chore: support storageClassName for trivy-server statefulset

[MaxFedotov]

Description

Add support for storageClassName param for trivy-server statefulset

Related issues

• Close Helm Chart should allow specification of trivy server storage class #854

Remove this section if you don't have related PRs.

Checklist

• I've read the guidelines for contributing to this repository.
• I've added tests that prove my fix is effective or that my feature works.
• I've updated the documentation with the relevant information (if needed).
• I've added usage information (if the PR introduces new options)
• I've included a "before" and "after" example to the description (if the PR is a user interface change).

[CLAassistant]

All committers have signed the CLA.

[fengshunli]

LGTM

[chen-keinan]

@MaxFedotov thank you for the contribution. could you please update docs ( trivy and helm )

[fengshunli]

@MaxFedotov thank you for the contribution. could you please update docs ( trivy and helm )

I'll deal with it tomorrow @chen-keinan

[chen-keinan]

@MaxFedotov thank you for the contribution. could you please update docs ( trivy and helm )

I'll deal with it tomorrow @chen-keinan

It should be included as part of this PR @MaxFedotov

[MaxFedotov]

@chen-keinan ok, will add it.

@fengshunli i've also found out that trivy-server uses serviceAccountName: trivy-operator. But this service account is not created by helm. Is it ok if I will add it in the same PR?

[chen-keinan]

@chen-keinan ok, will add it.

@fengshunli i've also found out that trivy-server uses serviceAccountName: trivy-operator. But this service account is not created by helm. Is it ok if I will add it in the same PR?

@MaxFedotov the service accout is created in helm

[fengshunli]

Update the md, add a set parameter, and check it @MaxFedotov

[MaxFedotov]

@chen-keinan

but the thing is that its name is

trivy-operator/deploy/helm/templates/rbac.yaml

Line 6 in 705873e

name: {{ include "trivy-operator.serviceAccountName" . }}

which is generated as

trivy-operator/deploy/helm/templates/_helpers.tpl

Lines 56 to 65 in 44edfd6

	{{/*
	Create the name of the service account to use.
	*/}}
	{{- define "trivy-operator.serviceAccountName" -}}
	{{- if .Values.serviceAccount.create }}
	{{- default (include "trivy-operator.fullname" .) .Values.serviceAccount.name }}
	{{- else }}
	{{- default "default" .Values.serviceAccount.name }}
	{{- end }}
	{{- end }}

but in statefulset it is hardcoded as

trivy-operator/deploy/helm/templates/trivy-server.yaml

Line 58 in 705873e

serviceAccountName: trivy-operator

what I wanted to do is to set it to

trivy-operator/deploy/helm/templates/deployment.yaml

Line 27 in 705873e

serviceAccountName: {{ include "trivy-operator.serviceAccountName" . }}

the same way, as for operator deployment

[chen-keinan]

@MaxFedotov sound good, you can make it in same PR if you wish

[MaxFedotov]

@chen-keinan done

[MaxFedotov]

and one more thing I would like to add - support for nodeSelector for trivy-server

[fengshunli]

test

[fengshunli]

and one more thing I would like to add - support for nodeSelector for trivy-server

Will the affinity be better

[MaxFedotov]

That depends on the use-case :) we use nodeSelector to schedule pod on correct tenant nodes

[chen-keinan]

lgtm 🚀