From 765785cc7b7efc48c49d1c9d5118096ebe743bb9 Mon Sep 17 00:00:00 2001 From: Matheus Moraes Date: Wed, 6 Nov 2024 14:53:45 -0300 Subject: [PATCH] increase default trivy timeout value (#320) --- charts/zora/README.md | 2 +- charts/zora/values.yaml | 2 +- docs/plugins/trivy.md | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/charts/zora/README.md b/charts/zora/README.md index f9dd44d4..4b22d299 100644 --- a/charts/zora/README.md +++ b/charts/zora/README.md @@ -121,7 +121,7 @@ The following table lists the configurable parameters of the Zora chart and thei | scan.plugins.trivy.image.pullPolicy | string | `"Always"` | Image pull policy | | scan.plugins.trivy.env | list | `[]` | List of environment variables to set in trivy container. | | scan.plugins.trivy.envFrom | list | `[]` | List of sources to populate environment variables in trivy container. | -| scan.plugins.trivy.timeout | string | `"10m"` | Trivy timeout | +| scan.plugins.trivy.timeout | string | `"40m"` | Trivy timeout | | scan.plugins.trivy.insecure | bool | `false` | Allow insecure server connections for Trivy | | scan.plugins.trivy.fsGroup | int | `nil` | Trivy fsGroup. Should be greater than 0. | | scan.plugins.trivy.persistence.enabled | bool | `true` | Specifies whether Trivy vulnerabilities database should be persisted between the scans, using PersistentVolumeClaim | diff --git a/charts/zora/values.yaml b/charts/zora/values.yaml index 6a5cf90a..17fd5648 100644 --- a/charts/zora/values.yaml +++ b/charts/zora/values.yaml @@ -237,7 +237,7 @@ scan: # - secretRef: # name: trivy-credentials # -- Trivy timeout - timeout: 10m + timeout: 40m # -- Allow insecure server connections for Trivy insecure: false diff --git a/docs/plugins/trivy.md b/docs/plugins/trivy.md index c65ca6bb..6b8c10de 100644 --- a/docs/plugins/trivy.md +++ b/docs/plugins/trivy.md @@ -45,12 +45,12 @@ The `ClusterScan` will have a `Failed` status. You will see a log entry similar Trivy's scan duration may vary depending on the total images in your cluster and the time to download the vulnerability database when needed. -By default, Zora sets a timeout of **10 minutes** for Trivy scan completion. +By default, Zora sets a timeout of **40 minutes** for Trivy scan completion. To adjust this timeout, use the following Helm parameter: ```shell ---set scan.plugins.trivy.timeout=15m +--set scan.plugins.trivy.timeout=60m ``` Once this parameter is updated, the next scan will use the specified value.