diff --git a/README.md b/README.md index 6519227..c66ab5c 100644 --- a/README.md +++ b/README.md @@ -62,13 +62,17 @@ helm upgrade gdscan gdscan/gdscan -f values.yaml # Options -| Name | Description | Value | -| ------------------------------- | --------------------------------------------------------------------------------------------------------------------- | ------------------------ | -| `service.type` | service type | `ClusterIP` | -| `service.ports.api` | API service port | `8080` | -| `service.annotations` | service annotations | `{}` | -| `replicaCount` | number of pods | `1` | -| `autoscaling.enabled` | enable auto scaling | `false` | -| `autoscaling.maxReplicas` | maximum number of replicas | `20` | -| `autoscaling.metrics` | custom metrics for auto scaling | | -| `terminationGracePeriodSeconds` | max time in seconds for scans to complete | `30` | +| Name | Description | Value | +| ------------------------------- | -------------------------------------------------------------------------------- | ----------- | +| `service.type` | service type | `ClusterIP` | +| `service.ports.api` | API service port | `8080` | +| `service.annotations` | service annotations | `{}` | +| `replicaCount` | number of pods | `1` | +| `autoscaling.enabled` | enable auto scaling | `false` | +| `autoscaling.maxReplicas` | maximum number of replicas | `20` | +| `autoscaling.metrics` | custom metrics for auto scaling | | +| `terminationGracePeriodSeconds` | max time in seconds for scans to complete | `30` | +| `debug` | when activated the containers produce more verbose eg for analysing scan timings | `false` | +| `server.tempfolder.inmemory` | activates inmemory tempfolder | `false` | +| `client.tempfolder.inmemory` | activates inmemory tempfolder | `false` | + diff --git a/charts/gdscan/Chart.yaml b/charts/gdscan/Chart.yaml index 05713eb..b791abd 100644 --- a/charts/gdscan/Chart.yaml +++ b/charts/gdscan/Chart.yaml @@ -5,4 +5,4 @@ maintainers: - name: G DATA CyberDefense AG email: oem@gdata.de type: application -version: 1.9.0 +version: 1.9.1 diff --git a/charts/gdscan/templates/deployment.yaml b/charts/gdscan/templates/deployment.yaml index 65dd5c8..b45dffd 100644 --- a/charts/gdscan/templates/deployment.yaml +++ b/charts/gdscan/templates/deployment.yaml @@ -36,11 +36,31 @@ spec: {{- end }} {{- end }} - name: server-tmp + {{- if or (.Values.server.tempfolder.inmemory) (.Values.server.tempfolder.sizeLimit.enabled) }} + emptyDir: + {{- if .Values.server.tempfolder.sizeLimit.enabled }} + sizeLimit: {{ .Values.server.tempfolder.sizeLimit.size | quote }} + {{- end }} + {{- if .Values.server.tempfolder.inmemory }} + medium : "Memory" + {{- end }} + {{- else }} emptyDir: {} + {{- end }} - name: scan-socket emptyDir: {} - name: client-tmp + {{- if or (.Values.client.tempfolder.inmemory) (.Values.client.tempfolder.sizeLimit.enabled) }} + emptyDir: + {{- if .Values.client.tempfolder.sizeLimit.enabled }} + sizeLimit: {{ .Values.client.tempfolder.sizeLimit.size | quote }} + {{- end }} + {{- if .Values.client.tempfolder.inmemory }} + medium : "Memory" + {{- end }} + {{- else }} emptyDir: {} + {{- end }} - name: server-var-log emptyDir: {} {{- include "gdscan.imagePullSecrets" . | nindent 6 }} diff --git a/charts/gdscan/values.yaml b/charts/gdscan/values.yaml index dfd0512..62342eb 100644 --- a/charts/gdscan/values.yaml +++ b/charts/gdscan/values.yaml @@ -6,6 +6,11 @@ server: repository: ghcr.io/gdatasoftwareag/vaas/scanserver pullPolicy: Always tag: 1 + tempfolder: + inmemory: false + sizeLimit: + enabled: false + size: 1Gi containerSecurityContext: enabled: true readOnlyRootFilesystem: true @@ -19,6 +24,11 @@ server: runAsUser: 1001 client: name: client + tempfolder: + inmemory: false + sizeLimit: + enabled: false + size: 1Gi image: repository: ghcr.io/gdatasoftwareag/vaas/scanclient pullPolicy: Always