Merge remote-tracking branch 'armosec/dev' into dev

David Wertenteil · David Wertenteil · commit 9a61b6226109 · 2022-08-10T15:37:01.000+03:00
diff --git a/README.md b/README.md
@@ -43,7 +43,7 @@ helm upgrade --install armo  armo/armo-cluster-components -n armo-system --creat
 | armoCollector.affinity | object | `{}` | Assign custom [affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/) rules to the StatefulSet |
 | armoCollector.enabled | bool | `true` | enable/disable the armoCollector |
 | armoCollector.env[0] | object | `{"name":"PRINT_REPORT","value":"false"}` | print in verbose mode (print all reported data) |
-| armoCollector.image.repository | string | `"quay.io/armosec/cluster-collector"` | [source code](https://github.com/armosec/k8s-armo-collector) (private repo) |
+| armoCollector.image.repository | string | `"quay.io/kubescape/kollector"` | [source code](https://github.com/kubescape/kollector) |
 | armoCollector.nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/) |
 | armoCollector.volumes | object | `[]` | Additional volumes for the collector |
 | armoCollector.volumeMounts | object | `[]` | Additional volumeMounts for the collector |
@@ -65,19 +65,21 @@ helm upgrade --install armo  armo/armo-cluster-components -n armo-system --creat
 | armoKubescapeScanScheduler.volumeMounts | object | `[]` | Additional volumeMounts for scan scheduler |
 | armoNotificationService.affinity | object | `{}` | Assign custom [affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/) rules to the deployment |
 | armoNotificationService.enabled | bool | `true` | enable/disable passing notifications from ARMO SaaS to the armo-web-socket microservice. The notifications are the onDemand scanning and the scanning schedule settings |
-| armoNotificationService.image.repository | string | `"quay.io/armosec/notification-server"` | [source code](https://github.com/armosec/capostman) (private repo) |
+| armoNotificationService.image.repository | string | `"quay.io/kubescape/gateway"` | [source code](https://github.com/kubescape/gateway) |
 | armoNotificationService.nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/) |
 | armoNotificationService.volumes | object | `[]` | Additional volumes for the notification service |
 | armoNotificationService.volumeMounts | object | `[]` | Additional volumeMounts for the notification service |
 | armoVulnScanner.affinity | object | `{}` | Assign custom [affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/) rules to the deployment |
 | armoVulnScanner.enabled | bool | `true` | enable/disable image vulnerability scanning |
-| armoVulnScanner.image.repository | string | `"quay.io/armosec/images-vulnerabilities-scan"` | [source code](https://github.com/armosec/ca-vuln-scan) (private repo) |
+| armoVulnScanner.image.repository | string | `"quay.io/kubescape/kubevuln"` | [source code](https://github.com/kubescape/kubevuln) |
 | armoVulnScanner.nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/) |
 | armoVulnScanner.volumes | object | `[]` | Additional volumes for the image vulnerability scanning |
 | armoVulnScanner.volumeMounts | object | `[]` | Additional volumeMounts for the image vulnerability scanning |
+| armoVulnScanScheduler.volumes | object | `[]` | Additional volumes for scan scheduler |
+| armoVulnScanScheduler.volumeMounts | object | `[]` | Additional volumeMounts for scan scheduler |
 | armoWebsocket.affinity | object | `{}` | Assign custom [affinity](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/) rules to the deployment |
 | armoWebsocket.enabled | bool | `true` | enable/disable kubescape and image vulnerability scanning |
-| armoWebsocket.image.repository | string | `"quay.io/armosec/action-trigger"` | [source code](https://github.com/armosec/k8s-ca-websocket) (private repo) |
+| armoWebsocket.image.repository | string | `"quay.io/kubescape/kontroller"` | [source code](https://github.com/kubescape/kontroller) |
 | armoWebsocket.nodeSelector | object | `{}` | [Node selector](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/) |
 | armoWebsocket.volumes | object | `[]` | Additional volumes for the web socket |
 | armoWebsocket.volumeMounts | object | `[]` | Additional volumeMounts for the web socket |
diff --git a/charts/armo-components/assets/armo-vulnscan-cronjob-full.yaml b/charts/armo-components/assets/armo-vulnscan-cronjob-full.yaml
@@ -32,12 +32,22 @@ apiVersion: batch/v1
                     mountPath: /home/ks/request-body.json
                     subPath: request-body.json
                     readOnly: true
+{{- if .Values.volumeMounts }}
+{{ toYaml .Values.volumeMounts | indent 18 }}
+{{- end }}
+{{- if .Values.armoVulnScanScheduler.volumeMounts }}
+{{ toYaml .Values.armoVulnScanScheduler.volumeMounts | indent 18 }}
+{{- end }}
               restartPolicy: Never
               automountServiceAccountToken: false
               volumes:
                 - name: "request-body-volume" # placeholder
                   configMap:
                     name: {{ .Values.armoVulnScanScheduler.name }}
- 
-
+{{- if .Values.volumes }}
+{{ toYaml .Values.volumes | indent 16 }}
+{{- end }}
+{{- if .Values.armoVulnScanScheduler.volumes }}
+{{ toYaml .Values.armoVulnScanScheduler.volumes | indent 16 }}
+{{- end }}
           
diff --git a/charts/armo-components/values.yaml b/charts/armo-components/values.yaml
@@ -175,9 +175,9 @@ armoWebsocket:
   name: armo-web-socket
 
   image:
-    # -- source code: https://github.com/armosec/k8s-ca-websocket (private repo)
-    repository: quay.io/armosec/action-trigger
-    tag: v0.0.58
+    # -- source code: https://github.com/kubescape/kontroller
+    repository: quay.io/kubescape/kontroller
+    tag: v0.0.60
     pullPolicy: Always
 
   service:
@@ -232,6 +232,12 @@ armoVulnScanScheduler:
 
   replicaCount: 1
 
+  # Additional volumes to be mounted on the vuln scan scheduler
+  volumes: []
+
+  # Additional volumeMounts to be mounted on the vuln scan scheduler
+  volumeMounts: []
+
 # image vulnerability scanning microservice
 armoVulnScanner:
 
@@ -245,9 +251,9 @@ armoVulnScanner:
   name: armo-vuln-scan
 
   image:
-    # -- source code: https://github.com/armosec/ca-vuln-scan (private repo)
-    repository: quay.io/armosec/images-vulnerabilities-scan
-    tag: v0.0.32
+    # -- source code: https://github.com/kubescape/kubevuln
+    repository: quay.io/kubescape/kubevuln
+    tag: v0.0.39
     pullPolicy: Always
 
   replicaCount: 1
@@ -293,9 +299,9 @@ armoCollector:
   name: armo-collector
 
   image:
-    # -- source code: https://github.com/armosec/k8s-armo-collector (private repo)
-    repository: quay.io/armosec/cluster-collector
-    tag: v0.0.23
+    # -- source code: https://github.com/kubescape/kollector
+    repository: quay.io/kubescape/kollector
+    tag: v0.0.24
     pullPolicy: Always
 
   replicaCount: 1
@@ -345,9 +351,9 @@ armoNotificationService:
     protocol: TCP
   
   image:
-    # -- source code: https://github.com/armosec/capostman (private repo)
-    repository: quay.io/armosec/notification-server
-    tag: v0.0.5
+    # -- source code: https://github.com/kubescape/gateway
+    repository: quay.io/kubescape/gateway
+    tag: v0.0.11
     pullPolicy: Always
 
   replicaCount: 1
