fix acs policy + hpa

infrastructure/files/stackrox-configure-hook/configure.yaml

@@ -50,7 +50,7 @@
 
   - set_fact:
       cosign_public_key: '{{ cosign_secret.resources[0].data["cosign.pub"] | b64decode }}'
-  
+
   - name: Check if jmespath is available locally
     debug: msg={{ dummy|json_query('@') }}
     register: check_jmespath
@@ -185,7 +185,14 @@
         scope:
           - cluster:
             label:
-            namespace: dev
+              key: app
+              value: fruits
+            namespace: fruits-test
+          - cluster:
+            label:
+              key: app
+              value: fruits
+            namespace: fruits-prod
         severity: CRITICAL_SEVERITY
 
   - set_fact:

infrastructure/templates/acs.yaml

@@ -97,9 +97,7 @@ spec:
   scanner:
     analyzer:
       scaling:
-        autoScaling: Enabled
-        maxReplicas: 5
-        minReplicas: 2
+        autoScaling: Disabled
         replicas: 3
     scannerComponent: Enabled
 ---
@@ -287,3 +285,7 @@ spec:
         configMap:
           name: stackrox-configure-hook
           defaultMode: 0755
+---
+# TODO: 
+# - scale down the ACS operator
+# - patch the central route to Reencrypt