Skip to content

Commit

Permalink
release: prepare v0.19.4 (#1981)
Browse files Browse the repository at this point in the history
Signed-off-by: chenk <hen.keinan@gmail.com>
  • Loading branch information
chen-keinan authored Apr 4, 2024
1 parent a14724d commit 7782f3a
Show file tree
Hide file tree
Showing 25 changed files with 58 additions and 58 deletions.
2 changes: 1 addition & 1 deletion CONTRIBUTING.md
Original file line number Diff line number Diff line change
Expand Up @@ -351,7 +351,7 @@ kubectl apply -f https://github.com/operator-framework/operator-lifecycle-manage
or

```
curl -L https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.21.3/install.sh -o install.sh
curl -L https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.21.4/install.sh -o install.sh
chmod +x install.sh
./install.sh v0.20.0
```
Expand Down
4 changes: 2 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ Install the Helm Chart:
helm install trivy-operator aqua/trivy-operator \
--namespace trivy-system \
--create-namespace \
--version 0.21.3
--version 0.21.4
```

#### Option 2: Install from OCI registry (supported in Helm v3.8.0+)
Expand All @@ -78,7 +78,7 @@ Install the Helm Chart:
helm install trivy-operator oci://ghcr.io/aquasecurity/helm-charts/trivy-operator \
--namespace trivy-system \
--create-namespace \
--version 0.21.3
--version 0.21.4
```

This will install the Trivy Helm Chart into the `trivy-system` namespace and start triggering the scans.
Expand Down
10 changes: 5 additions & 5 deletions RELEASING.md
Original file line number Diff line number Diff line change
Expand Up @@ -46,17 +46,17 @@
5. Create an annotated git tag and push it to the `upstream`. This will trigger the [`.github/workflows/release.yaml`] workflow

```sh
git tag -v0.19.3 -m 'Release v0.19.3'
git push upstream v0.19.3
git tag -v0.19.4 -m 'Release v0.19.4'
git push upstream v0.19.4
```

6. Verify that the `release` workflow has built and published the following artifacts
1. Trivy-operator container images published to DockerHub
`docker.io/aquasec/trivy-operator:0.19.3`
`docker.io/aquasec/trivy-operator:0.19.4`
2. Trivy-operator container images published to Amazon ECR Public Gallery
`public.ecr.aws/aquasecurity/trivy-operator:0.19.3`
`public.ecr.aws/aquasecurity/trivy-operator:0.19.4`
3. Trivy-operator container images published to GitHub Container Registry
`ghcr.io/aquasecurity/trivy-operator:0.19.3`
`ghcr.io/aquasecurity/trivy-operator:0.19.4`

7. Submit trivy-operator Operator to OperatorHub and ArtifactHUB by opening the PR to the <https://github.com/k8s-operatorhub/community-operators> repository.

Expand Down
4 changes: 2 additions & 2 deletions deploy/helm/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,12 +6,12 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.21.3
version: 0.21.4

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
appVersion: 0.19.3
appVersion: 0.19.4

# kubeVersion: A SemVer range of compatible Kubernetes versions (optional)

Expand Down
2 changes: 1 addition & 1 deletion deploy/helm/README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# trivy-operator

![Version: 0.21.3](https://img.shields.io/badge/Version-0.21.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.19.3](https://img.shields.io/badge/AppVersion-0.19.3-informational?style=flat-square)
![Version: 0.21.4](https://img.shields.io/badge/Version-0.21.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.19.4](https://img.shields.io/badge/AppVersion-0.19.4-informational?style=flat-square)

Keeps security report resources updated

Expand Down
2 changes: 1 addition & 1 deletion deploy/helm/templates/specs/cis-1.23.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: 0.19.3
app.kubernetes.io/version: 0.19.4
app.kubernetes.io/managed-by: kubectl
spec:
cron: {{ .Values.compliance.cron | quote}}
Expand Down
2 changes: 1 addition & 1 deletion deploy/helm/templates/specs/nsa-1.0.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.3"
app.kubernetes.io/version: "0.19.4"
app.kubernetes.io/managed-by: kubectl
spec:
cron: {{ .Values.compliance.cron | quote }}
Expand Down
2 changes: 1 addition & 1 deletion deploy/helm/templates/specs/pss-baseline.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: 0.19.3
app.kubernetes.io/version: 0.19.4
app.kubernetes.io/managed-by: kubectl
spec:
cron: {{ .Values.compliance.cron | quote }}
Expand Down
2 changes: 1 addition & 1 deletion deploy/helm/templates/specs/pss-restricted.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: 0.19.3
app.kubernetes.io/version: 0.19.4
app.kubernetes.io/managed-by: kubectl
spec:
cron: {{ .Values.compliance.cron | quote }}
Expand Down
2 changes: 1 addition & 1 deletion deploy/static/namespace.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,5 +6,5 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.3"
app.kubernetes.io/version: "0.19.4"
app.kubernetes.io/managed-by: kubectl
38 changes: 19 additions & 19 deletions deploy/static/trivy-operator.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2864,7 +2864,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.3"
app.kubernetes.io/version: "0.19.4"
app.kubernetes.io/managed-by: kubectl
---
# Source: trivy-operator/templates/configmaps/operator.yaml
Expand All @@ -2876,7 +2876,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.3"
app.kubernetes.io/version: "0.19.4"
app.kubernetes.io/managed-by: kubectl
data:
nodeCollector.volumes: "[{\"hostPath\":{\"path\":\"/var/lib/etcd\"},\"name\":\"var-lib-etcd\"},{\"hostPath\":{\"path\":\"/var/lib/kubelet\"},\"name\":\"var-lib-kubelet\"},{\"hostPath\":{\"path\":\"/var/lib/kube-scheduler\"},\"name\":\"var-lib-kube-scheduler\"},{\"hostPath\":{\"path\":\"/var/lib/kube-controller-manager\"},\"name\":\"var-lib-kube-controller-manager\"},{\"hostPath\":{\"path\":\"/etc/systemd\"},\"name\":\"etc-systemd\"},{\"hostPath\":{\"path\":\"/lib/systemd\"},\"name\":\"lib-systemd\"},{\"hostPath\":{\"path\":\"/etc/kubernetes\"},\"name\":\"etc-kubernetes\"},{\"hostPath\":{\"path\":\"/etc/cni/net.d/\"},\"name\":\"etc-cni-netd\"}]"
Expand All @@ -2900,7 +2900,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.3"
app.kubernetes.io/version: "0.19.4"
app.kubernetes.io/managed-by: kubectl
data:
---
Expand All @@ -2913,7 +2913,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.3"
app.kubernetes.io/version: "0.19.4"
app.kubernetes.io/managed-by: kubectl
data:
OPERATOR_LOG_DEV_MODE: "false"
Expand Down Expand Up @@ -2965,7 +2965,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.3"
app.kubernetes.io/version: "0.19.4"
app.kubernetes.io/managed-by: kubectl
data:
trivy.repository: "ghcr.io/aquasecurity/trivy"
Expand Down Expand Up @@ -3001,7 +3001,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.3"
app.kubernetes.io/version: "0.19.4"
app.kubernetes.io/managed-by: kubectl
data:
---
Expand All @@ -3014,7 +3014,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.3"
app.kubernetes.io/version: "0.19.4"
app.kubernetes.io/managed-by: kubectl
data:
---
Expand All @@ -3027,7 +3027,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.3"
app.kubernetes.io/version: "0.19.4"
app.kubernetes.io/managed-by: kubectl
spec:
replicas: 1
Expand All @@ -3047,7 +3047,7 @@ spec:
automountServiceAccountToken: true
containers:
- name: "trivy-operator"
image: "ghcr.io/aquasecurity/trivy-operator:0.19.3"
image: "ghcr.io/aquasecurity/trivy-operator:0.19.4"
imagePullPolicy: IfNotPresent
env:
- name: OPERATOR_NAMESPACE
Expand Down Expand Up @@ -3108,7 +3108,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.3"
app.kubernetes.io/version: "0.19.4"
app.kubernetes.io/managed-by: kubectl
spec:
clusterIP: None
Expand Down Expand Up @@ -3500,7 +3500,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.3"
app.kubernetes.io/version: "0.19.4"
app.kubernetes.io/managed-by: kubectl
roleRef:
apiGroup: rbac.authorization.k8s.io
Expand All @@ -3521,7 +3521,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.3"
app.kubernetes.io/version: "0.19.4"
app.kubernetes.io/managed-by: kubectl
rules:
- apiGroups:
Expand All @@ -3548,7 +3548,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.3"
app.kubernetes.io/version: "0.19.4"
app.kubernetes.io/managed-by: kubectl
roleRef:
apiGroup: rbac.authorization.k8s.io
Expand All @@ -3568,7 +3568,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.3"
app.kubernetes.io/version: "0.19.4"
app.kubernetes.io/managed-by: kubectl
rules:
- apiGroups:
Expand Down Expand Up @@ -3598,7 +3598,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.3"
app.kubernetes.io/version: "0.19.4"
app.kubernetes.io/managed-by: kubectl
roleRef:
apiGroup: rbac.authorization.k8s.io
Expand All @@ -3618,7 +3618,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.3"
app.kubernetes.io/version: "0.19.4"
app.kubernetes.io/managed-by: kubectl
rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
Expand All @@ -3643,7 +3643,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.3"
app.kubernetes.io/version: "0.19.4"
app.kubernetes.io/managed-by: kubectl
rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
Expand All @@ -3668,7 +3668,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.3"
app.kubernetes.io/version: "0.19.4"
app.kubernetes.io/managed-by: kubectl
rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
Expand All @@ -3693,5 +3693,5 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.3"
app.kubernetes.io/version: "0.19.4"
app.kubernetes.io/managed-by: kubectl
2 changes: 1 addition & 1 deletion docs/docs/crds/clustercompliance-report.md
Original file line number Diff line number Diff line change
Expand Up @@ -1346,7 +1346,7 @@ status:
"app.kubernetes.io/instance": "trivy-operator",
"app.kubernetes.io/managed-by": "kubectl",
"app.kubernetes.io/name": "trivy-operator",
"app.kubernetes.io/version": "0.19.3"
"app.kubernetes.io/version": "0.19.4"
},
"name": "cis",
"resourceVersion": "8985",
Expand Down
2 changes: 1 addition & 1 deletion docs/docs/crds/configaudit-report.md
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ report:
scanner:
name: Trivy
vendor: Aqua Security
version: '0.19.3'
version: '0.19.4'
summary:
criticalCount: 2
highCount: 0
Expand Down
2 changes: 1 addition & 1 deletion docs/docs/crds/exposedsecret-report.md
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ metadata:
report:
artifact:
repository: myimagewithsecret
tag: v0.19.3
tag: v0.19.4
registry:
server: index.docker.io
scanner:
Expand Down
2 changes: 1 addition & 1 deletion docs/docs/crds/rbacassessment-report.md
Original file line number Diff line number Diff line change
Expand Up @@ -176,7 +176,7 @@ report:
scanner:
name: Trivy
vendor: Aqua Security
version: '0.19.3'
version: '0.19.4'
summary:
criticalCount: 1
highCount: 0
Expand Down
4 changes: 2 additions & 2 deletions docs/docs/design/caching_scan_results_by_repo_digest.md
Original file line number Diff line number Diff line change
Expand Up @@ -129,5 +129,5 @@ We can't use something like ownerReference since it would delete all vulnerabili
a gate.
* Both Trivy-Operator CLI and Trivy-Operator Operator can read and leverage ClusterVulnerabilityReports.

[Standalone]: https://aquasecurity.github.io/trivy-operator/v0.19.3/integrations/vulnerability-scanners/trivy/#standalone
[ClientServer]: https://aquasecurity.github.io/trivy-operator/v0.19.3/integrations/vulnerability-scanners/trivy/#clientserver
[Standalone]: https://aquasecurity.github.io/trivy-operator/v0.19.4/integrations/vulnerability-scanners/trivy/#standalone
[ClientServer]: https://aquasecurity.github.io/trivy-operator/v0.19.4/integrations/vulnerability-scanners/trivy/#clientserver
4 changes: 2 additions & 2 deletions docs/docs/design/design_compliance_report.md
Original file line number Diff line number Diff line change
Expand Up @@ -542,7 +542,7 @@ metadata:
name: clustercompliancereports.aquasecurity.github.io
labels:
app.kubernetes.io/managed-by: trivy-operator
app.kubernetes.io/version: "0.19.3"
app.kubernetes.io/version: "0.19.4"
spec:
group: aquasecurity.github.io
scope: Cluster
Expand Down Expand Up @@ -678,7 +678,7 @@ metadata:
name: clustercompliancedetailreports.aquasecurity.github.io
labels:
app.kubernetes.io/managed-by: trivy-operator
app.kubernetes.io/version: "0.19.3"
app.kubernetes.io/version: "0.19.4"
spec:
group: aquasecurity.github.io
versions:
Expand Down
4 changes: 2 additions & 2 deletions docs/docs/design/design_starboard_at_scale.excalidraw
Original file line number Diff line number Diff line change
Expand Up @@ -11835,7 +11835,7 @@
"versionNonce": 596868769,
"isDeleted": false,
"boundElementIds": null,
"text": "apiVersion: batch/v1\nkind: Job\nmetadata:\n name: scan-vulnerabilityreport-<workload hash>\n namespace: trivy-system\nspec:\n template:\n spec:\n containers:\n - name: nginx\n image: aquasec/trivy:0.19.3\n command: [\"trivy\", \"image\", \"nginx:1.16\"]\n restartPolicy: Never\n backoffLimit: 1",
"text": "apiVersion: batch/v1\nkind: Job\nmetadata:\n name: scan-vulnerabilityreport-<workload hash>\n namespace: trivy-system\nspec:\n template:\n spec:\n containers:\n - name: nginx\n image: aquasec/trivy:0.19.4\n command: [\"trivy\", \"image\", \"nginx:1.16\"]\n restartPolicy: Never\n backoffLimit: 1",
"fontSize": 20,
"fontFamily": 3,
"textAlign": "left",
Expand Down Expand Up @@ -11895,7 +11895,7 @@
"boundElementIds": [],
"fontSize": 20,
"fontFamily": 3,
"text": "apiVersion: v1\nkind: Pod\nmetadata:\n name: scan-vulnerabilityreport-<workload hash>-<pod-hash>\n namespace: trivy-system\nspec:\n containers:\n - name: nginx\n image: aquasec/trivy:0.19.3\n command: [\"trivy\", \"image\", \"nginx:1.16\"]\n",
"text": "apiVersion: v1\nkind: Pod\nmetadata:\n name: scan-vulnerabilityreport-<workload hash>-<pod-hash>\n namespace: trivy-system\nspec:\n containers:\n - name: nginx\n image: aquasec/trivy:0.19.4\n command: [\"trivy\", \"image\", \"nginx:1.16\"]\n",
"baseline": 259,
"textAlign": "left",
"verticalAlign": "top"
Expand Down
6 changes: 3 additions & 3 deletions docs/docs/design/design_trivy_file_system_scanner.md
Original file line number Diff line number Diff line change
Expand Up @@ -117,10 +117,10 @@ spec:
emptyDir: { }
initContainers:
# The trivy-get-binary init container is used to copy out the trivy executable
# binary from the upstream Trivy container image, i.e. aquasec/trivy:0.19.3,
# binary from the upstream Trivy container image, i.e. aquasec/trivy:0.19.4,
# to a shared emptyDir volume.
- name: trivy-get-binary
image: aquasec/trivy:0.19.3
image: aquasec/trivy:0.19.4
command:
- cp
- -v
Expand All @@ -135,7 +135,7 @@ spec:
# This won't be required once Trivy supports ClientServer mode
# for the fs subcommand.
- name: trivy-download-db
image: aquasec/trivy:0.19.3
image: aquasec/trivy:0.19.4
command:
- /var/trivy-operator/trivy
- --download-db-only
Expand Down
Loading

0 comments on commit 7782f3a

Please sign in to comment.