Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This pull request introduces several changes to the
kubescape-operator
Helm chart, primarily focusing on enhancing the security capabilities and updating configuration options. The key changes include adding conditional logic for secret access, updating resource permissions, and modifying configuration values.Enhancements to Security Capabilities:
clusterrole.yaml
andoperator/clusterrole.yaml
to conditionally includesecrets
in the resource list ifenableClusterWideSecretAccess
is enabled. [1] [2]NOTES.txt
to inform users when bothnodeSbomGeneration
andenableClusterWideSecretAccess
are disabled, limiting vulnerability scanning to public repositories only.Configuration Updates:
enableClusterWideSecretAccess
tovalues.yaml
with a default value oftrue
, allowing cluster-wide secret access for vulnerability scanning.Test Snapshots:
snapshot_test.yaml.snap
to reflect the changes in resource permissions, particularly the conditional inclusion ofsecrets
. [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12]Minor Text Corrections:
values.yaml
related to thehelmReleaseUpgrader
section. [1] [2]continuousScanning
section ofvalues.yaml
for better readability.