feat: add support for integration registration and health reports

Changes to enterprise helm chart. Addresses: ENTERPRISE-4543 Signed-off-by: Bob Melander <[email protected]>
anchore · Sep 23, 2024 · 4f02559 · 4f02559
1 parent cb3d666
commit 4f02559
Show file tree

Hide file tree

Showing 8 changed files with 21 additions and 4 deletions.
diff --git a/stable/enterprise/Chart.yaml b/stable/enterprise/Chart.yaml
@@ -1,7 +1,7 @@
 apiVersion: v2
 name: enterprise
-version: "2.10.0"
-appVersion: "5.9.0"
+version: "2.11.0"
+appVersion: "5.11.0"
 kubeVersion: 1.23.x - 1.30.x || 1.23.x-x - 1.30.x-x
 description: |
   Anchore Enterprise is a complete container security workflow solution for professional teams. Easily integrating with CI/CD systems,

diff --git a/stable/enterprise/README.md b/stable/enterprise/README.md
@@ -1056,7 +1056,7 @@ To restore your deployment to using your previous driver configurations:
 ### Anchore Configuration Parameters
 
 | Name                                                                             | Description                                                                                                                      | Value              |
-| -------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------- | ------------------ |
+| -------------------------------------------------------------------------------- |----------------------------------------------------------------------------------------------------------------------------------|--------------------|
 | `anchoreConfig.service_dir`                                                      | Path to directory where default Anchore config files are placed at startup                                                       | `/anchore_service` |
 | `anchoreConfig.log_level`                                                        | The log level for Anchore services: NOTE: This is deprecated, use logging.log_level                                              | `INFO`             |
 | `anchoreConfig.logging.colored_logging`                                          | Enable colored output in the logs                                                                                                | `false`            |
@@ -1133,7 +1133,7 @@ To restore your deployment to using your previous driver configurations:
 | `anchoreConfig.catalog.object_store`                                             | Custom object storage YAML configuration                                                                                         | `{}`               |
 | `anchoreConfig.catalog.runtime_inventory.inventory_ttl_days`                     | TTL for runtime inventory.                                                                                                       | `120`              |
 | `anchoreConfig.catalog.runtime_inventory.inventory_ingest_overwrite`             | force runtime inventory to be overwritten upon every update for that reported context.                                           | `false`            |
-| `anchoreConfig.catalog.down_analyzer_task_requeue`                               | Allows fast re-queueing when image status is 'analyzing' on an analyzer that is no longer in the 'up' state                      | `true`             |
+| `anchoreConfig.catalog.integrations.integration_health_report_ttl_days`          | TTL for integration health reports.                                                                                              | `2`                || `anchoreConfig.catalog.down_analyzer_task_requeue`                               | Allows fast re-queueing when image status is 'analyzing' on an analyzer that is no longer in the 'up' state                      | `true`             |
 | `anchoreConfig.policy_engine.cycle_timers.feed_sync`                             | Interval to run a feed sync to get latest cve data                                                                               | `14400`            |
 | `anchoreConfig.policy_engine.cycle_timers.feed_sync_checker`                     | Interval between checks to see if there needs to be a task queued                                                                | `3600`             |
 | `anchoreConfig.policy_engine.overrideFeedsToUpstream`                            | Override the Anchore Feeds URL to use the public upstream Anchore Feeds                                                          | `false`            |

diff --git a/stable/enterprise/files/default_config.yaml b/stable/enterprise/files/default_config.yaml
@@ -155,6 +155,8 @@ services:
     runtime_inventory:
       inventory_ttl_days: ${ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_TTL_DAYS}
       inventory_ingest_overwrite: ${ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_INGEST_OVERWRITE}
+    integrations:
+      integration_health_report_ttl_days: ${ANCHORE_ENTERPRISE_INTEGRATION_HEALTH_REPORTS_TTL_DAYS}
     image_gc:
       max_worker_threads: ${ANCHORE_CATALOG_IMAGE_GC_WORKERS}
     runtime_compliance:

diff --git a/stable/enterprise/files/osaa_config.yaml b/stable/enterprise/files/osaa_config.yaml
@@ -119,6 +119,8 @@ services:
     runtime_inventory:
       inventory_ttl_days: ${ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_TTL_DAYS}
       inventory_ingest_overwrite: ${ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_INGEST_OVERWRITE}
+    integrations:
+      integration_health_report_ttl_days: ${ANCHORE_ENTERPRISE_INTEGRATION_HEALTH_REPORTS_TTL_DAYS}
     image_gc:
       max_worker_threads: ${ANCHORE_CATALOG_IMAGE_GC_WORKERS}
     runtime_compliance:

diff --git a/stable/enterprise/templates/envvars_configmap.yaml b/stable/enterprise/templates/envvars_configmap.yaml
@@ -55,6 +55,7 @@ data:
   ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_TTL_DAYS: "{{ .Values.anchoreConfig.catalog.runtime_inventory.inventory_ttl_days }}"
   ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_INGEST_OVERWRITE: "{{ .Values.anchoreConfig.catalog.runtime_inventory.inventory_ingest_overwrite }}"
 {{- end }}
+  ANCHORE_ENTERPRISE_INTEGRATION_HEALTH_REPORTS_TTL_DAYS: "{{ .Values.anchoreConfig.catalog.integrations.integration_health_report_ttl_days }}"
 {{- with .Values.anchoreConfig.notifications.ui_url }}
   ANCHORE_ENTERPRISE_UI_URL: "{{ . }}"
 {{- else }}

diff --git a/stable/enterprise/tests/__snapshot__/configmap_test.yaml.snap b/stable/enterprise/tests/__snapshot__/configmap_test.yaml.snap
@@ -223,6 +223,8 @@ should render the configmaps:
             runtime_inventory:
               inventory_ttl_days: ${ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_TTL_DAYS}
               inventory_ingest_overwrite: ${ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_INGEST_OVERWRITE}
+            integrations:
+              integration_health_report_ttl_days: ${ANCHORE_ENTERPRISE_INTEGRATION_HEALTH_REPORTS_TTL_DAYS}
             image_gc:
               max_worker_threads: ${ANCHORE_CATALOG_IMAGE_GC_WORKERS}
             runtime_compliance:
@@ -433,6 +435,7 @@ should render the configmaps:
       ANCHORE_ENTERPRISE_REPORTS_VULNERABILITIES_BY_K8S_NAMESPACE: "true"
       ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_INGEST_OVERWRITE: "false"
       ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_TTL_DAYS: "120"
+      ANCHORE_ENTERPRISE_INTEGRATION_HEALTH_REPORTS_TTL_DAYS: "2"
       ANCHORE_ENTERPRISE_UI_URL: test-release-enterprise-ui
       ANCHORE_FEEDS_DRIVER_GITHUB_ENABLED: "false"
       ANCHORE_FEEDS_DRIVER_MSRC_ENABLED: "false"

diff --git a/stable/enterprise/tests/__snapshot__/osaa_configmap_test.yaml.snap b/stable/enterprise/tests/__snapshot__/osaa_configmap_test.yaml.snap
@@ -184,6 +184,8 @@ should render the configmaps for osaa migration if enabled:
             runtime_inventory:
               inventory_ttl_days: ${ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_TTL_DAYS}
               inventory_ingest_overwrite: ${ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_INGEST_OVERWRITE}
+            integrations:
+              integration_health_report_ttl_days: ${ANCHORE_ENTERPRISE_INTEGRATION_HEALTH_REPORTS_TTL_DAYS}
             image_gc:
               max_worker_threads: ${ANCHORE_CATALOG_IMAGE_GC_WORKERS}
             runtime_compliance:
@@ -497,6 +499,9 @@ should render the configmaps for osaa migration if enabled:
             runtime_inventory:
               inventory_ttl_days: ${ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_TTL_DAYS}
               inventory_ingest_overwrite: ${ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_INGEST_OVERWRITE}
+            integrations:
+              integration_health_report_ttl_days: ${ANCHORE_ENTERPRISE_INTEGRATION_HEALTH_REPORTS_TTL_DAYS}
+              integration_account_association_ttl_minutes: ${ANCHORE_ENTERPRISE_INTEGRATION_ACCOUNT_ASSOCIATION_TTL_MINUTES}
             image_gc:
               max_worker_threads: ${ANCHORE_CATALOG_IMAGE_GC_WORKERS}
             runtime_compliance:

diff --git a/stable/enterprise/values.yaml b/stable/enterprise/values.yaml
@@ -558,6 +558,10 @@ anchoreConfig:
       inventory_ttl_days: 120
       inventory_ingest_overwrite: false
 
+    ## @param anchoreConfig.catalog.integrations.integration_health_report_ttl_days TTL for integration health reports.
+    ##
+    integrations:
+      integration_health_report_ttl_days: 2
     ## @param anchoreConfig.catalog.down_analyzer_task_requeue Allows fast re-queueing when image status is 'analyzing' on an analyzer that is no longer in the 'up' state
     ##
     down_analyzer_task_requeue: true