configured the trivy server using k8s deployment/svc way

manzil-infinity180 · manzil-infinity180 · commit 1be8d7557cac · 2025-08-08T04:17:32.000+05:30
diff --git a/docs/trivy-manifest/deployment.yml b/docs/trivy-manifest/deployment.yml
@@ -1,30 +1,31 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: trivy-server
-  labels:
-    app: trivy-server
-spec:
-  replicas: 1 # You can adjust the number of replicas for high availability
-  selector:
-    matchLabels:
-      app: trivy-server
-  template:
+    apiVersion: apps/v1
+    kind: Deployment
     metadata:
+      name: trivy-server
       labels:
         app: trivy-server
     spec:
-      containers:
-        - name: trivy-server
-          image: aquasec/trivy:latest # Use a specific version instead of latest in production
-          args: ["server", "--listen", "0.0.0.0:8080"] # Listen on all interfaces
-          ports:
+      replicas: 1 # You can adjust the number of replicas for high availability
+      selector:
+        matchLabels:
+          app: trivy-server
+      template:
+        metadata:
+          labels:
+            app: trivy-server
+        spec:
+          containers:
+          - name: trivy-server
+            image: aquasec/trivy:latest # Use a specific version instead of latest in production
+            args: ["server", "--listen", "0.0.0.0:8080"] # Listen on all interfaces
+            ports:
             - containerPort: 8080
               name: http
-#          volumeMounts:
-#            - name: trivy-cache
-#              mountPath: /root/.cache/trivy
-#      volumes:
-#        - name: trivy-cache
-#          persistentVolumeClaim:
-#            claimName: trivy-cache-pvc
+            # Optional: Add resource limits and requests for better resource management
+            # resources:
+            #   limits:
+            #     cpu: "500m"
+            #     memory: "512Mi"
+            #   requests:
+            #     cpu: "250m"
+            #     memory: "256Mi"
diff --git a/docs/trivy-manifest/pvc.yml b/docs/trivy-manifest/pvc.yml
@@ -3,7 +3,6 @@ kind: PersistentVolumeClaim
 metadata:
   name: trivy-cache-pvc
 spec:
-  storageClassName: standard
   accessModes:
     - ReadWriteOnce
   resources:
diff --git a/docs/trivy-manifest/service.yml b/docs/trivy-manifest/service.yml
@@ -1,14 +1,14 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: trivy-server-service
-  labels:
-    app: trivy-server
-spec:
-  selector:
-    app: trivy-server
-  ports:
-    - protocol: TCP
-      port: 8080
-      targetPort: 8080
-  type: ClusterIP # Use ClusterIP for internal access, or NodePort/LoadBalancer for external access
+    apiVersion: v1
+    kind: Service
+    metadata:
+      name: trivy-server-service
+      labels:
+        app: trivy-server
+    spec:
+      selector:
+        app: trivy-server
+      ports:
+        - protocol: TCP
+          port: 8080
+          targetPort: 8080
+      type: ClusterIP # Use ClusterIP for internal access, or NodePort/LoadBalancer for external access
