Checkov

.github/workflows/checkov.yaml

@@ -0,0 +1,19 @@
+on: [push]
+jobs:
+  checkov-job:
+    runs-on: ubuntu-latest
+    name: checkov-action
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@master
+
+      - name: Run Checkov action
+        id: checkov
+        uses: bridgecrewio/checkov-action@master
+        with:
+          directory: charts/directus
+          quiet: false # optional: display only failed checks
+          soft_fail: true # optional: do not return an error code if there are failed checks
+          framework: helm # optional: run only on a specific infrastructure {cloudformation,terraform,kubernetes,all}
+          output_format: sarif # optional: the output format, one of: cli, json, junitxml, github_failed_only, or sarif. Default: sarif
+

charts/directus/Chart.yaml

@@ -25,10 +25,10 @@ appVersion: "9.5.1"
 
 dependencies:
 - name: mariadb
-  version: "9.3.13"
-  repository: "https://charts.bitnami.com/bitnami"
+  version: "12.2.4"
+  repository: "oci://registry-1.docker.io/bitnamicharts"
   condition: mariadb.enabled
 - name: redis
-  version: "14.3.2"
-  repository: "https://charts.bitnami.com/bitnami"
+  version: "17.11.3"
+  repository: "oci://registry-1.docker.io/bitnamicharts"
   condition: redis.enabled

charts/directus/values.yaml

@@ -5,7 +5,7 @@
 replicaCount: 1
 
 image:
-  repository: directus/directus
+  repository: directus/directus 
   pullPolicy: IfNotPresent
   # Overrides the image tag whose default is the chart appVersion.
   tag: "9.5.1"
@@ -50,11 +50,8 @@ ingress:
       paths:
       - path: /
         backend:
-          service:
-            name: chart-example.local
-            port:
-              number: 80
-        pathType: ImplementationSpecific
+          serviceName: chart-example.local
+          servicePort: 80
   tls: []
   #  - secretName: chart-example-tls
   #    hosts:
@@ -260,7 +257,8 @@ mariadb:
     ## updateStrategy for Mariadb Primary statefulset
     ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
     ##
-    updateStrategy: RollingUpdate
+    updateStrategy:
+      type: RollingUpdate
 
     ## Partition update strategy for Mariadb Primary statefulset
     ## https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#partitions
@@ -556,7 +554,8 @@ mariadb:
     ## updateStrategy for Mariadb Secondary statefulset
     ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
     ##
-    updateStrategy: RollingUpdate
+    updateStrategy:
+      type: RollingUpdate
 
     ## Partition update strategy for Mariadb Secondary statefulset
     ## https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#partitions
@@ -963,7 +962,7 @@ mariadb:
 
   ## Array with extra yaml to deploy with the chart. Evaluated as a template
   ##
-  extraDeploy: []
+  extraDeploy: [] 
 
 redis:
   enabled: true
@@ -1292,7 +1291,7 @@ redis:
     ##       - name: portname
     ##         containerPort: 1234
     ##
-    sidecars: {}
+    sidecars: []
     ## @param master.initContainers Add additional init containers to the Redis(TM) master pod(s)
     ## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
     ## e.g:
@@ -1302,7 +1301,7 @@ redis:
     ##    imagePullPolicy: Always
     ##    command: ['sh', '-c', 'echo "hello world"']
     ##
-    initContainers: {}
+    initContainers: []
     ## Persistence parameters
     ## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
     ##
@@ -1592,7 +1591,7 @@ redis:
     ##       - name: portname
     ##         containerPort: 1234
     ##
-    sidecars: {}
+    sidecars: []
     ## @param replica.initContainers Add additional init containers to the Redis(TM) replicas pod(s)
     ## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
     ## e.g:
@@ -1602,7 +1601,7 @@ redis:
     ##    imagePullPolicy: Always
     ##    command: ['sh', '-c', 'echo "hello world"']
     ##
-    initContainers: {}
+    initContainers: []
     ## Persistence Parameters
     ## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
     ##