diff --git a/stable/enterprise/Chart.yaml b/stable/enterprise/Chart.yaml index 4cb93c9a..1b65d43a 100644 --- a/stable/enterprise/Chart.yaml +++ b/stable/enterprise/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 name: enterprise -version: "0.2.1" +version: "0.2.2" appVersion: "4.9.3" kubeVersion: 1.23.x - 1.27.x || 1.23.x-x - 1.27.x-x description: | diff --git a/stable/enterprise/files/default_config.yaml b/stable/enterprise/files/default_config.yaml index 9802d981..1d12c9c5 100644 --- a/stable/enterprise/files/default_config.yaml +++ b/stable/enterprise/files/default_config.yaml @@ -16,7 +16,6 @@ auto_restart_services: false max_source_import_size_mb: ${ANCHORE_MAX_IMPORT_SOURCE_SIZE_MB} max_import_content_size_mb: ${ANCHORE_MAX_IMPORT_CONTENT_SIZE_MB} - max_compressed_image_size_mb: ${ANCHORE_MAX_COMPRESSED_IMAGE_SIZE_MB} metrics: diff --git a/stable/enterprise/templates/envvars_configmap.yaml b/stable/enterprise/templates/envvars_configmap.yaml index 482d2bc4..552bd050 100644 --- a/stable/enterprise/templates/envvars_configmap.yaml +++ b/stable/enterprise/templates/envvars_configmap.yaml @@ -50,13 +50,17 @@ data: ANCHORE_ENTERPRISE_REPORTS_VULNERABILITIES_BY_ECS_CONTAINER: "true" ANCHORE_ENTERPRISE_REPORTS_VULNERABILITIES_BY_K8S_CONTAINER: "true" ANCHORE_ENTERPRISE_REPORTS_VULNERABILITIES_BY_K8S_NAMESPACE: "true" - ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_IMAGE_TTL_DAYS: "120" - ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_IMAGE_INGEST_OVERWRITE: "false" - {{- with .Values.anchoreConfig.notifications.ui_url }} +{{- if eq (toString .Values.anchoreConfig.catalog.runtime_inventory.image_ttl_days) "-1" }} + {{- fail "The Value `-1` is no longer valid for `.Values.anchoreConfig.catalog.runtime_inventory.image_ttl_days`. Please use `.Values.anchoreConfig.catalog.runtime_inventory.image_ingest_overwrite=true` to force runtime inventory to be overwritten upon every update. `.Values.anchoreConfig.catalog.runtime_inventory.image_ttl_days` must be set to a value >1." -}} +{{- else }} + ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_IMAGE_TTL_DAYS: "{{ .Values.anchoreConfig.catalog.runtime_inventory.image_ttl_days }}" + ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_IMAGE_INGEST_OVERWRITE: "{{ .Values.anchoreConfig.catalog.runtime_inventory.image_ingest_overwrite }}" +{{- end }} +{{- with .Values.anchoreConfig.notifications.ui_url }} ANCHORE_ENTERPRISE_UI_URL: "{{ . }}" - {{- else }} +{{- else }} ANCHORE_ENTERPRISE_UI_URL: {{ include "enterprise.ui.fullname" . | quote }} - {{- end }} +{{- end }} ANCHORE_FEEDS_DRIVER_GITHUB_ENABLED: "false" ANCHORE_FEEDS_DRIVER_MSRC_ENABLED: "false" ANCHORE_FEEDS_DRIVER_NVDV2_ENABLED: "true" diff --git a/stable/enterprise/tests/__snapshot__/configmap_test.yaml.snap b/stable/enterprise/tests/__snapshot__/configmap_test.yaml.snap index a3e55ee1..5959ea0f 100644 --- a/stable/enterprise/tests/__snapshot__/configmap_test.yaml.snap +++ b/stable/enterprise/tests/__snapshot__/configmap_test.yaml.snap @@ -62,7 +62,6 @@ should render the configmaps: max_source_import_size_mb: ${ANCHORE_MAX_IMPORT_SOURCE_SIZE_MB} max_import_content_size_mb: ${ANCHORE_MAX_IMPORT_CONTENT_SIZE_MB} - max_compressed_image_size_mb: ${ANCHORE_MAX_COMPRESSED_IMAGE_SIZE_MB} metrics: diff --git a/stable/enterprise/values.yaml b/stable/enterprise/values.yaml index e07c9e14..ad8f4116 100644 --- a/stable/enterprise/values.yaml +++ b/stable/enterprise/values.yaml @@ -477,11 +477,15 @@ anchoreConfig: name: db config: {} - ## @param anchoreConfig.catalog.runtime_inventory.image_ttl_days TTL for images in the inventory report working set + ## anchoreConfig.catalog.runtime_inventory.image_ttl_days TTL for images in the inventory report working set + ## @param anchoreConfig.catalog.runtime_inventory.image_ingest_overwrite disables the image_ttl cycle timer. + ## When `image_ingest_overwrite=true` upon ingestion of inventory, removes anything previously reported by the namespace and only keep the latest inventory posted. + ## This new config value is used instead of setting `image_ttl_days=-1` ## ref: https://docs.anchore.com/current/docs/configuration/runtime_inventory/ ## runtime_inventory: - image_ttl_days: 1 + image_ttl_days: 120 + image_ingest_overwrite: false ## @param anchoreConfig.catalog.down_analyzer_task_requeue Allows fast re-queueing when image status is 'analyzing' on an analyzer that is no longer in the 'up' state ##