Releases: aquasecurity/trivy-operator
Releases · aquasecurity/trivy-operator
v0.19.1
Changelog
🐛 Notable Fixes 🐛
- 2aa20ed: fix: generate scan reports for individual completed containers when pod scan failed (#1917) (@chen-keinan)
- 5aaa7de: fix: load trivy-policies by config (#1928) (@chen-keinan)
- 72722f4: fix: node-collector respect pod requests/limits (#1927) (@chen-keinan)
- d62c500: fix: support affinity for scan jobs (#1915) (@maxbrunet)
📝 Documentation 📝
🔧 Miscellaneous 🔧
- 0582f70: chore: update ignore file values example (#1919) (@chen-keinan)
👷 Other work 👷
- 2b8bd60: build(deps): bump docker/login-action from 3.0.0 to 3.1.0 (#1926) (@dependabot[bot])
- b7248f2: build(deps): bump github.com/google/go-containerregistry (#1924) (@dependabot[bot])
- 0871dcd: build(deps): bump k8s.io/cli-runtime from 0.29.2 to 0.29.3 (#1922) (@dependabot[bot])
- 2ed26a2: feat: refactor integration tests folders structure (#1914) (@chen-keinan)
Contributors
chen-keinan, dependabot, and 2 other contributors
Assets 20
v0.19.0
Changelog
💔Breaking Change💔
sbom crd format has been changed following to latest cycloneDX format. execute the following before upgrade:
kubectl delete crd sbomreports.aquasecurity.github.io
kubectl delete crd clustersbomreports.aquasecurity.github.ioChangelog
✨ Notable Changes ✨
- f6b4e47: feat: Also publish chart to OCI registry (#1889) (@mkilchhofer)
- cce0c22: feat: Enable passing values for operator through custom ConfigMap and/or Secrets (#1849) (@flash-me)
- b05764c: feat: add extra labels for operator and server controllers in Helm chart (#1867) (@fhielpos)
- 488e4e3: feat: added configurable appProtocol to metrics service (#1871) (@seekermarcel)
- 3fb8e61: feat: opa exception support (#1845) (@chen-keinan)
- 3209448: feat: scan job secret ttl support (#1875) (@chen-keinan)
- 50b60fd: feat: ssl-cert dir support on init containers and built-in server (#1903) (@chen-keinan)
- b25e532: feat: trivy policies bundle support (#1897) (@chen-keinan)
🐛 Notable Fixes 🐛
- 048d77e: fix: access to private regional gcr (#1869) (@dnskr)
- 8cda161: fix: false positive cis kubeletMakeIptablesUtilChainsArgumentSet (#1858) (@chen-keinan)
👮 Security updates👮
- 83703a1: sec: fix CVE-2024-26147 (#1877) (@chen-keinan)
📝 Documentation 📝
- ba33abd: docs: Fix some links to other sections and websites (#1846) (@maltemorgenstern)
- 338ed27: docs: add documentation on how to install trivy-operator in a ns with default deny-all netpols (#1608) (@francRang)
- 867f42b: docs: remove unused badges (#1891) (@chen-keinan)
🔧 Miscellaneous 🔧
- 43f8555: chore: bump trivy-0.49.1 lib (#1859) (@chen-keinan)
👷 Other work 👷
- 9800cd2: build(deps): bump github.com/aws/aws-sdk-go from 1.50.10 to 1.50.21 (#1865) (@dependabot[bot])
- d899284: build(deps): bump github.com/aws/aws-sdk-go from 1.50.21 to 1.50.25 (#1884) (@dependabot[bot])
- 31413c4: build(deps): bump github.com/aws/aws-sdk-go from 1.50.25 to 1.50.30 (#1894) (@dependabot[bot])
- 5600921: build(deps): bump github.com/aws/aws-sdk-go from 1.50.30 to 1.50.35 (#1904) (@dependabot[bot])
- 6f4c351: build(deps): bump github.com/onsi/ginkgo/v2 from 2.15.0 to 2.16.0 (#1905) (@dependabot[bot])
- 6d08572: build(deps): bump github.com/prometheus/client_golang (#1893) (@dependabot[bot])
- 5070b31: build(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (#1892) (@dependabot[bot])
- be21684: build(deps): bump golang.org/x/net from 0.20.0 to 0.21.0 (#1854) (@dependabot[bot])
- bf14a9d: build(deps): bump golang.org/x/net from 0.21.0 to 0.22.0 (#1906) (@dependabot[bot])
- e502b1f: build(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 (#1852) (@dependabot[bot])
- ed2cac1: build(deps): bump helm/kind-action from 1.8.0 to 1.9.0 (#1851) (@dependabot[bot])
- 260612f: build(deps): bump jdcargile/ms-teams-notification from 1.3 to 1.4 (#1882) (@dependabot[bot])
- 508fb94: build(deps): bump k8s.io/apiextensions-apiserver from 0.29.1 to 0.29.2 (#1883) (@dependabot[bot])
- a5867ce: build(deps): bump k8s.io/apimachinery from 0.29.1 to 0.29.2 (#1864) (@dependabot[bot])
- 3e5d006: build(deps): bump k8s.io/cli-runtime from 0.29.1 to 0.29.2 (#1860) (@dependabot[bot])
- f957580: build(deps): bump sigs.k8s.io/controller-runtime from 0.17.0 to 0.17.2 (#1861) (@dependabot[bot])
Contributors
flash-me, mkilchhofer, and 7 other contributors
Assets 20
v0.19.0-rc
Changelog
✨ Notable Changes ✨
- f6b4e47: feat: Also publish chart to OCI registry (#1889) (@mkilchhofer)
- cce0c22: feat: Enable passing values for operator through custom ConfigMap and/or Secrets (#1849) (@flash-me)
- b05764c: feat: add extra labels for operator and server controllers in Helm chart (#1867) (@fhielpos)
- 488e4e3: feat: added configurable appProtocol to metrics service (#1871) (@seekermarcel)
- 3fb8e61: feat: opa exception support (#1845) (@chen-keinan)
- 3209448: feat: scan job secret ttl support (#1875) (@chen-keinan)
- 50b60fd: feat: ssl-cert dir support on init containers and built-in server (#1903) (@chen-keinan)
- b25e532: feat: trivy policies bundle support (#1897) (@chen-keinan)
🐛 Notable Fixes 🐛
- 048d77e: fix: access to private regional gcr (#1869) (@dnskr)
- 8cda161: fix: false positive cis kubeletMakeIptablesUtilChainsArgumentSet (#1858) (@chen-keinan)
👮 Security updates👮
- 83703a1: sec: fix CVE-2024-26147 (#1877) (@chen-keinan)
📝 Documentation 📝
- ba33abd: docs: Fix some links to other sections and websites (#1846) (@maltemorgenstern)
- 338ed27: docs: add documentation on how to install trivy-operator in a ns with default deny-all netpols (#1608) (@francRang)
- 867f42b: docs: remove unused badges (#1891) (@chen-keinan)
🔧 Miscellaneous 🔧
- 43f8555: chore: bump trivy-0.49.1 lib (#1859) (@chen-keinan)
👷 Other work 👷
- 9800cd2: build(deps): bump github.com/aws/aws-sdk-go from 1.50.10 to 1.50.21 (#1865) (@dependabot[bot])
- d899284: build(deps): bump github.com/aws/aws-sdk-go from 1.50.21 to 1.50.25 (#1884) (@dependabot[bot])
- 31413c4: build(deps): bump github.com/aws/aws-sdk-go from 1.50.25 to 1.50.30 (#1894) (@dependabot[bot])
- 5600921: build(deps): bump github.com/aws/aws-sdk-go from 1.50.30 to 1.50.35 (#1904) (@dependabot[bot])
- 6f4c351: build(deps): bump github.com/onsi/ginkgo/v2 from 2.15.0 to 2.16.0 (#1905) (@dependabot[bot])
- 6d08572: build(deps): bump github.com/prometheus/client_golang (#1893) (@dependabot[bot])
- 5070b31: build(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (#1892) (@dependabot[bot])
- be21684: build(deps): bump golang.org/x/net from 0.20.0 to 0.21.0 (#1854) (@dependabot[bot])
- bf14a9d: build(deps): bump golang.org/x/net from 0.21.0 to 0.22.0 (#1906) (@dependabot[bot])
- e502b1f: build(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 (#1852) (@dependabot[bot])
- ed2cac1: build(deps): bump helm/kind-action from 1.8.0 to 1.9.0 (#1851) (@dependabot[bot])
- 260612f: build(deps): bump jdcargile/ms-teams-notification from 1.3 to 1.4 (#1882) (@dependabot[bot])
- 508fb94: build(deps): bump k8s.io/apiextensions-apiserver from 0.29.1 to 0.29.2 (#1883) (@dependabot[bot])
- a5867ce: build(deps): bump k8s.io/apimachinery from 0.29.1 to 0.29.2 (#1864) (@dependabot[bot])
- 3e5d006: build(deps): bump k8s.io/cli-runtime from 0.29.1 to 0.29.2 (#1860) (@dependabot[bot])
- f957580: build(deps): bump sigs.k8s.io/controller-runtime from 0.17.0 to 0.17.2 (#1861) (@dependabot[bot])
Contributors
flash-me, mkilchhofer, and 7 other contributors
Assets 20
v0.18.5
Changelog
✨ Notable Changes ✨
🐛 Notable Fixes 🐛
- 896dc38: fix: updated remediation for compliance and config audit (#1841) (@chen-keinan)
📝 Documentation 📝
- ddca9a2: docs: Change broken link from defsec to trivy-policies (#1840) (@maltemorgenstern)
- d985b4a: docs: Fix some typos and markdown links (#1831) (@maltemorgenstern)
🔧 Miscellaneous 🔧
- 82433ce: chore: bump trivy v0.49.1 (#1842) (@chen-keinan)
- c7c17c6: chore: use light goreleaser (#1837) (@chen-keinan)
👷 Other work 👷
- 7217274: build(deps): bump codecov/codecov-action from 3 to 4 (#1832) (@dependabot[bot])
- 9801c5a: build(deps): bump github.com/aws/aws-sdk-go from 1.50.0 to 1.50.10 (#1830) (@dependabot[bot])
- 32bf0c4: build(deps): bump github.com/google/go-containerregistry (#1828) (@dependabot[bot])
- 435171e: build(deps): bump sigstore/cosign-installer from 3.3.0 to 3.4.0 (#1833) (@dependabot[bot])
Contributors
rndmh3ro, chen-keinan, and 2 other contributors
Assets 20
v0.18.4
Changelog
✨ Notable Changes ✨
- 0b66fb3: feat: added config for additional server annotations (#1821) (@seekermarcel)
- cad62d7: feat: config for insecure server registry connection (#1819) (@seekermarcel)
👮 Security updates👮
- 94e8d72: sec: fix runc and buildkit cves (#1825) (@chen-keinan)
🔧 Miscellaneous 🔧
- 29d14bf: chore: bump controller-runtime v0.17.0 (#1817) (@chen-keinan)
👷 Other work 👷
- 6005c26: Fix formatting in docs/tutorials/integrations/metrics.md (#1816) (@MPV)
- c44dcef: build(deps): bump aquaproj/aqua-installer from 2.2.0 to 2.3.0 (#1813) (@dependabot[bot])
- e7ef207: build(deps): bump github.com/google/go-containerregistry (#1809) (@dependabot[bot])
- 4bb64ac: build(deps): bump github.com/google/uuid from 1.5.0 to 1.6.0 (#1810) (@dependabot[bot])
- d4e60f0: build(deps): bump peter-evans/repository-dispatch from 2 to 3 (#1812) (@dependabot[bot])
- b9f0e7d: fix markdown url mistakes (#1824) (@bzd111)
Contributors
MPV, chen-keinan, and 3 other contributors
Assets 20
v0.18.3
Changelog
✨ Notable Changes ✨
🐛 Notable Fixes 🐛
- 259466a: fix: use correct items list struct for ClusterVulnerabilityReportList (#1793) (@fjogeleit)
- b4129fb: fix: use of node selector param (#1804) (@chen-keinan)
📝 Documentation 📝
- ad37348: docs: helm version (#1802) (@chen-keinan)
🔧 Miscellaneous 🔧
- 9815acd: chore: disable cluster cache (#1806) (@chen-keinan)
👷 Other work 👷
- 54e070e: Update private-registries.md (#1791) (@Utwo)
- d1ed59e: build(deps): bump github.com/aws/aws-sdk-go from 1.49.22 to 1.50.0 (#1797) (@dependabot[bot])
- 62a93cd: build(deps): bump github.com/onsi/gomega from 1.30.0 to 1.31.1 (#1794) (@dependabot[bot])
- c297784: build(deps): bump k8s.io/apiextensions-apiserver from 0.29.0 to 0.29.1 (#1795) (@dependabot[bot])
Contributors
Utwo, chen-keinan, and 3 other contributors
Assets 20
v0.18.2
Changelog
🐛 Notable Fixes 🐛
- fcd1d9b: fix: cluster version support (#1770) (@chen-keinan)
- 4360e8d: fix: use node-selector config (#1780) (@chen-keinan)
📝 Documentation 📝
🔧 Miscellaneous 🔧
- d7251a7: chore: bump trivy v0.48.2 (#1761) (@chen-keinan)
👷 Other work 👷
- f9fe007: build(deps): bump github.com/aquasecurity/trivy from 0.48.2 to 0.48.3 (#1771) (@dependabot[bot])
- 91e674f: build(deps): bump github.com/aws/aws-sdk-go from 1.49.21 to 1.49.22 (#1783) (@dependabot[bot])
- 118f945: build(deps): bump github.com/onsi/ginkgo/v2 from 2.13.2 to 2.15.0 (#1786) (@dependabot[bot])
- 162b501: build(deps): bump golang.org/x/net from 0.19.0 to 0.20.0 (#1774) (@dependabot[bot])
Contributors
chen-keinan, dferri, and dependabot
Assets 20
v0.18.1
Changelog
🐛 Notable Fixes 🐛
- 7ab16c7: fix: sbom duplicate vol name (#1748) (@chen-keinan)
- f30e861: fix: set audit config plugin trivy by default (#1746) (@chen-keinan)
👮 Security updates👮
- f79231b: sec: fix CVE GHSA-9763-4f94-gfch (#1759) (@chen-keinan)
👷 Other work 👷
- cebd1c0: Update trivy.yaml to support cve list (#1741) (@gerbil)
- 49a8be8: build(deps): bump github.com/aquasecurity/trivy from 0.48.1 to 0.48.2 (#1749) (@dependabot[bot])
- 8815129: build(deps): bump github.com/aws/aws-sdk-go from 1.49.13 to 1.49.16 (#1750) (@dependabot[bot])
Contributors
gerbil, chen-keinan, and dependabot
Assets 20
v0.18.0
Changelog
✨ Notable Changes ✨
- 1ecf6a0: feat: add dbRepositoryUsername and dbRepositoryPassword for dbReposit… (#1657) (@juergen-fast)
- 67e96c6: feat: ingress resource on config-scan support (#1726) (@chen-keinan)
- e058b99: feat: retrieve sbom specified sources from oci registries (#1732) (@chen-keinan)
- 3c3cd02: feat: kbom and k8s core component scan (#1646) (@chen-keinan)
- 53e6b0d: feat: trivy fs -include-dev-deps support (#1669) (@chen-keinan)
🐛 Notable Fixes 🐛
- 3f77e6b: fix: service monitor cause operator to crash (#1729) (@chen-keinan)
- 8278ead: fix: hang node collector node shutdown (#1714) (@chen-keinan)
- 3911b56: fix: kubelet checks via config resource (#1712) (@chen-keinan)
- b38cd49: fix: missing reports on via cluster sbom cache (#1713) (@chen-keinan)
- e4aba45: fix: remove duplicate entry in the CRDs list (#1684) (@BenjaminHerbert)
- 9fea2e7: fix: sbom secret size limit (#1683) (@chen-keinan)
🔧 Miscellaneous 🔧
- 42dfa7d: chore: trivy 0.48.1 dep update (#1715) (@chen-keinan)
👮 Security updates👮
- b82a141: sec: fix CVE-2023-49568 (#1723) (@chen-keinan)
👷 Other work 👷
- 99d02b1: build(deps): bump github.com/aws/aws-sdk-go from 1.49.9 to 1.49.13 (#1727) (@dependabot[bot])
- ee47e02: build(deps): bump github.com/prometheus/client_golang (#1728) (@dependabot[bot])
- 551ffee: Fix typo in nav (#1686) (@evankanderson)
- 5680146: build(deps): bump actions/setup-go from 4 to 5 (#1691) (@dependabot[bot])
- 44ea898: build(deps): bump actions/setup-python from 4.7.1 to 5.0.0 (#1690) (@dependabot[bot])
- 1df3205: build(deps): bump actions/stale from 8 to 9 (#1692) (@dependabot[bot])
- 3f44cec: build(deps): bump github.com/aws/aws-sdk-go from 1.48.11 to 1.48.16 (#1693) (@dependabot[bot])
- ade4a38: build(deps): bump github.com/aws/aws-sdk-go from 1.48.16 to 1.49.4 (#1705) (@dependabot[bot])
- 6e4690c: build(deps): bump github.com/aws/aws-sdk-go from 1.48.4 to 1.48.11 (#1672) (@dependabot[bot])
- 6c84b50: build(deps): bump github.com/aws/aws-sdk-go from 1.49.4 to 1.49.9 (#1719) (@dependabot[bot])
- 3e317db: build(deps): bump github.com/go-logr/logr from 1.3.0 to 1.4.1 (#1718) (@dependabot[bot])
- 592c5d4: build(deps): bump github.com/google/go-containerregistry (#1671) (@dependabot[bot])
- c11b4a5: build(deps): bump github.com/google/uuid from 1.4.0 to 1.5.0 (#1717) (@dependabot[bot])
- 945fec9: build(deps): bump github.com/onsi/ginkgo/v2 from 2.13.1 to 2.13.2 (#1674) (@dependabot[bot])
- d85e956: build(deps): bump golang.org/x/net from 0.18.0 to 0.19.0 (#1673) (@dependabot[bot])
- 1e6b951: build(deps): bump k8s.io/apiextensions-apiserver from 0.28.3 to 0.29.0 (#1716) (@dependabot[bot])
- d72e8c4: build(deps): bump k8s.io/cli-runtime from 0.28.4 to 0.29.0 (#1704) (@dependabot[bot])
- 952a187: build(deps): bump sigstore/cosign-installer from 3.2.0 to 3.3.0 (#1689) (@dependabot[bot])
Contributors
BenjaminHerbert, evankanderson, and 3 other contributors
Assets 20
v0.18.0-rc2
Changelog
✨ Notable Changes ✨
- 1ecf6a0: feat: add dbRepositoryUsername and dbRepositoryPassword for dbReposit… (#1657) (@juergen-fast)
- 67e96c6: feat: ingress resource on config-scan support (#1726) (@chen-keinan)
- e058b99: feat: retrieve sbom specified sources from oci registries (#1732) (@chen-keinan)
🐛 Notable Fixes 🐛
- 3f77e6b: fix: service monitor cause operator to crash (#1729) (@chen-keinan)
👮 Security updates👮
- b82a141: sec: fix CVE-2023-49568 (#1723) (@chen-keinan)
👷 Other work 👷
- 99d02b1: build(deps): bump github.com/aws/aws-sdk-go from 1.49.9 to 1.49.13 (#1727) (@dependabot[bot])
- ee47e02: build(deps): bump github.com/prometheus/client_golang (#1728) (@dependabot[bot])
Contributors
chen-keinan, juergen-fast, and dependabot