github-actions[bot]
commented
1 month ago This issue is stale because it has been labeled with inactivity.
Open crtvmn opened 3 months ago
github-actions[bot]
commented
1 month ago This issue is stale because it has been labeled with inactivity.
Heap0017
commented
1 month ago I'm having the same issue. In my opinion it should be possible to provide the credentials for pulling trivy-db and trivy-java-db just like we can do it for trivy-checks.
@crtvmn This is the issue mentioned in the discussion: https://github.com/aquasecurity/trivy-operator/issues/1342
Heap0017
commented
1 month ago @crtvmn I just found out that you can in fact use a secret for setting dbRepositoryUsername and dbRepositoryPassword. It just isn't mentioned in the README. https://github.com/aquasecurity/trivy-operator/issues/2282
Hello,
I'm trying to deploy the Trivy Operator in standalone mode with the provided Helm chart in an offline environment with a private registry. Credentials are required to access this registry.
Unfortunately, it is not possible to forward or add env variables (
TRIVY_USERandTRIVY_PASSWORD) to allow the Trivy init-container to pull the vulnerability database from my private registry.Moreover the
dbRepositoryPasswordanddbRepositoryUsernameseem useless. https://github.com/aquasecurity/trivy-operator/blob/2cd18ea09464a9d86bdab516c94ccdfd41b551f5/deploy/helm/values.yaml#L525-L529Can you confirm that this use case is not possible for the moment? I found this discussion https://github.com/aquasecurity/trivy-operator/discussions/1341 but no answer and no link to the related issue. Thanks for your help!
Best regards