Skip to content

Commit

Permalink
release: prepare v0.19.1 (#1930)
Browse files Browse the repository at this point in the history
* release: prepare v0.19.1

Signed-off-by: chenk <hen.keinan@gmail.com>

* release: prepare v0.19.1

Signed-off-by: chenk <hen.keinan@gmail.com>

---------

Signed-off-by: chenk <hen.keinan@gmail.com>
  • Loading branch information
chen-keinan authored Mar 20, 2024
1 parent 5aaa7de commit f652926
Show file tree
Hide file tree
Showing 25 changed files with 54 additions and 54 deletions.
2 changes: 1 addition & 1 deletion CONTRIBUTING.md
Original file line number Diff line number Diff line change
Expand Up @@ -351,7 +351,7 @@ kubectl apply -f https://github.com/operator-framework/operator-lifecycle-manage
or

```
curl -L https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.21.0/install.sh -o install.sh
curl -L https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.21.1/install.sh -o install.sh
chmod +x install.sh
./install.sh v0.20.0
```
Expand Down
4 changes: 2 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ Install the Helm Chart:
helm install trivy-operator aqua/trivy-operator \
--namespace trivy-system \
--create-namespace \
--version 0.21.0
--version 0.21.1
```

#### Option 2: Install from OCI registry (supported in Helm v3.8.0+)
Expand All @@ -78,7 +78,7 @@ Install the Helm Chart:
helm install trivy-operator oci://ghcr.io/aquasecurity/helm-charts/trivy-operator \
--namespace trivy-system \
--create-namespace \
--version 0.21.0
--version 0.21.1
```

This will install the Trivy Helm Chart into the `trivy-system` namespace and start triggering the scans.
Expand Down
10 changes: 5 additions & 5 deletions RELEASING.md
Original file line number Diff line number Diff line change
Expand Up @@ -46,17 +46,17 @@
5. Create an annotated git tag and push it to the `upstream`. This will trigger the [`.github/workflows/release.yaml`] workflow

```sh
git tag -v0.19.0 -m 'Release v0.19.0'
git push upstream v0.19.0
git tag -v0.19.1 -m 'Release v0.19.1'
git push upstream v0.19.1
```

6. Verify that the `release` workflow has built and published the following artifacts
1. Trivy-operator container images published to DockerHub
`docker.io/aquasec/trivy-operator:0.19.0`
`docker.io/aquasec/trivy-operator:0.19.1`
2. Trivy-operator container images published to Amazon ECR Public Gallery
`public.ecr.aws/aquasecurity/trivy-operator:0.19.0`
`public.ecr.aws/aquasecurity/trivy-operator:0.19.1`
3. Trivy-operator container images published to GitHub Container Registry
`ghcr.io/aquasecurity/trivy-operator:0.19.0`
`ghcr.io/aquasecurity/trivy-operator:0.19.1`

7. Submit trivy-operator Operator to OperatorHub and ArtifactHUB by opening the PR to the <https://github.com/k8s-operatorhub/community-operators> repository.

Expand Down
4 changes: 2 additions & 2 deletions deploy/helm/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,12 +6,12 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.21.0
version: 0.21.1

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
appVersion: 0.19.0
appVersion: 0.19.1

# kubeVersion: A SemVer range of compatible Kubernetes versions (optional)

Expand Down
2 changes: 1 addition & 1 deletion deploy/helm/README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# trivy-operator

![Version: 0.21.0](https://img.shields.io/badge/Version-0.21.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.19.0](https://img.shields.io/badge/AppVersion-0.19.0-informational?style=flat-square)
![Version: 0.21.1](https://img.shields.io/badge/Version-0.21.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.19.1](https://img.shields.io/badge/AppVersion-0.19.1-informational?style=flat-square)

Keeps security report resources updated

Expand Down
4 changes: 2 additions & 2 deletions deploy/helm/templates/configmaps/trivy.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,7 @@ data:
{{- end }}
{{- if .Values.trivy.ignoreFile }}
trivy.ignoreFile: |
{{- range .Values.trivy.ignoreFile }}
{{- range .Values.trivy.ignoreFile }}
{{ . | indent 4 }}
{{- end }}
{{- end }}
Expand All @@ -95,7 +95,7 @@ data:
{{- else }}
trivy.mode: {{ .Values.trivy.mode | quote }}
{{- if eq .Values.trivy.mode "ClientServer" }}
trivy.serverURL: {{ required ".Values.trivy.serverURL is required" .Values.trivy.serverURL | quote }}
trivy.serverURL: {{ required ".Values.trivy.serverUrl is required" .Values.trivy.serverUrl | quote }}
{{- with .Values.trivy.clientServerSkipUpdate }}
trivy.clientServerSkipUpdate: {{ . | quote }}
{{- end }}
Expand Down
2 changes: 1 addition & 1 deletion deploy/helm/templates/specs/cis-1.23.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: 0.19.0
app.kubernetes.io/version: 0.19.1
app.kubernetes.io/managed-by: kubectl
spec:
cron: {{ .Values.compliance.cron | quote}}
Expand Down
2 changes: 1 addition & 1 deletion deploy/helm/templates/specs/nsa-1.0.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.0"
app.kubernetes.io/version: "0.19.1"
app.kubernetes.io/managed-by: kubectl
spec:
cron: {{ .Values.compliance.cron | quote }}
Expand Down
2 changes: 1 addition & 1 deletion deploy/helm/templates/specs/pss-baseline.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: 0.19.0
app.kubernetes.io/version: 0.19.1
app.kubernetes.io/managed-by: kubectl
spec:
cron: {{ .Values.compliance.cron | quote }}
Expand Down
2 changes: 1 addition & 1 deletion deploy/helm/templates/specs/pss-restricted.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: 0.19.0
app.kubernetes.io/version: 0.19.1
app.kubernetes.io/managed-by: kubectl
spec:
cron: {{ .Values.compliance.cron | quote }}
Expand Down
2 changes: 1 addition & 1 deletion deploy/static/namespace.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,5 +6,5 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.0"
app.kubernetes.io/version: "0.19.1"
app.kubernetes.io/managed-by: kubectl
38 changes: 19 additions & 19 deletions deploy/static/trivy-operator.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2864,7 +2864,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.0"
app.kubernetes.io/version: "0.19.1"
app.kubernetes.io/managed-by: kubectl
---
# Source: trivy-operator/templates/configmaps/operator.yaml
Expand All @@ -2876,7 +2876,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.0"
app.kubernetes.io/version: "0.19.1"
app.kubernetes.io/managed-by: kubectl
data:
nodeCollector.volumes: "[{\"hostPath\":{\"path\":\"/var/lib/etcd\"},\"name\":\"var-lib-etcd\"},{\"hostPath\":{\"path\":\"/var/lib/kubelet\"},\"name\":\"var-lib-kubelet\"},{\"hostPath\":{\"path\":\"/var/lib/kube-scheduler\"},\"name\":\"var-lib-kube-scheduler\"},{\"hostPath\":{\"path\":\"/var/lib/kube-controller-manager\"},\"name\":\"var-lib-kube-controller-manager\"},{\"hostPath\":{\"path\":\"/etc/systemd\"},\"name\":\"etc-systemd\"},{\"hostPath\":{\"path\":\"/lib/systemd\"},\"name\":\"lib-systemd\"},{\"hostPath\":{\"path\":\"/etc/kubernetes\"},\"name\":\"etc-kubernetes\"},{\"hostPath\":{\"path\":\"/etc/cni/net.d/\"},\"name\":\"etc-cni-netd\"}]"
Expand All @@ -2900,7 +2900,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.0"
app.kubernetes.io/version: "0.19.1"
app.kubernetes.io/managed-by: kubectl
data:
---
Expand All @@ -2913,7 +2913,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.0"
app.kubernetes.io/version: "0.19.1"
app.kubernetes.io/managed-by: kubectl
data:
OPERATOR_LOG_DEV_MODE: "false"
Expand Down Expand Up @@ -2965,7 +2965,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.0"
app.kubernetes.io/version: "0.19.1"
app.kubernetes.io/managed-by: kubectl
data:
trivy.repository: "ghcr.io/aquasecurity/trivy"
Expand Down Expand Up @@ -3001,7 +3001,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.0"
app.kubernetes.io/version: "0.19.1"
app.kubernetes.io/managed-by: kubectl
data:
---
Expand All @@ -3014,7 +3014,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.0"
app.kubernetes.io/version: "0.19.1"
app.kubernetes.io/managed-by: kubectl
data:
---
Expand All @@ -3027,7 +3027,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.0"
app.kubernetes.io/version: "0.19.1"
app.kubernetes.io/managed-by: kubectl
spec:
replicas: 1
Expand All @@ -3047,7 +3047,7 @@ spec:
automountServiceAccountToken: true
containers:
- name: "trivy-operator"
image: "ghcr.io/aquasecurity/trivy-operator:0.19.0"
image: "ghcr.io/aquasecurity/trivy-operator:0.19.1"
imagePullPolicy: IfNotPresent
env:
- name: OPERATOR_NAMESPACE
Expand Down Expand Up @@ -3108,7 +3108,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.0"
app.kubernetes.io/version: "0.19.1"
app.kubernetes.io/managed-by: kubectl
spec:

Expand Down Expand Up @@ -3501,7 +3501,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.0"
app.kubernetes.io/version: "0.19.1"
app.kubernetes.io/managed-by: kubectl
roleRef:
apiGroup: rbac.authorization.k8s.io
Expand All @@ -3522,7 +3522,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.0"
app.kubernetes.io/version: "0.19.1"
app.kubernetes.io/managed-by: kubectl
rules:
- apiGroups:
Expand All @@ -3549,7 +3549,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.0"
app.kubernetes.io/version: "0.19.1"
app.kubernetes.io/managed-by: kubectl
roleRef:
apiGroup: rbac.authorization.k8s.io
Expand All @@ -3569,7 +3569,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.0"
app.kubernetes.io/version: "0.19.1"
app.kubernetes.io/managed-by: kubectl
rules:
- apiGroups:
Expand Down Expand Up @@ -3599,7 +3599,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.0"
app.kubernetes.io/version: "0.19.1"
app.kubernetes.io/managed-by: kubectl
roleRef:
apiGroup: rbac.authorization.k8s.io
Expand All @@ -3619,7 +3619,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.0"
app.kubernetes.io/version: "0.19.1"
app.kubernetes.io/managed-by: kubectl
rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
Expand All @@ -3644,7 +3644,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.0"
app.kubernetes.io/version: "0.19.1"
app.kubernetes.io/managed-by: kubectl
rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
Expand All @@ -3669,7 +3669,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.0"
app.kubernetes.io/version: "0.19.1"
app.kubernetes.io/managed-by: kubectl
rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
Expand All @@ -3694,5 +3694,5 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.19.0"
app.kubernetes.io/version: "0.19.1"
app.kubernetes.io/managed-by: kubectl
2 changes: 1 addition & 1 deletion docs/docs/crds/clustercompliance-report.md
Original file line number Diff line number Diff line change
Expand Up @@ -1346,7 +1346,7 @@ status:
"app.kubernetes.io/instance": "trivy-operator",
"app.kubernetes.io/managed-by": "kubectl",
"app.kubernetes.io/name": "trivy-operator",
"app.kubernetes.io/version": "0.19.0"
"app.kubernetes.io/version": "0.19.1"
},
"name": "cis",
"resourceVersion": "8985",
Expand Down
2 changes: 1 addition & 1 deletion docs/docs/crds/configaudit-report.md
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ report:
scanner:
name: Trivy
vendor: Aqua Security
version: '0.19.0'
version: '0.19.1'
summary:
criticalCount: 2
highCount: 0
Expand Down
2 changes: 1 addition & 1 deletion docs/docs/crds/exposedsecret-report.md
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ metadata:
report:
artifact:
repository: myimagewithsecret
tag: v0.19.0
tag: v0.19.1
registry:
server: index.docker.io
scanner:
Expand Down
2 changes: 1 addition & 1 deletion docs/docs/crds/rbacassessment-report.md
Original file line number Diff line number Diff line change
Expand Up @@ -176,7 +176,7 @@ report:
scanner:
name: Trivy
vendor: Aqua Security
version: '0.19.0'
version: '0.19.1'
summary:
criticalCount: 1
highCount: 0
Expand Down
4 changes: 2 additions & 2 deletions docs/docs/design/caching_scan_results_by_repo_digest.md
Original file line number Diff line number Diff line change
Expand Up @@ -129,5 +129,5 @@ We can't use something like ownerReference since it would delete all vulnerabili
a gate.
* Both Trivy-Operator CLI and Trivy-Operator Operator can read and leverage ClusterVulnerabilityReports.

[Standalone]: https://aquasecurity.github.io/trivy-operator/v0.19.0/integrations/vulnerability-scanners/trivy/#standalone
[ClientServer]: https://aquasecurity.github.io/trivy-operator/v0.19.0/integrations/vulnerability-scanners/trivy/#clientserver
[Standalone]: https://aquasecurity.github.io/trivy-operator/v0.19.1/integrations/vulnerability-scanners/trivy/#standalone
[ClientServer]: https://aquasecurity.github.io/trivy-operator/v0.19.1/integrations/vulnerability-scanners/trivy/#clientserver
4 changes: 2 additions & 2 deletions docs/docs/design/design_compliance_report.md
Original file line number Diff line number Diff line change
Expand Up @@ -542,7 +542,7 @@ metadata:
name: clustercompliancereports.aquasecurity.github.io
labels:
app.kubernetes.io/managed-by: trivy-operator
app.kubernetes.io/version: "0.19.0"
app.kubernetes.io/version: "0.19.1"
spec:
group: aquasecurity.github.io
scope: Cluster
Expand Down Expand Up @@ -678,7 +678,7 @@ metadata:
name: clustercompliancedetailreports.aquasecurity.github.io
labels:
app.kubernetes.io/managed-by: trivy-operator
app.kubernetes.io/version: "0.19.0"
app.kubernetes.io/version: "0.19.1"
spec:
group: aquasecurity.github.io
versions:
Expand Down
4 changes: 2 additions & 2 deletions docs/docs/design/design_starboard_at_scale.excalidraw
Original file line number Diff line number Diff line change
Expand Up @@ -11835,7 +11835,7 @@
"versionNonce": 596868769,
"isDeleted": false,
"boundElementIds": null,
"text": "apiVersion: batch/v1\nkind: Job\nmetadata:\n name: scan-vulnerabilityreport-<workload hash>\n namespace: trivy-system\nspec:\n template:\n spec:\n containers:\n - name: nginx\n image: aquasec/trivy:0.19.0\n command: [\"trivy\", \"image\", \"nginx:1.16\"]\n restartPolicy: Never\n backoffLimit: 1",
"text": "apiVersion: batch/v1\nkind: Job\nmetadata:\n name: scan-vulnerabilityreport-<workload hash>\n namespace: trivy-system\nspec:\n template:\n spec:\n containers:\n - name: nginx\n image: aquasec/trivy:0.19.1\n command: [\"trivy\", \"image\", \"nginx:1.16\"]\n restartPolicy: Never\n backoffLimit: 1",
"fontSize": 20,
"fontFamily": 3,
"textAlign": "left",
Expand Down Expand Up @@ -11895,7 +11895,7 @@
"boundElementIds": [],
"fontSize": 20,
"fontFamily": 3,
"text": "apiVersion: v1\nkind: Pod\nmetadata:\n name: scan-vulnerabilityreport-<workload hash>-<pod-hash>\n namespace: trivy-system\nspec:\n containers:\n - name: nginx\n image: aquasec/trivy:0.19.0\n command: [\"trivy\", \"image\", \"nginx:1.16\"]\n",
"text": "apiVersion: v1\nkind: Pod\nmetadata:\n name: scan-vulnerabilityreport-<workload hash>-<pod-hash>\n namespace: trivy-system\nspec:\n containers:\n - name: nginx\n image: aquasec/trivy:0.19.1\n command: [\"trivy\", \"image\", \"nginx:1.16\"]\n",
"baseline": 259,
"textAlign": "left",
"verticalAlign": "top"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -219,6 +219,6 @@ With this approach trivy operator will not have to worry about managing(create/d
- As we will run scan job with service account of workload and if there are some very strict PSP defined in the cluster
then scan job will be blocked due to the PSP.

[ECR registry configuration]: https://aquasecurity.github.io/trivy-operator/v0.19.0/integrations/managed-registries/#amazon-elastic-container-registry-ecr
[ECR registry configuration]: https://aquasecurity.github.io/trivy-operator/v0.19.1/integrations/managed-registries/#amazon-elastic-container-registry-ecr
[IAM role to service account]: https://docs.aws.amazon.com/eks/latest/userguide/specify-service-account-role.html
[Trivy fs command]: https://github.com/aquasecurity/trivy-operator/blob/main/docs/design/design_trivy_file_system_scanner.md
2 changes: 1 addition & 1 deletion docs/docs/design/ttl_scans.md
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ metadata:
report:
artifact:
repository: fluxcd/source-controller
tag: v0.19.0
tag: v0.19.1
registry:
server: ghcr.io
scanner:
Expand Down
Loading

0 comments on commit f652926

Please sign in to comment.