Skip to content

Commit

Permalink
avoid updating scans schedule on helm upgrades when schedules are not…
Browse files Browse the repository at this point in the history 
… explicitly set (#251)
  • Loading branch information
@matheusfm
matheusfm authored Mar 22, 2024
1 parent 87d25b1 commit d415673
Showing 1 changed file with 14 additions and 3 deletions.
17 changes: 14 additions & 3 deletions charts/zora/templates/clusterscan/clusterscan.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,12 +30,17 @@ metadata:
labels:
zora.undistro.io/default: "true"
{{- include "zora.labels" . | nindent 4 }}
name: {{ include "truncate.name" (dict "name" (printf "%s-misconfig" (include "zora.clusterName" .)) "len" 63 ) }}

{{- $misconfigScanName := include "truncate.name" (dict "name" (printf "%s-misconfig" (include "zora.clusterName" .)) "len" 63 ) }}
name: {{ $misconfigScanName }}
spec:
clusterRef:
name: {{ include "zora.clusterName" . }}
{{- $currentMisconfigScan := (lookup "zora.undistro.io/v1alpha1" "ClusterScan" .Release.Namespace $misconfigScanName) }}
{{- if and $currentMisconfigScan (not .Values.scan.misconfiguration.schedule) }}
schedule: {{ $currentMisconfigScan.spec.schedule | quote }}
{{- else }}
schedule: {{ include "zora.misconfigSchedule" . | quote }}
{{- end }}
successfulScansHistoryLimit: {{ .Values.scan.misconfiguration.successfulScansHistoryLimit }}
{{- if .Values.scan.misconfiguration.plugins }}
plugins:
Expand All @@ -52,11 +57,17 @@ metadata:
labels:
zora.undistro.io/default: "true"
{{- include "zora.labels" . | nindent 4 }}
name: {{ include "truncate.name" (dict "name" (printf "%s-vuln" (include "zora.clusterName" .)) "len" 63 ) }}
{{- $vulnScanName := include "truncate.name" (dict "name" (printf "%s-vuln" (include "zora.clusterName" .)) "len" 63 ) }}
name: {{ $vulnScanName }}
spec:
clusterRef:
name: {{ include "zora.clusterName" . }}
{{- $currentVulnScan := (lookup "zora.undistro.io/v1alpha1" "ClusterScan" .Release.Namespace $vulnScanName) }}
{{- if and $currentVulnScan (not .Values.scan.vulnerability.schedule) }}
schedule: {{ $currentVulnScan.spec.schedule | quote }}
{{- else }}
schedule: {{ include "zora.vulnSchedule" . | quote }}
{{- end }}
successfulScansHistoryLimit: {{ .Values.scan.vulnerability.successfulScansHistoryLimit }}
{{- if .Values.scan.vulnerability.plugins }}
plugins:
Expand Down

0 comments on commit d415673

Please sign in to comment.