ref: https://kubernetes.io/docs/concepts/containers/images/#image-pull-policy