Release gohoarder 0.1.45

charts/gohoarder/Chart.yaml

@@ -2,8 +2,8 @@ apiVersion: v2
 name: gohoarder
 description: A universal package cache proxy supporting npm, PyPI, and Go modules with security scanning
 type: application
-version: 0.1.44
-appVersion: "0.1.44"
+version: 0.1.45
+appVersion: "0.1.45"
 keywords:
   - package-manager
   - cache

charts/gohoarder/templates/configmap.yaml

@@ -93,24 +93,30 @@ data:
         low: {{ .Values.security.blockThresholds.low }}
       scanners:
         trivy:
-          enabled: {{ .Values.security.scanners.trivy.enabled }}
+          # Disabled in server config (no trivy binary), enabled via env var in scanner pod
+          enabled: false
           timeout: {{ .Values.security.scanners.trivy.timeout | quote }}
           cache_db: {{ .Values.security.scanners.trivy.cacheDb | quote }}
         osv:
+          # API-based scanner - works in both server and scanner pods
           enabled: {{ .Values.security.scanners.osv.enabled }}
           api_url: {{ .Values.security.scanners.osv.apiUrl | quote }}
           timeout: {{ .Values.security.scanners.osv.timeout | quote }}
         grype:
-          enabled: {{ .Values.security.scanners.grype.enabled }}
+          # Disabled in server config (no grype binary), enabled via env var in scanner pod
+          enabled: false
           timeout: {{ .Values.security.scanners.grype.timeout | quote }}
         govulncheck:
-          enabled: {{ .Values.security.scanners.govulncheck.enabled }}
+          # Disabled in server config (no go/govulncheck binary), enabled via env var in scanner pod
+          enabled: false
           timeout: {{ .Values.security.scanners.govulncheck.timeout | quote }}
         npm_audit:
-          enabled: {{ .Values.security.scanners.npmAudit.enabled }}
+          # Disabled in server config (no npm binary), enabled via env var in scanner pod
+          enabled: false
           timeout: {{ .Values.security.scanners.npmAudit.timeout | quote }}
         pip_audit:
-          enabled: {{ .Values.security.scanners.pipAudit.enabled }}
+          # Disabled in server config (no pip binary), enabled via env var in scanner pod
+          enabled: false
           timeout: {{ .Values.security.scanners.pipAudit.timeout | quote }}
         ghsa:
           enabled: {{ .Values.security.scanners.ghsa.enabled }}

charts/gohoarder/templates/deployment-scanner.yaml

@@ -109,6 +109,17 @@ spec:
         env:
         - name: CONFIG_FILE
           value: /etc/gohoarder/config.yaml
+        # Enable tool-based scanners only in scanner pod (server doesn't have the tools)
+        - name: GOHOARDER_SECURITY_SCANNERS_TRIVY_ENABLED
+          value: "{{ .Values.security.scanners.trivy.enabled }}"
+        - name: GOHOARDER_SECURITY_SCANNERS_GRYPE_ENABLED
+          value: "{{ .Values.security.scanners.grype.enabled }}"
+        - name: GOHOARDER_SECURITY_SCANNERS_GOVULNCHECK_ENABLED
+          value: "{{ .Values.security.scanners.govulncheck.enabled }}"
+        - name: GOHOARDER_SECURITY_SCANNERS_NPM_AUDIT_ENABLED
+          value: "{{ .Values.security.scanners.npmAudit.enabled }}"
+        - name: GOHOARDER_SECURITY_SCANNERS_PIP_AUDIT_ENABLED
+          value: "{{ .Values.security.scanners.pipAudit.enabled }}"
         {{- if and (eq .Values.metadata.backend "postgresql") .Values.metadata.postgresql.existingSecret }}
         - name: POSTGRES_USER
           valueFrom:

charts/gohoarder/values.yaml

@@ -51,17 +51,17 @@ image:
   server:
     repository: ghcr.io/lukaszraczylo/gohoarder-server
     pullPolicy: IfNotPresent
-    tag: "0.1.44"
+    tag: "0.1.45"
 
   frontend:
     repository: ghcr.io/lukaszraczylo/gohoarder-frontend
     pullPolicy: IfNotPresent
-    tag: "0.1.44"
+    tag: "0.1.45"
 
   scanner:
     repository: ghcr.io/lukaszraczylo/gohoarder-scanner
     pullPolicy: IfNotPresent
-    tag: "0.1.44"
+    tag: "0.1.45"
 
 # Service Account
 serviceAccount:
@@ -358,7 +358,7 @@ migration:
   image:
     repository: ghcr.io/lukaszraczylo/gohoarder-migrate
     pullPolicy: IfNotPresent
-    tag: "0.1.44"
+    tag: "0.1.45"
 
   # Migration settings
   logLevel: "info"    # debug, info, warn, error

index.yaml

@@ -1,6 +1,33 @@
 apiVersion: v1
 entries:
   gohoarder:
+  - apiVersion: v2
+    appVersion: 0.1.45
+    created: "2026-01-04T03:34:21.196098251Z"
+    description: A universal package cache proxy supporting npm, PyPI, and Go modules
+      with security scanning
+    digest: 3dba76cb998854894a644332817ba8715ab72b5238487801288a2f3a09f19288
+    home: https://github.com/lukaszraczylo/gohoarder
+    icon: https://raw.githubusercontent.com/lukaszraczylo/gohoarder/main/docs/logo.png
+    keywords:
+    - package-manager
+    - cache
+    - proxy
+    - npm
+    - pypi
+    - go-modules
+    - security
+    - vulnerability-scanning
+    maintainers:
+    - email: lukasz@raczylo.com
+      name: Lukasz Raczylo
+    name: gohoarder
+    sources:
+    - https://github.com/lukaszraczylo/gohoarder
+    type: application
+    urls:
+    - https://github.com/lukaszraczylo/helm-charts/releases/download/gohoarder-0.1.45/gohoarder-0.1.45.tgz
+    version: 0.1.45
   - apiVersion: v2
     appVersion: 0.1.44
     created: "2026-01-04T03:03:47.509452165Z"
@@ -1921,4 +1948,4 @@ entries:
     urls:
     - https://github.com/lukaszraczylo/helm-charts/releases/download/kubemirror-0.2.8/kubemirror-0.2.8.tgz
     version: 0.2.8
-generated: "2026-01-04T03:03:47.507902688Z"
+generated: "2026-01-04T03:34:21.194498529Z"