Update module github.com/aquasecurity/trivy-operator to v0.17.1 - autoclosed #240
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v0.13.2
->v0.17.1
Release Notes
aquasecurity/trivy-operator (github.com/aquasecurity/trivy-operator)
v0.17.1
Compare Source
Changelog
🐛 Notable Fixes 🐛
afeaf27
: fix: scan job fail nil pointer (#1664) (@chen-keinan)👷 Other work 👷
5e961fe
: build(deps): bump github.com/aws/aws-sdk-go from 1.48.0 to 1.48.4 (#1661) (@dependabot[bot])v0.17.0
Compare Source
Changelog
✨ Notable Changes ✨
4c18826
: feat: Add OS information to Vuln Reports and add optional image info metrics (#1643) (@cnwaldron)f93a61d
: feat: Add clusterCompliance_info metrics (#1333) (@geoffrey1330)80dd3a8
: feat: Flag for changing default cache-dir parameter (#1604) (@ahalay)e746309
: feat: cache sbom by image ref (#1606) (@chen-keinan)b52065d
: feat: expose trivy.skipFiles in helm values (#1622) (@andrew-gropyus)🐛 Notable Fixes 🐛
b8ae23a
: fix: ensure trivy cm default (#1652) (@chen-keinan)95aa101
: fix: remove node selector (#1644) (@chen-keinan)👮 Security updates👮
567bc7d
: sec: bump node-collector v0.0.9 fix node-collector CVE-2023-39325 (#1637) (@chen-keinan)📝 Documentation 📝
54e6c90
: docs: fix chart version (#1634) (@AP-XD)2df7401
: docs: helm install (#1625) (@chen-keinan)013b1d4
: docs: modify README and docs landing page to reflect the same content (#1642) (@AnaisUrlichs)🔧 Miscellaneous 🔧
295c9dd
: chore: add condition for docs publish (#1654) (@chen-keinan)957f05a
: chore: bump chart testing (#1605) (@chen-keinan)86aacdf
: chore: bump go version (#1602) (@chen-keinan)3902dc5
: chore: bump trivy 0.47.0 (#1632) (@chen-keinan)👷 Other work 👷
9dbe998
: Added AWS_REGION env for ECR images in the ClientServer mode (#1613) (@trublast)50a257b
: Fix chart version (#1633) (@AP-XD)95a7f1f
: Handle trivy insecure database in ClientServer mode (#1623) (@miecio45)8d2bc92
: Update olm.md (#1640) (@titansmc)38c2c5e
: build(deps): bump aquaproj/aqua-installer from 2.1.2 to 2.1.3 (#1617) (@dependabot[bot])93e3824
: build(deps): bump aquaproj/aqua-installer from 2.1.3 to 2.2.0 (#1627) (@dependabot[bot])089856b
: build(deps): bump github.com/aquasecurity/trivy from 0.46.1 to 0.47.0 (#1615) (@dependabot[bot])b1f432a
: build(deps): bump github.com/aws/aws-sdk-go from 1.46.6 to 1.47.9 (#1631) (@dependabot[bot])01950f5
: build(deps): bump github.com/aws/aws-sdk-go from 1.47.9 to 1.48.0 (#1647) (@dependabot[bot])a9573a6
: build(deps): bump github.com/onsi/ginkgo/v2 from 2.13.0 to 2.13.1 (#1628) (@dependabot[bot])9d61589
: build(deps): bump github.com/onsi/gomega from 1.29.0 to 1.30.0 (#1629) (@dependabot[bot])e99ff79
: build(deps): bump golang.org/x/net from 0.17.0 to 0.18.0 (#1630) (@dependabot[bot])f499e17
: build(deps): bump golang.org/x/text from 0.13.0 to 0.14.0 (#1614) (@dependabot[bot])8217e07
: build(deps): bump helm/chart-testing-action from 2.6.0 to 2.6.1 (#1616) (@dependabot[bot])8bf6ecc
: build(deps): bump k8s.io/cli-runtime from 0.28.3 to 0.28.4 (#1651) (@dependabot[bot])7afc6e2
: build(deps): bump sigstore/cosign-installer from 3.1.2 to 3.2.0 (#1626) (@dependabot[bot])b33d2ce
: make small changes to the docs introduction (#1641) (@AnaisUrlichs)0893487
: refactor: refactor scan-job command and args (#1638) (@chen-keinan)293d94b
: refactor: scan-job reports (#1639) (@chen-keinan)v0.16.4
Compare Source
Changelog
🐛 Notable Fixes 🐛
11b01fd
: fix(helm): add custom policies config (#1576) (@witalisoft)477a753
: fix: add trivy-timeout on scan fs mode (#1591) (@chen-keinan)👮 Security updates👮
289c808
: sec: security issue GHSA-m425-mq94-257g (#1597) (@chen-keinan)🔧 Miscellaneous 🔧
f9566cb
: chore: release change log (#1582) (@chen-keinan)👷 Other work 👷
1f70670
: build(deps): bump github.com/onsi/gomega from 1.28.0 to 1.28.1 (#1588) (@dependabot[bot])572c70c
: build(deps): bump k8s.io/cli-runtime from 0.28.2 to 0.28.3 (#1589) (@dependabot[bot])3343cac
: build(deps): bump sigs.k8s.io/controller-runtime from 0.16.2 to 0.16.3 (#1587) (@dependabot[bot])ca3d4bc
: change command value fs to filesystem in private-registries.md (#1583) (@Strigix)71b68df
: refactor: break plugin pod spec builder (#1594) (@chen-keinan)425cc52
: refactor: break plugin pod spec builder (#1595) (@chen-keinan)v0.16.3
Compare Source
Changelog
🐛 Notable Fixes 🐛
0cb38ec
: fix: vuln-id metric broken (#1579) (@chen-keinan)📝 Documentation 📝
7efb5fe
: docs: update release process (#1572) (@chen-keinan)🔧 Miscellaneous 🔧
808b3ed
: chore: remove workflow cache (#1570) (@chen-keinan)👷 Other work 👷
d4139cf
: build(deps): bump golang.org/x/net from 0.16.0 to 0.17.0 (#1567) (@dependabot[bot])v0.16.2
Compare Source
Changelog
b6c6da5
Implement global values for image.registry (#1532)9eac6dc
build(deps): bump actions/setup-python from 4.7.0 to 4.7.1 (#1540)7dbdbdf
build(deps): bump github.com/aquasecurity/defsec from 0.92.0 to 0.93.0 (#1536)dca37c9
build(deps): bump github.com/aquasecurity/defsec from 0.93.0 to 0.93.1 (#1559)7617869
build(deps): bump github.com/onsi/ginkgo/v2 from 2.12.1 to 2.13.0 (#1558)b67a49d
build(deps): bump github.com/onsi/gomega from 1.27.10 to 1.28.0 (#1538)137b5b6
build(deps): bump github.com/prometheus/client_golang (#1537)019b367
build(deps): bump golang.org/x/net from 0.15.0 to 0.16.0 (#1557)29a66f9
chore/title-checker-update (#1547)aa1ec41
chore: add automatic release (#1555)6369680
chore: add automatic release-lint (#1556)a22b870
chore: add workflow deps (#1551)65effc7
chore: add-title-checker (#1545)d3054fa
chore: bump trivy 0.45.1 (#1535)901b19e
chore: helm docs verify (#1563)ae1c380
chore: label pr by prefix update (#1550)c5f7a5f
chore: label pr by title (#1548)de8aef9
chore: merge labal tasks (#1554)855fc44
chore: private-registries action (#1546)4d2f220
chore: separate build workflow (#1566)abb0888
ci: pr title validate (#1568)9e635c1
feat(manifests): add metrics component for static installation (#1553)c31448c
feat: node-collector resources config (#1565)781e5e4
feat: trivy image pull policy support (#1542)3973a4d
feature: make headless service configurable (#1562)1f9ba50
fix(doc): update link to the configuration page in kubectl page (#1552)a015b3e
fix: avoid keeping sbom historical reports (#1549)f7f36b7
fix: create every vulnerability metric occurrence (#1539)9b059b1
fix: node collector priority class (#1544)b6ffd46
fix: trivy-server no-proxy setting (#1543)v0.16.1
Compare Source
Changelog
4c17f19
Chore/fix magefile running test (#1492)7e51e1f
Fixed issues with json key in trivy operator (#1404)0fc8320
build(deps): bump docker/login-action from 2.2.0 to 3.0.0 (#1523)9051d8f
build(deps): bump docker/setup-buildx-action from 2 to 3 (#1522)9fe407b
build(deps): bump docker/setup-qemu-action from 2 to 3 (#1520)a370cc5
build(deps): bump github.com/google/uuid from 1.3.0 to 1.3.1 (#1484)be3a0ed
build(deps): bump github.com/onsi/ginkgo/v2 from 2.12.0 to 2.12.1 (#1529)a104c60
build(deps): bump golang.org/x/net from 0.14.0 to 0.15.0 (#1491)4a19ee6
build(deps): bump golang.org/x/text from 0.12.0 to 0.13.0 (#1483)f60993c
build(deps): bump goreleaser/goreleaser-action from 4 to 5 (#1521)547d4ce
build(deps): bump k8s.io/apimachinery from 0.28.1 to 0.28.2 (#1511)b55b392
build(deps): bump k8s.io/cli-runtime from 0.28.1 to 0.28.2 (#1512)9ea923c
build(deps): bump peter-evans/repository-dispatch from 1 to 2 (#1506)fd84765
build(deps): bump sigs.k8s.io/controller-runtime from 0.16.1 to 0.16.2 (#1507)c456031
build(deps): bump sigstore/cosign-installer from 3.1.1 to 3.1.2 (#1480)dd840d9
chore: action latest tag (#1489)82345e5
chore: action latest tag (#1490)146e696
chore: alpine vulnerabilities (#1500)81d1c12
chore: bump chore/checkout-action v4 (#1495)50e84a6
chore: bump controller-runtime-0.16.1 (#1505)9a0112f
chore: bump node collector 0.8.0 (#1502)8573575
chore: bump trivy-0.45.0 (#1494)4ebc3ae
chore: clean cache (#1498)2246081
chore: clean cache tools (#1496)655ede7
chore: clean cache tools-revert (#1497)9354a82
chore: clean release cache (#1499)6b9a3b6
chore: magefile cleanup (#1493)4a65d7c
chore: remove cache release (#1526)47a03a9
chore: remove cache release (#1530)4f3a75a
chore: split helm chart template files (#1515)d2f3538
feat: use TRIVY_SKIP_DB_UPDATE env variable (#1474)8eaef68
fix: disable compressed logs break trivy command (#1516)v0.16.0
Compare Source
Changelog
902c14d
adding mage support (#1420)c94a8f2
chore: action latest tag (#1487)debb8e1
chore: mage namespaces support (#1478)cebf7f8
chore: trigger chart publish (#1477)a74dfdc
Minor syntax fix to the custom values.yaml details in the helm docs (#1458)77b44fe
Skip java db update flag (#1444)ff61128
Typo Update index.md (#1442)d204543
Update helm.md (#1390)d8809d1
ability to opt-out persistent volume claim for trivy-server (#1457)9140bcf
adding information on cis benchmarks and config audit scans based on Slack question (#1445)aef6dcd
build(deps): bump github.com/CycloneDX/cyclonedx-go (#1464)37d454e
build(deps): bump github.com/google/go-containerregistry (#1424)10ecda6
build(deps): bump github.com/onsi/ginkgo/v2 from 2.11.0 to 2.12.0 (#1465)c1f6305
build(deps): bump go.uber.org/automaxprocs from 1.5.2 to 1.5.3 (#1411)a655c07
build(deps): bump golang.org/x/net from 0.12.0 to 0.14.0 (#1422)3d8c89d
build(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 (#1447)9b6bd4f
build(deps): bump k8s.io/api from 0.28.0 to 0.28.1 (#1461)e26b36a
build(deps): bump k8s.io/apiextensions-apiserver from 0.27.3 to 0.27.4 (#1410)cafec10
build(deps): bump k8s.io/cli-runtime from 0.27.3 to 0.27.4 (#1412)5265fa3
build(deps): bump k8s.io/cli-runtime from 0.28.0 to 0.28.1 (#1462)478ec85
build(deps): bump sigs.k8s.io/controller-runtime from 0.15.0 to 0.15.1 (#1436)1a204ba
chore: add chart appVersion validation action (#1468)1fbb0e7
chore: bump k8s components 0.28.0 (#1451)4bc323c
chore: bump trivy 0.43.1 (#1406)6b23ef9
chore: bump trivy 0.43.1 lib (#1407)d92e690
chore: bump trivy 0.44.1 (#1453)a45e359
chore: declare missing properties in values.yaml (#1427)49ecc26
chore: refactor workflow naming (#1470)40977b1
chore: reformat chart templates (#1439)0adc1f8
chore: reformat missed chart templates (#1459)4862faf
feat: Add optional annotations & endpointAdditionalProperties to ServiceMonitor in helm chart (#1452)acdcbb2
feat: Automatically build helm chart on PR merge (#1460)9320ddf
feat: add CVE published and updated date (#1433)1ed616d
feat: allow changing the default revisionHistoryLimit (#1415)d2825cd
feat: exclude init containers (#1438)35213ef
feat: make trivy-server replicas configurable (#1473)f612674
feat: skip db update for clientserver mode (#1440)953dbd7
feat: use serverServiceName as container name (#1472)ace1bd5
fix(chart): only create servicemonitor if API supports it (#1403)2d3ad4d
fix: add image digest to report (#1446)c944cbf
fix: add insecure flag for scanning container (#1419)60fbfa2
fix: configure controller cache sync timeout (#1395)ee4fcf5
fix: report ttl respect scanner flags (#1432)7fe8c39
preserve unknown fields in vulnerabilityreport (#1455)v0.15.1
Compare Source
Changelog
2d16ef1
build(deps): bump actions/setup-python from 4.6.1 to 4.7.0 (#1367)ca7463f
build(deps): bump github.com/onsi/gomega from 1.27.8 to 1.27.10 (#1375)90c588e
build(deps): bump helm/kind-action from 1.7.0 to 1.8.0 (#1368)12af8d9
build(deps): bump k8s.io/apimachinery from 0.27.3 to 0.27.4 (#1374)9b5ab94
build(deps): bump k8s.io/client-go from 0.27.3 to 0.27.4 (#1376)e616e7b
feat: add automaxprocs to auto set GOMAXPROCS (#1363)601d552
fix: helm sets wrong value for OPERATOR_SBOM_GENERATION_ENABLED (#1381) (#1382)f9f5390
fix: metrics info not showing (#1385)f66f713
fix: respect disabled exposed secrets (#1373)17d2081
fix: sbomReport: wrong type of SpecVersion field (#1378)v0.15.0
Compare Source
Changelog
78928ce
fix: remove sbom ttl (#1358)ce828a8
Add detail configaudit info as prometheus metric (#1302)d3a1de1
Add detail rbacassessment,infraassessment info prometheus Metrics (#1331)b1caf82
Fix ClientServer scan (#1344)b234920
bugfix: rbac resource with capital letter name (#1322)f3717df
build(deps): bump docker/login-action from 2.1.0 to 2.2.0 (#1290)d076496
build(deps): bump github.com/CycloneDX/cyclonedx-go from 0.7.0 to 0.7.1 (#1350)ed870f8
build(deps): bump github.com/aquasecurity/trivy from 0.42.0 to 0.42.1 (#1291)ad76ff2
build(deps): bump github.com/aquasecurity/trivy-kubernetes (#1292)7244d21
build(deps): bump github.com/onsi/ginkgo/v2 from 2.10.0 to 2.11.0 (#1316)8d935af
build(deps): bump github.com/onsi/ginkgo/v2 from 2.9.7 to 2.10.0 (#1294)8a92009
build(deps): bump github.com/onsi/gomega from 1.27.7 to 1.27.8 (#1293)92ab9f2
build(deps): bump github.com/prometheus/client_golang (#1313)50df668
build(deps): bump golang.org/x/net from 0.10.0 to 0.11.0 (#1314)961e539
build(deps): bump golang.org/x/net from 0.11.0 to 0.12.0 (#1352)d14acfd
build(deps): bump golang.org/x/text from 0.10.0 to 0.11.0 (#1351)d901d28
build(deps): bump golangci/golangci-lint-action from 3.5.0 to 3.6.0 (#1289)f2671ae
build(deps): bump k8s.io/apiextensions-apiserver from 0.27.2 to 0.27.3 (#1328)5f9a7a0
build(deps): bump k8s.io/cli-runtime from 0.27.2 to 0.27.3 (#1317)24fc44c
build(deps): bump sigstore/cosign-installer from 3.0.5 to 3.1.0 (#1327)a86c762
build(deps): bump sigstore/cosign-installer from 3.1.0 to 3.1.1 (#1338)345e2c2
feat: Support scan latest revision for replicationController (#1324)1b69d4a
feat: add pkgPath to vulnerability report (#1285)4c8f373
feat: create "trivy_vulerability_id" metric for each occurence (#1343)7fe47f9
feat: enrich compliance report with rbac assessment checks data (#1309)787f3f9
fix: config secret scan fs mode (#1301)b92f8b7
fix: link to documentation (#1304)b33bc6f
fix: outdated-api applied last version support (#1347)cb0e940
fix: pkgPath name name update (#1340)546dd9c
fix: sbom generation enable by default (#1355)4ff5d8a
fix: sbom report support (#1346)v0.14.1
Compare Source
Changelog
cb5472e
chore: auto generate helm docs (#1278)374c74a
chore: configure server security context (#1275)dd02f4d
chore: fix CVE-2023-2650 (#1280)c5f72b2
chore: workload identity settings (#1282)63b6dd9
feat: azure workload identity support (#1267)3fac57d
feat: node collector annotation support (#1272)97ffcb5
fix: ignore policy regex not working (#1271)870be2c
fix: specify confirmation in cosign invocation (#1277)c86f7e1
pointing out Helm Chart customisation (#1276)v0.14.0
Compare Source
Changelog
953023e
build(deps): bump github.com/onsi/ginkgo/v2 from 2.9.5 to 2.9.7 (#1263)5d27b6d
build(deps): bump github.com/stretchr/testify from 1.8.3 to 1.8.4 (#1264)34ff98a
build(deps): bump golangci/golangci-lint-action from 3.4.0 to 3.5.0 (#1261)de4b63e
chore: bump trivy v0.42.0 (#1265)e2362fa
fix: honor ephemeralStorage,if set (#1259)3e528c2
fix: vulnerabilities report not created after k8s v1.27.x (#1252)773f8e3
Add support fo legacy dockercfg in scan jobs (#1183)426c6e3
Add tolerations to trivy-server template (#1189)8f297a8
Read object before compare to avoid wrong cached data (#1216)e866712
build(deps): bump actions/setup-python from 4.5.0 to 4.6.0 (#1186)474ce56
build(deps): bump actions/setup-python from 4.6.0 to 4.6.1 (#1244)6bb3728
build(deps): bump github.com/aquasecurity/trivy-kubernetes (#1221)cd598cf
build(deps): bump github.com/aquasecurity/trivy-kubernetes (#1236)176ac95
build(deps): bump github.com/aquasecurity/trivy-kubernetes (#1245)cc39b09
build(deps): bump github.com/google/go-containerregistry (#1214)db0a902
build(deps): bump github.com/google/go-containerregistry (#1246)56cacf4
build(deps): bump github.com/onsi/ginkgo/v2 from 2.9.2 to 2.9.4 (#1213)382b065
build(deps): bump github.com/onsi/ginkgo/v2 from 2.9.4 to 2.9.5 (#1219)b7ed779
build(deps): bump github.com/onsi/gomega from 1.27.6 to 1.27.7 (#1233)e5ba124
build(deps): bump github.com/prometheus/client_golang (#1215)7e7f60a
build(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (#1232)0084e04
build(deps): bump golang.org/x/net from 0.9.0 to 0.10.0 (#1220)672ae10
build(deps): bump helm/kind-action from 1.5.0 to 1.7.0 (#1231)f30fbe0
chore: add code owners (#1209)bc3f9f7
chore: bump defsec v0.89.0 (#1248)15be234
chore: bump defsec-0.87.0 (#1199)000c153
chore: bump k8s.io-api to v0.27.2 (#1242)bc57ecc
chore: bump trivy 0.41.0 (#1200)4c3ea53
chore: compliance crd output wide support (#1193)cfa87e5
chore: compliance cron quotes (#1229)4e63f0c
feat: certificate authority scan-job support (#1212)ce4ca43
feat: exclude node scanning by node labels (#1239)6b29e21
feat: image config secret scanner support (#1218)b5d5905
feat: scanning filter by vuln-type (#1184)e909545
feat: skip dirs and files by resource annotation (#1227)8098953
fix: check kubelet config (#1211)56b96bb
fix: pod spec hash issues when using image mirroring (#1205)bebbad4
fix: specify trivy-server persistentvolumeclaim for argocd sync (#1207)Configuration
📅 Schedule: Branch creation - "after 9am on thursday" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.