K3S-HOME/security
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

FIX(trivy): fix Trivy resource limits

Browse Source 
- Operator: add 512Mi memory limit
- Scan jobs: increase memory limit 500M -> 768Mi
- Reduce concurrent scan jobs 3 -> 2
This commit is contained in:
Mayne0213
2026-01-03 11:05:48 +09:00
parent c67b720ee4
commit bce1bdf12b
1 changed files with 11 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
trivy/helm-values.yaml
View File

@@ -9,9 +9,17 @@ excludeNamespaces: "kube-system,kube-public,kube-node-lease"
operator: operator:
replicas: 1 replicas: 1
# Operator 리소스
resources:
requests:
cpu: 10m
memory: 128Mi
limits:
memory: 512Mi # Prevent OOM
# 스캔 설정 # 스캔 설정
scanJobTimeout: 10m scanJobTimeout: 10m
scanJobsConcurrentLimit: 3 # 리소스 절약을 위해 동시 스캔 제한 scanJobsConcurrentLimit: 2 # Reduced from 3 to save resources
scannerReportTTL: "24h" scannerReportTTL: "24h"
# 스캐너 활성화 # 스캐너 활성화
@@ -50,10 +58,10 @@ trivy:
resources: resources:
requests: requests:
cpu: 50m cpu: 50m
memory: 100M memory: 128Mi
limits: limits:
# cpu: removed to prevent throttling # cpu: removed to prevent throttling
memory: 500M memory: 768Mi # Increased from 500M to prevent OOM during scans
# 스캔 작업 설정 # 스캔 작업 설정
trivyOperator: trivyOperator: