Added nodeSelector, affinity and tolerations to helm chart (#803)

ctolon22 · web-flow · commit 6b29bf1c7100 · 2021-01-11T16:33:35.000+02:00
* Added nodeSelector, affinity and tolerations to helm chart

* Updated helm README.md and bumped version
diff --git a/helm/trivy/Chart.yaml b/helm/trivy/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v2
 name: trivy
-version: 0.4.1
+version: 0.4.2
 appVersion: "0.15.0"
 description: Trivy helm chart
 keywords:
diff --git a/helm/trivy/README.md b/helm/trivy/README.md
@@ -63,6 +63,9 @@ The following table lists the configurable parameters of the Trivy chart and the
 | `httpProxy`                           | The URL of the HTTP proxy server                                        |     |
 | `httpsProxy`                          | The URL of the HTTPS proxy server                                       |     |
 | `noProxy`                             | The URLs that the proxy settings do not apply to                        |     |
+| `nodeSelector`                        | Node labels for pod assignment                                              |     |
+| `affinity`                        | Affinity settings for pod assignment                                              |     |
+| `tolerations`                        | Tolerations for pod assignment                                              |     |
 
 The above parameters map to the env variables defined in [trivy](https://github.com/aquasecurity/trivy#configuration).
 
diff --git a/helm/trivy/templates/statefulset.yaml b/helm/trivy/templates/statefulset.yaml
@@ -40,6 +40,18 @@ spec:
       imagePullSecrets:
         - name: {{ .Values.image.pullSecret }}
       {{- end }}
+      {{- if .Values.nodeSelector }}
+      nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 8 }}
+      {{- end }}
+      {{- if .Values.tolerations }}
+      tolerations:
+{{ toYaml .Values.tolerations | indent 8 }}
+      {{- end }}
+      {{- if .Values.affinity }}
+      affinity:
+{{ toYaml .Values.affinity | indent 8 }}
+      {{- end }}
       containers:
         - name: main
           image: {{ template "trivy.imageRef" . }}
diff --git a/helm/trivy/values.yaml b/helm/trivy/values.yaml
@@ -37,6 +37,18 @@ securityContext:
   privileged: false
   readOnlyRootFilesystem: true
 
+## Node labels for pod assignment
+## Ref: https://kubernetes.io/docs/user-guide/node-selection/
+nodeSelector: {}
+
+## Affinity settings for pod assignment
+## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+affinity: {}
+
+## Tolerations for pod assignment
+## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+tolerations: []
+
 trivy:
   # debugMode the flag to enable Trivy debug mode
   debugMode: false
