From 7d1ae1a57e1203f3895f004df08531b8984b5abc Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Tue, 24 Mar 2026 16:58:33 -0700 Subject: [PATCH] Fix prowler image and IaC scan arguments Image scan: add https:// scheme to registry URL. IaC scan: use --scan-repository-url (Prowler clones the repo itself), removing the need for an init container. The flag is --scan-path for local dirs, --scan-repository-url for git. Co-Authored-By: Claude Opus 4.6 (1M context) --- .../manifests/prowler/cronjob-iac-scan.yaml | 22 ++----------------- argocd/manifests/prowler/kustomization.yaml | 2 -- 2 files changed, 2 insertions(+), 22 deletions(-) diff --git a/argocd/manifests/prowler/cronjob-iac-scan.yaml b/argocd/manifests/prowler/cronjob-iac-scan.yaml index 178399b..c2e2fac 100644 --- a/argocd/manifests/prowler/cronjob-iac-scan.yaml +++ b/argocd/manifests/prowler/cronjob-iac-scan.yaml @@ -15,26 +15,13 @@ spec: securityContext: seccompProfile: type: RuntimeDefault - initContainers: - - name: clone-repo - image: alpine/git:kustomized - command: - - git - - clone - - --depth - - "1" - - https://forge.ops.eblu.me/eblume/blumeops.git - - /repo - volumeMounts: - - name: repo - mountPath: /repo containers: - name: prowler image: registry.ops.eblu.me/blumeops/prowler:kustomized args: - iac - - --directory - - /repo + - --scan-repository-url + - https://forge.ops.eblu.me/eblume/blumeops.git - -z - --output-formats - html @@ -45,13 +32,8 @@ spec: volumeMounts: - name: reports mountPath: /reports - - name: repo - mountPath: /repo - readOnly: true restartPolicy: OnFailure volumes: - name: reports persistentVolumeClaim: claimName: prowler-reports - - name: repo - emptyDir: {} diff --git a/argocd/manifests/prowler/kustomization.yaml b/argocd/manifests/prowler/kustomization.yaml index 18d7d9e..b34b2c1 100644 --- a/argocd/manifests/prowler/kustomization.yaml +++ b/argocd/manifests/prowler/kustomization.yaml @@ -16,5 +16,3 @@ resources: images: - name: registry.ops.eblu.me/blumeops/prowler newTag: v5.22.0-6960243 - - name: alpine/git - newTag: v2.47.2