diff --git a/stable/enterprise/Chart.yaml b/stable/enterprise/Chart.yaml index 2fb1e225..2aa3cc52 100644 --- a/stable/enterprise/Chart.yaml +++ b/stable/enterprise/Chart.yaml @@ -1,7 +1,7 @@ apiVersion: v2 name: enterprise -version: "2.10.0" -appVersion: "5.9.0" +version: "2.11.0" +appVersion: "5.11.0" kubeVersion: 1.23.x - 1.30.x || 1.23.x-x - 1.30.x-x description: | Anchore Enterprise is a complete container security workflow solution for professional teams. Easily integrating with CI/CD systems, diff --git a/stable/enterprise/README.md b/stable/enterprise/README.md index f38b6b7a..486dd049 100644 --- a/stable/enterprise/README.md +++ b/stable/enterprise/README.md @@ -1056,7 +1056,7 @@ To restore your deployment to using your previous driver configurations: ### Anchore Configuration Parameters | Name | Description | Value | -| -------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------- | ------------------ | +| -------------------------------------------------------------------------------- |----------------------------------------------------------------------------------------------------------------------------------|--------------------| | `anchoreConfig.service_dir` | Path to directory where default Anchore config files are placed at startup | `/anchore_service` | | `anchoreConfig.log_level` | The log level for Anchore services: NOTE: This is deprecated, use logging.log_level | `INFO` | | `anchoreConfig.logging.colored_logging` | Enable colored output in the logs | `false` | @@ -1133,7 +1133,7 @@ To restore your deployment to using your previous driver configurations: | `anchoreConfig.catalog.object_store` | Custom object storage YAML configuration | `{}` | | `anchoreConfig.catalog.runtime_inventory.inventory_ttl_days` | TTL for runtime inventory. | `120` | | `anchoreConfig.catalog.runtime_inventory.inventory_ingest_overwrite` | force runtime inventory to be overwritten upon every update for that reported context. | `false` | -| `anchoreConfig.catalog.down_analyzer_task_requeue` | Allows fast re-queueing when image status is 'analyzing' on an analyzer that is no longer in the 'up' state | `true` | +| `anchoreConfig.catalog.integrations.integration_health_report_ttl_days` | TTL for integration health reports. | `2` || `anchoreConfig.catalog.down_analyzer_task_requeue` | Allows fast re-queueing when image status is 'analyzing' on an analyzer that is no longer in the 'up' state | `true` | | `anchoreConfig.policy_engine.cycle_timers.feed_sync` | Interval to run a feed sync to get latest cve data | `14400` | | `anchoreConfig.policy_engine.cycle_timers.feed_sync_checker` | Interval between checks to see if there needs to be a task queued | `3600` | | `anchoreConfig.policy_engine.overrideFeedsToUpstream` | Override the Anchore Feeds URL to use the public upstream Anchore Feeds | `false` | diff --git a/stable/enterprise/files/default_config.yaml b/stable/enterprise/files/default_config.yaml index dad307c2..72344f18 100644 --- a/stable/enterprise/files/default_config.yaml +++ b/stable/enterprise/files/default_config.yaml @@ -155,6 +155,8 @@ services: runtime_inventory: inventory_ttl_days: ${ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_TTL_DAYS} inventory_ingest_overwrite: ${ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_INGEST_OVERWRITE} + integrations: + integration_health_report_ttl_days: ${ANCHORE_ENTERPRISE_INTEGRATION_HEALTH_REPORTS_TTL_DAYS} image_gc: max_worker_threads: ${ANCHORE_CATALOG_IMAGE_GC_WORKERS} runtime_compliance: diff --git a/stable/enterprise/files/osaa_config.yaml b/stable/enterprise/files/osaa_config.yaml index 2e812ce7..7e069dd7 100644 --- a/stable/enterprise/files/osaa_config.yaml +++ b/stable/enterprise/files/osaa_config.yaml @@ -119,6 +119,8 @@ services: runtime_inventory: inventory_ttl_days: ${ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_TTL_DAYS} inventory_ingest_overwrite: ${ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_INGEST_OVERWRITE} + integrations: + integration_health_report_ttl_days: ${ANCHORE_ENTERPRISE_INTEGRATION_HEALTH_REPORTS_TTL_DAYS} image_gc: max_worker_threads: ${ANCHORE_CATALOG_IMAGE_GC_WORKERS} runtime_compliance: diff --git a/stable/enterprise/templates/envvars_configmap.yaml b/stable/enterprise/templates/envvars_configmap.yaml index 2e7084d1..de1fbd5b 100644 --- a/stable/enterprise/templates/envvars_configmap.yaml +++ b/stable/enterprise/templates/envvars_configmap.yaml @@ -55,6 +55,7 @@ data: ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_TTL_DAYS: "{{ .Values.anchoreConfig.catalog.runtime_inventory.inventory_ttl_days }}" ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_INGEST_OVERWRITE: "{{ .Values.anchoreConfig.catalog.runtime_inventory.inventory_ingest_overwrite }}" {{- end }} + ANCHORE_ENTERPRISE_INTEGRATION_HEALTH_REPORTS_TTL_DAYS: "{{ .Values.anchoreConfig.catalog.integrations.integration_health_report_ttl_days }}" {{- with .Values.anchoreConfig.notifications.ui_url }} ANCHORE_ENTERPRISE_UI_URL: "{{ . }}" {{- else }} diff --git a/stable/enterprise/tests/__snapshot__/configmap_test.yaml.snap b/stable/enterprise/tests/__snapshot__/configmap_test.yaml.snap index 785dc2f5..ca1d43ac 100644 --- a/stable/enterprise/tests/__snapshot__/configmap_test.yaml.snap +++ b/stable/enterprise/tests/__snapshot__/configmap_test.yaml.snap @@ -223,6 +223,8 @@ should render the configmaps: runtime_inventory: inventory_ttl_days: ${ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_TTL_DAYS} inventory_ingest_overwrite: ${ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_INGEST_OVERWRITE} + integrations: + integration_health_report_ttl_days: ${ANCHORE_ENTERPRISE_INTEGRATION_HEALTH_REPORTS_TTL_DAYS} image_gc: max_worker_threads: ${ANCHORE_CATALOG_IMAGE_GC_WORKERS} runtime_compliance: @@ -433,6 +435,7 @@ should render the configmaps: ANCHORE_ENTERPRISE_REPORTS_VULNERABILITIES_BY_K8S_NAMESPACE: "true" ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_INGEST_OVERWRITE: "false" ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_TTL_DAYS: "120" + ANCHORE_ENTERPRISE_INTEGRATION_HEALTH_REPORTS_TTL_DAYS: "2" ANCHORE_ENTERPRISE_UI_URL: test-release-enterprise-ui ANCHORE_FEEDS_DRIVER_GITHUB_ENABLED: "false" ANCHORE_FEEDS_DRIVER_MSRC_ENABLED: "false" diff --git a/stable/enterprise/tests/__snapshot__/osaa_configmap_test.yaml.snap b/stable/enterprise/tests/__snapshot__/osaa_configmap_test.yaml.snap index 5791f1f6..c6a8df2e 100644 --- a/stable/enterprise/tests/__snapshot__/osaa_configmap_test.yaml.snap +++ b/stable/enterprise/tests/__snapshot__/osaa_configmap_test.yaml.snap @@ -184,6 +184,8 @@ should render the configmaps for osaa migration if enabled: runtime_inventory: inventory_ttl_days: ${ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_TTL_DAYS} inventory_ingest_overwrite: ${ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_INGEST_OVERWRITE} + integrations: + integration_health_report_ttl_days: ${ANCHORE_ENTERPRISE_INTEGRATION_HEALTH_REPORTS_TTL_DAYS} image_gc: max_worker_threads: ${ANCHORE_CATALOG_IMAGE_GC_WORKERS} runtime_compliance: @@ -497,6 +499,9 @@ should render the configmaps for osaa migration if enabled: runtime_inventory: inventory_ttl_days: ${ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_TTL_DAYS} inventory_ingest_overwrite: ${ANCHORE_ENTERPRISE_RUNTIME_INVENTORY_INGEST_OVERWRITE} + integrations: + integration_health_report_ttl_days: ${ANCHORE_ENTERPRISE_INTEGRATION_HEALTH_REPORTS_TTL_DAYS} + integration_account_association_ttl_minutes: ${ANCHORE_ENTERPRISE_INTEGRATION_ACCOUNT_ASSOCIATION_TTL_MINUTES} image_gc: max_worker_threads: ${ANCHORE_CATALOG_IMAGE_GC_WORKERS} runtime_compliance: diff --git a/stable/enterprise/values.yaml b/stable/enterprise/values.yaml index 1a537f77..9323f34f 100644 --- a/stable/enterprise/values.yaml +++ b/stable/enterprise/values.yaml @@ -558,6 +558,10 @@ anchoreConfig: inventory_ttl_days: 120 inventory_ingest_overwrite: false + ## @param anchoreConfig.catalog.integrations.integration_health_report_ttl_days TTL for integration health reports. + ## + integrations: + integration_health_report_ttl_days: 2 ## @param anchoreConfig.catalog.down_analyzer_task_requeue Allows fast re-queueing when image status is 'analyzing' on an analyzer that is no longer in the 'up' state ## down_analyzer_task_requeue: true