kyverno-reports-server

Helm chart

Last changed

Request a free trial

Contact our team to test out this Helm chart and related images for free. Please also indicate any other images you would like to evaluate.

Tag:

# -- Internal settings used with `helm template` to generate install manifest

# @ignored

templating:

enabled: false

postgresql:

image:

registry: docker.io

repository: bitnamilegacy/postgresql

tag: 16.1.0-debian-11-r22

digest: ""

# -- Deploy postgresql dependency chart

enabled: true

auth:

postgresPassword: reports

database: reportsdb

# -- Name override

nameOverride: ""

# -- Full name override

fullnameOverride: ""

# -- Number of pod replicas

replicaCount: 1

# -- Optional cluster name, used to easily identify database records when querying the database directly

clusterName: ""

image:

# -- Image registry

registry: chainreg.biz

# -- Image repository

repository: chainguard-private/kyverno-reports-server

# -- Image pull policy

pullPolicy: IfNotPresent

# -- Image tag (will default to app version if not set)

tag: latest@sha256:81f12fb2eb1c56115e80cda521a431f04d1128da629bd7c238a99cf868f5c0b3

# -- Image pull secrets

imagePullSecrets: []

# -- Priority class name

priorityClassName: system-cluster-critical

serviceAccount:

# -- Create service account

create: true

# -- Service account annotations

annotations: {}

# -- Service account name (required if `serviceAccount.create` is `false`)

name: ""

# -- Pod annotations

podAnnotations: {}

# -- Labels to add to resources managed by the chart

commonLabels: {}

# -- Pod security context

podSecurityContext:

fsGroup: 2000

# -- Provide additional environment variables to the pods. Map with the same format as kubernetes deployment spec's env.

podEnv: {}

# -- Container security context

# @default -- See [values.yaml](values.yaml)

securityContext:

capabilities:

drop:

- ALL

readOnlyRootFilesystem: true

runAsNonRoot: true

runAsUser: 1000

privileged: false

allowPrivilegeEscalation: false

seccompProfile:

type: RuntimeDefault

# -- Liveness probe

livenessProbe:

initialDelaySeconds: 20

failureThreshold: 10

periodSeconds: 10

httpGet:

path: /livez

port: https

scheme: HTTPS

# -- Readiness probe

readinessProbe:

initialDelaySeconds: 30

failureThreshold: 10

periodSeconds: 10

httpGet:

path: /readyz

port: https

scheme: HTTPS

metrics:

# -- Enable prometheus metrics

enabled: true

serviceMonitor:

# -- Enable service monitor for scraping prometheus metrics

enabled: false

# -- Service monitor additional labels

additionalLabels: {}

# -- Service monitor scrape interval

interval: ""

# -- Service monitor metric relabelings

metricRelabelings: []

# -- Service monitor relabelings

relabelings: []

# -- Service monitor scrape timeout

scrapeTimeout: ""

100

# We usually recommend not to specify default resources and to leave this as a conscious

101

# choice for the user. This also increases chances charts run on environments with little

102

# resources, such as Minikube. If you do want to specify resources, uncomment the following

103

# lines, adjust them as necessary, and remove the curly braces after 'resources:'.

104

resources:

105

# -- Container resource limits

106

limits:

107

# cpu: 100m

108

# memory: 128Mi

109

110

# -- Container resource requests

111

requests:

112

# cpu: 100m

113

# memory: 128Mi

114

autoscaling:

115

# -- Enable autoscaling

116

enabled: false

117

# -- Min number of replicas

118

minReplicas: 1

119

# -- Max number of replicas

120

maxReplicas: 100

121

# -- Target CPU utilisation

122

targetCPUUtilizationPercentage: 80

123

# -- Target Memory utilisation

124

targetMemoryUtilizationPercentage: ~

125

# -- Using a PDB is highly recommended for highly available deployments. Defaults to enabled. The default configuration doesn't prevent disruption when using a single replica

126

pdb:

127

# -- Enable PodDisruptionBudget

128

enabled: true

129

# -- minAvailable pods for PDB, cannot be used together with maxUnavailable

130

minAvailable: ~

131

# -- maxUnavailable pods for PDB, will take precedence over minAvailable if both are defined

132

maxUnavailable: 50%

133

# -- Node selector

134

nodeSelector: {}

135

# -- Tolerations

136

tolerations: []

137

# -- Affinity

138

affinity: {}

139

service:

140

# -- Service type

141

type: ClusterIP

142

# -- Service port

143

port: 443

144

config:

145

etcd:

146

enabled: false

147

endpoints: ~

148

insecure: true

149

db:

150

# -- If set, database connection information will be read from the Secret with this name. Overrides `db.host`, `db.name`, `db.user`, and `db.password`.

151

secretName: ""

152

# -- Database host

153

host: ""

154

# -- The database host will be read from this `key` in the specified Secret, when `db.secretName` is set.

155

hostSecretKeyName: "host"

156

# -- Database port

157

port: 5432

158

# -- The database port will be read from this `key` in the specified Secret, when `db.secretName` is set.

159

portSecretKeyName: "port"

160

# -- Database name

161

name: reportsdb

162

# -- The database name will be read from this `key` in the specified Secret, when `db.secretName` is set.

163

dbNameSecretKeyName: "dbname"

164

# -- Database user

165

user: postgres

166

# -- The database username will be read from this `key` in the specified Secret, when `db.secretName` is set.

167

userSecretKeyName: "username"

168

# -- Database password

169

password: reports

170

# -- The database password will be read from this `key` in the specified Secret, when `db.secretName` is set.

171

passwordSecretKeyName: "password"

172

# -- Database SSL

173

sslmode: disable

174

# -- Database SSL root cert

175

sslrootcert: ""

176

# -- Database SSL key

177

sslkey: ""

178

# -- Database SSL cert

179

sslcert: ""

180

apiServicesManagement:

181

# -- Create a helm hooks to delete api services on uninstall

182

enabled: true

183

# -- Install api services in manifest

184

installApiServices:

185

# -- Store reports in reports-server

186

enabled: true

187

# -- Store ephemeral reports in reports-server

188

installEphemeralReportsService: true

189

# -- Store open reports in reports-server

190

installOpenreportsService: true

191

image:

192

# -- (string) Image registry

193

registry: chainreg.biz

194

# -- Image repository

195

repository: chainguard-private/kubectl

196

# -- Image tag

197

# Defaults to `latest` if omitted

198

tag: latest@sha256:a18741a38ed25fc164fa8ca5bdd741726e5732a92de8f59cd1ad1f0d570b6d83

199

# -- (string) Image pull policy

200

# Defaults to image.pullPolicy if omitted

201

pullPolicy: ~

202

# -- Image pull secrets

203

imagePullSecrets: []

204

# -- Security context for the pod

205

podSecurityContext: {}

206

# -- Node labels for pod assignment

207

nodeSelector: {}

208

# -- List of node taints to tolerate

209

tolerations: []

210

# -- Pod anti affinity constraints.

211

podAntiAffinity: {}

212

# -- Pod affinity constraints.

213

podAffinity: {}

214

# -- Pod labels.

215

podLabels: {}

216

# -- Pod annotations.

217

podAnnotations: {}

218

# -- Node affinity constraints.

219

nodeAffinity: {}

220

# -- Security context for the hook containers

221

securityContext:

222

runAsUser: 65534

223

runAsGroup: 65534

224

runAsNonRoot: true

225

privileged: false

226

allowPrivilegeEscalation: false

227

readOnlyRootFilesystem: true

228

capabilities:

229

drop:

230

- ALL

231

seccompProfile:

232

type: RuntimeDefault

233

extraObjects: []

234

The trusted source for open source

Talk to an expert

Privacy

Terms

© 2026 Chainguard, Inc. All Rights Reserved.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.

kyverno-reports-server

The trusted source for open source

Product

Solutions

Customers

Resources

Company