feat(clientServer): add support for extraVolumes in trivy-server by hichem-belhocine · Pull Request #2738 · aquasecurity/trivy-operator

hichem-belhocine · 2025-09-03T15:09:00Z

Refactors values.yaml to introduce two top-level keys:

trivy.server.extraVolumes.volumeMounts
trivy.server.extraVolumes.volumes

This allows mounting additional ConfigMaps or Secrets into the trivy-server Statefulset

Description

The server needs to get the vulnerability database from docker registry e.g., Artifactory which uses certs

Error:

Failed to verify certificates: x509: certificate signed by unknown authority

Solution

Mounting CAs as a volume solves the issue

Related issues

Close #XXX

Remove this section if you don't have related PRs.

Checklist

I've read the guidelines for contributing to this repository.
I've added tests that prove my fix is effective or that my feature works.
I've updated the documentation with the relevant information (if needed).
I've added usage information (if the PR introduces new options)
I've included a "before" and "after" example to the description (if the PR is a user interface change).

CLAassistant · 2025-09-03T15:09:07Z

All committers have signed the CLA.

afdesk · 2025-09-08T06:09:24Z

@hichem-belhocine thanks for your contribution!
could you fix the checks?

hichem-belhocine · 2025-09-08T10:39:52Z

could you fix the checks?

Done

thanks @afdesk

hichem-belhocine · 2025-09-08T13:51:48Z

@simar7 could you take a look at this PR when you have time?

afdesk · 2025-09-09T08:45:57Z

deploy/helm/values.yaml

    replicas: 1

+    # -- volumes set trivy-server volumes
+    extraVolumes:


@hichem-belhocine
what do you think if we add a server server for this block?
something like extraServerVolumes

it's OK for me, should i change it?

it would be nice. thanks

afdesk · 2025-09-09T08:46:32Z

@hichem-belhocine thanks!
this idea looks Ok for me.
left one small comment

afdesk · 2025-09-09T09:10:48Z

@hichem-belhocine
it seems you need to run mage generate:all

Refactors values.yaml to introduce two top-level keys: - trivy.server.extraVolumes.volumeMounts - trivy.server.extraVolumes.volumes This allows mounting additional ConfigMaps or Secrets into the trivy-server Statefulset

hichem-belhocine · 2025-09-09T11:05:18Z

@hichem-belhocine it seems you need to run mage generate:all

Done

afdesk

@hichem-belhocine thanks for your efforts!
LGTM!

@simar7 could you pls take a look too?

hichem-belhocine requested a review from simar7 as a code owner September 3, 2025 15:09

github-actions bot added the feature label Sep 3, 2025

hichem-belhocine force-pushed the server-extraVolume branch from eb1da37 to 4a535ed Compare September 8, 2025 10:32

afdesk reviewed Sep 9, 2025

View reviewed changes

hichem-belhocine force-pushed the server-extraVolume branch from 4a535ed to 8b05851 Compare September 9, 2025 09:16

feat(clientServer): add support for extraVolumes in trivy-server

daa7346

Refactors values.yaml to introduce two top-level keys: - trivy.server.extraVolumes.volumeMounts - trivy.server.extraVolumes.volumes This allows mounting additional ConfigMaps or Secrets into the trivy-server Statefulset

hichem-belhocine force-pushed the server-extraVolume branch from 8b05851 to daa7346 Compare September 9, 2025 09:59

afdesk approved these changes Sep 10, 2025

View reviewed changes

simar7 approved these changes Sep 10, 2025

View reviewed changes

simar7 merged commit 8049fc7 into aquasecurity:main Sep 10, 2025
9 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat(clientServer): add support for extraVolumes in trivy-server#2738

feat(clientServer): add support for extraVolumes in trivy-server#2738
simar7 merged 1 commit intoaquasecurity:mainfrom
hichem-belhocine:server-extraVolume

hichem-belhocine commented Sep 3, 2025 •

edited

Loading

Uh oh!

CLAassistant commented Sep 3, 2025 •

edited

Loading

Uh oh!

afdesk commented Sep 8, 2025

Uh oh!

hichem-belhocine commented Sep 8, 2025

Uh oh!

hichem-belhocine commented Sep 8, 2025

Uh oh!

afdesk Sep 9, 2025

Uh oh!

hichem-belhocine Sep 9, 2025

Uh oh!

afdesk Sep 9, 2025

Uh oh!

hichem-belhocine Sep 9, 2025

Uh oh!

afdesk commented Sep 9, 2025

Uh oh!

afdesk commented Sep 9, 2025

Uh oh!

hichem-belhocine commented Sep 9, 2025

Uh oh!

afdesk left a comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

Conversation

hichem-belhocine commented Sep 3, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Description

Related issues

Checklist

Uh oh!

CLAassistant commented Sep 3, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

afdesk commented Sep 8, 2025

Uh oh!

hichem-belhocine commented Sep 8, 2025

Uh oh!

hichem-belhocine commented Sep 8, 2025

Uh oh!

afdesk Sep 9, 2025

Choose a reason for hiding this comment

Uh oh!

hichem-belhocine Sep 9, 2025

Choose a reason for hiding this comment

Uh oh!

afdesk Sep 9, 2025

Choose a reason for hiding this comment

Uh oh!

hichem-belhocine Sep 9, 2025

Choose a reason for hiding this comment

Uh oh!

afdesk commented Sep 9, 2025

Uh oh!

afdesk commented Sep 9, 2025

Uh oh!

hichem-belhocine commented Sep 9, 2025

Uh oh!

afdesk left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

hichem-belhocine commented Sep 3, 2025 •

edited

Loading

CLAassistant commented Sep 3, 2025 •

edited

Loading