chore(deps): update helm release trivy-operator to v0.25.0 #871
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
Changes Rendered Chartdiff -U 4 -r out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/crds/aquasecurity.github.io_clustervulnerabilityreports.yaml out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/crds/aquasecurity.github.io_clustervulnerabilityreports.yaml
--- out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/crds/aquasecurity.github.io_clustervulnerabilityreports.yaml 2024-11-26 12:24:45.832740955 +0000
+++ out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/crds/aquasecurity.github.io_clustervulnerabilityreports.yaml 2024-11-26 12:24:20.644443565 +0000
@@ -209,8 +209,12 @@
V3Score:
type: number
V3Vector:
type: string
+ V40Score:
+ type: number
+ V40Vector:
+ type: string
type: object
type: object
cvsssource:
type: string
@@ -231,8 +235,10 @@
links:
items:
type: string
type: array
+ packagePURL:
+ type: string
packagePath:
type: string
packageType:
type: string
diff -U 4 -r out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/crds/aquasecurity.github.io_vulnerabilityreports.yaml out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/crds/aquasecurity.github.io_vulnerabilityreports.yaml
--- out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/crds/aquasecurity.github.io_vulnerabilityreports.yaml 2024-11-26 12:24:45.832740955 +0000
+++ out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/crds/aquasecurity.github.io_vulnerabilityreports.yaml 2024-11-26 12:24:20.644443565 +0000
@@ -210,8 +210,12 @@
V3Score:
type: number
V3Vector:
type: string
+ V40Score:
+ type: number
+ V40Vector:
+ type: string
type: object
type: object
cvsssource:
type: string
@@ -232,8 +236,10 @@
links:
items:
type: string
type: array
+ packagePURL:
+ type: string
packagePath:
type: string
packageType:
type: string
diff -U 4 -r out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/configmaps/operator.yaml out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/configmaps/operator.yaml
--- out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/configmaps/operator.yaml 2024-11-26 12:24:45.832740955 +0000
+++ out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/configmaps/operator.yaml 2024-11-26 12:24:20.644443565 +0000
@@ -5,12 +5,12 @@
metadata:
name: trivy-operator
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
data:
nodeCollector.volumes: "[{\"hostPath\":{\"path\":\"/var/lib/etcd\"},\"name\":\"var-lib-etcd\"},{\"hostPath\":{\"path\":\"/var/lib/kubelet\"},\"name\":\"var-lib-kubelet\"},{\"hostPath\":{\"path\":\"/var/lib/kube-scheduler\"},\"name\":\"var-lib-kube-scheduler\"},{\"hostPath\":{\"path\":\"/var/lib/kube-controller-manager\"},\"name\":\"var-lib-kube-controller-manager\"},{\"hostPath\":{\"path\":\"/etc/systemd\"},\"name\":\"etc-systemd\"},{\"hostPath\":{\"path\":\"/lib/systemd\"},\"name\":\"lib-systemd\"},{\"hostPath\":{\"path\":\"/etc/kubernetes\"},\"name\":\"etc-kubernetes\"},{\"hostPath\":{\"path\":\"/etc/cni/net.d/\"},\"name\":\"etc-cni-netd\"}]"
nodeCollector.volumeMounts: "[{\"mountPath\":\"/var/lib/etcd\",\"name\":\"var-lib-etcd\",\"readOnly\":true},{\"mountPath\":\"/var/lib/kubelet\",\"name\":\"var-lib-kubelet\",\"readOnly\":true},{\"mountPath\":\"/var/lib/kube-scheduler\",\"name\":\"var-lib-kube-scheduler\",\"readOnly\":true},{\"mountPath\":\"/var/lib/kube-controller-manager\",\"name\":\"var-lib-kube-controller-manager\",\"readOnly\":true},{\"mountPath\":\"/etc/systemd\",\"name\":\"etc-systemd\",\"readOnly\":true},{\"mountPath\":\"/lib/systemd/\",\"name\":\"lib-systemd\",\"readOnly\":true},{\"mountPath\":\"/etc/kubernetes\",\"name\":\"etc-kubernetes\",\"readOnly\":true},{\"mountPath\":\"/etc/cni/net.d/\",\"name\":\"etc-cni-netd\",\"readOnly\":true}]"
@@ -23,8 +23,8 @@
report.resourceLabels: "backstage.io/kubernetes-id"
metrics.resourceLabelsPrefix: "k8s_label_"
report.recordFailedChecksOnly: "true"
node.collector.imageRef: "ghcr.io/aquasecurity/node-collector:0.3.1"
- policies.bundle.oci.ref: "ghcr.io/aquasecurity/trivy-checks:0"
+ policies.bundle.oci.ref: "mirror.gcr.io/aquasec/trivy-checks:1"
policies.bundle.insecure: "false"
node.collector.nodeSelector: "true"
diff -U 4 -r out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/configmaps/trivy-operator-config.yaml out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/configmaps/trivy-operator-config.yaml
--- out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/configmaps/trivy-operator-config.yaml 2024-11-26 12:24:45.832740955 +0000
+++ out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/configmaps/trivy-operator-config.yaml 2024-11-26 12:24:20.644443565 +0000
@@ -5,12 +5,12 @@
metadata:
name: trivy-operator-config
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
data:
OPERATOR_LOG_DEV_MODE: "false"
OPERATOR_SCAN_JOB_TTL: ""
diff -U 4 -r out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/configmaps/trivy.yaml out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/configmaps/trivy.yaml
--- out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/configmaps/trivy.yaml 2024-11-26 12:24:45.832740955 +0000
+++ out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/configmaps/trivy.yaml 2024-11-26 12:24:20.644443565 +0000
@@ -5,31 +5,31 @@
metadata:
name: trivy-operator-trivy-config
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
data:
- trivy.repository: "ghcr.io/aquasecurity/trivy"
- trivy.tag: "0.53.0"
+ trivy.repository: "mirror.gcr.io/aquasec/trivy"
+ trivy.tag: "0.57.1"
trivy.imagePullPolicy: "IfNotPresent"
trivy.additionalVulnerabilityReportFields: ""
trivy.severity: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL"
trivy.slow: "true"
trivy.skipJavaDBUpdate: "false"
trivy.includeDevDeps: "false"
trivy.imageScanCacheDir: "/tmp/trivy/.cache"
trivy.filesystemScanCacheDir: "/var/trivyoperator/trivy-db"
- trivy.dbRepository: "ghcr.io/aquasecurity/trivy-db"
- trivy.javaDbRepository: "ghcr.io/aquasecurity/trivy-java-db"
+ trivy.dbRepository: "mirror.gcr.io/aquasec/trivy-db"
+ trivy.javaDbRepository: "mirror.gcr.io/aquasec/trivy-java-db"
trivy.command: "image"
trivy.sbomSources: ""
trivy.dbRepositoryInsecure: "false"
- trivy.useBuiltinRegoPolicies: "true"
- trivy.useEmbeddedRegoPolicies: "false"
+ trivy.useBuiltinRegoPolicies: "false"
+ trivy.useEmbeddedRegoPolicies: "true"
trivy.supportedConfigAuditKinds: "Workload,Service,Role,ClusterRole,NetworkPolicy,Ingress,LimitRange,ResourceQuota"
trivy.ignoreUnfixed: "true"
trivy.timeout: "10m0s"
trivy.mode: "Standalone"
diff -U 4 -r out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/deployment.yaml out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/deployment.yaml
--- out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/deployment.yaml 2024-11-26 12:24:45.832740955 +0000
+++ out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/deployment.yaml 2024-11-26 12:24:20.644443565 +0000
@@ -5,12 +5,12 @@
metadata:
name: release-name-trivy-operator
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
spec:
replicas: 1
strategy:
@@ -28,9 +28,9 @@
serviceAccountName: release-name-trivy-operator
automountServiceAccountToken: true
containers:
- name: "trivy-operator"
- image: "ghcr.io/aquasecurity/trivy-operator:0.22.0"
+ image: "mirror.gcr.io/aquasec/trivy-operator:0.23.0"
imagePullPolicy: IfNotPresent
env:
- name: OPERATOR_NAMESPACE
value: default
diff -U 4 -r out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/monitor/service.yaml out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/monitor/service.yaml
--- out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/monitor/service.yaml 2024-11-26 12:24:45.832740955 +0000
+++ out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/monitor/service.yaml 2024-11-26 12:24:20.644443565 +0000
@@ -5,12 +5,12 @@
metadata:
name: release-name-trivy-operator
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
spec:
clusterIP: None
ports:
diff -U 4 -r out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/clusterrolebinding.yaml out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/clusterrolebinding.yaml
--- out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/clusterrolebinding.yaml 2024-11-26 12:24:45.832740955 +0000
+++ out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/clusterrolebinding.yaml 2024-11-26 12:24:20.644443565 +0000
@@ -4,12 +4,12 @@
kind: ClusterRoleBinding
metadata:
name: release-name-trivy-operator
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
diff -U 4 -r out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/leader-election-role.yaml out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/leader-election-role.yaml
--- out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/leader-election-role.yaml 2024-11-26 12:24:45.832740955 +0000
+++ out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/leader-election-role.yaml 2024-11-26 12:24:20.644443565 +0000
@@ -6,12 +6,12 @@
metadata:
name: release-name-trivy-operator-leader-election
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
rules:
- apiGroups:
- coordination.k8s.io
diff -U 4 -r out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/leader-election-rolebinding.yaml out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/leader-election-rolebinding.yaml
--- out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/leader-election-rolebinding.yaml 2024-11-26 12:24:45.832740955 +0000
+++ out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/leader-election-rolebinding.yaml 2024-11-26 12:24:20.644443565 +0000
@@ -5,12 +5,12 @@
metadata:
name: release-name-trivy-operator-leader-election
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
diff -U 4 -r out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/role.yaml out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/role.yaml
--- out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/role.yaml 2024-11-26 12:24:45.832740955 +0000
+++ out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/role.yaml 2024-11-26 12:24:20.644443565 +0000
@@ -5,12 +5,12 @@
metadata:
name: release-name-trivy-operator
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
rules:
- apiGroups:
- ""
diff -U 4 -r out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/rolebinding.yaml out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/rolebinding.yaml
--- out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/rolebinding.yaml 2024-11-26 12:24:45.832740955 +0000
+++ out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/rolebinding.yaml 2024-11-26 12:24:20.644443565 +0000
@@ -5,12 +5,12 @@
metadata:
name: release-name-trivy-operator
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
diff -U 4 -r out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/view-configauditreports-clusterrole.yaml out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/view-configauditreports-clusterrole.yaml
--- out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/view-configauditreports-clusterrole.yaml 2024-11-26 12:24:45.832740955 +0000
+++ out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/view-configauditreports-clusterrole.yaml 2024-11-26 12:24:20.644443565 +0000
@@ -5,12 +5,12 @@
kind: ClusterRole
metadata:
name: aggregate-config-audit-reports-view
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
rbac.authorization.k8s.io/aggregate-to-admin: "true"
diff -U 4 -r out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/view-exposedsecretreports-clusterrole.yaml out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/view-exposedsecretreports-clusterrole.yaml
--- out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/view-exposedsecretreports-clusterrole.yaml 2024-11-26 12:24:45.832740955 +0000
+++ out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/view-exposedsecretreports-clusterrole.yaml 2024-11-26 12:24:20.644443565 +0000
@@ -5,12 +5,12 @@
kind: ClusterRole
metadata:
name: aggregate-exposed-secret-reports-view
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
rbac.authorization.k8s.io/aggregate-to-admin: "true"
diff -U 4 -r out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/view-vulnerabilityreports-clusterrole.yaml out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/view-vulnerabilityreports-clusterrole.yaml
--- out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/view-vulnerabilityreports-clusterrole.yaml 2024-11-26 12:24:45.832740955 +0000
+++ out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/rbac/view-vulnerabilityreports-clusterrole.yaml 2024-11-26 12:24:20.644443565 +0000
@@ -5,12 +5,12 @@
kind: ClusterRole
metadata:
name: aggregate-vulnerability-reports-view
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
rbac.authorization.k8s.io/aggregate-to-admin: "true"
diff -U 4 -r out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/secrets/operator.yaml out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/secrets/operator.yaml
--- out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/secrets/operator.yaml 2024-11-26 12:24:45.832740955 +0000
+++ out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/secrets/operator.yaml 2024-11-26 12:24:20.644443565 +0000
@@ -5,10 +5,10 @@
metadata:
name: trivy-operator
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
data:
diff -U 4 -r out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/secrets/trivy.yaml out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/secrets/trivy.yaml
--- out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/secrets/trivy.yaml 2024-11-26 12:24:45.832740955 +0000
+++ out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/secrets/trivy.yaml 2024-11-26 12:24:20.644443565 +0000
@@ -5,10 +5,10 @@
metadata:
name: trivy-operator-trivy-config
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
data:
diff -U 4 -r out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/serviceaccount.yaml out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/serviceaccount.yaml
--- out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/serviceaccount.yaml 2024-11-26 12:24:45.832740955 +0000
+++ out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/serviceaccount.yaml 2024-11-26 12:24:20.644443565 +0000
@@ -5,9 +5,9 @@
metadata:
name: release-name-trivy-operator
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
diff -U 4 -r out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-cis-1.23.yaml out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-cis-1.23.yaml
--- out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-cis-1.23.yaml 2024-11-26 12:24:45.832740955 +0000
+++ out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-cis-1.23.yaml 2024-11-26 12:24:20.644443565 +0000
@@ -6,9 +6,9 @@
name: k8s-cis-1.23
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
- app.kubernetes.io/version: 0.22.0
+ app.kubernetes.io/version: 0.23.0
app.kubernetes.io/managed-by: kubectl
spec:
cron: "0 */6 * * *"
reportType: "summary"
diff -U 4 -r out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-nsa-1.0.yaml out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-nsa-1.0.yaml
--- out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-nsa-1.0.yaml 2024-11-26 12:24:45.836741000 +0000
+++ out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-nsa-1.0.yaml 2024-11-26 12:24:20.644443565 +0000
@@ -6,9 +6,9 @@
name: k8s-nsa-1.0
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
- app.kubernetes.io/version: 0.22.0
+ app.kubernetes.io/version: 0.23.0
app.kubernetes.io/managed-by: kubectl
spec:
cron: "0 */6 * * *"
reportType: "summary"
diff -U 4 -r out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-pss-baseline-0.1.yaml out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-pss-baseline-0.1.yaml
--- out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-pss-baseline-0.1.yaml 2024-11-26 12:24:45.836741000 +0000
+++ out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-pss-baseline-0.1.yaml 2024-11-26 12:24:20.644443565 +0000
@@ -6,9 +6,9 @@
name: k8s-pss-baseline-0.1
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
- app.kubernetes.io/version: 0.22.0
+ app.kubernetes.io/version: 0.23.0
app.kubernetes.io/managed-by: kubectl
spec:
cron: "0 */6 * * *"
reportType: "summary"
diff -U 4 -r out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-pss-restricted-0.1.yaml out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-pss-restricted-0.1.yaml
--- out/target/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-pss-restricted-0.1.yaml 2024-11-26 12:24:45.836741000 +0000
+++ out/pr/trivy/values-k3d.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-pss-restricted-0.1.yaml 2024-11-26 12:24:20.644443565 +0000
@@ -6,9 +6,9 @@
name: k8s-pss-restricted-0.1
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
- app.kubernetes.io/version: 0.22.0
+ app.kubernetes.io/version: 0.23.0
app.kubernetes.io/managed-by: kubectl
spec:
cron: "0 */6 * * *"
reportType: "summary"
diff -U 4 -r out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/crds/aquasecurity.github.io_clustervulnerabilityreports.yaml out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/crds/aquasecurity.github.io_clustervulnerabilityreports.yaml
--- out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/crds/aquasecurity.github.io_clustervulnerabilityreports.yaml 2024-11-26 12:24:45.772740268 +0000
+++ out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/crds/aquasecurity.github.io_clustervulnerabilityreports.yaml 2024-11-26 12:24:20.584442862 +0000
@@ -209,8 +209,12 @@
V3Score:
type: number
V3Vector:
type: string
+ V40Score:
+ type: number
+ V40Vector:
+ type: string
type: object
type: object
cvsssource:
type: string
@@ -231,8 +235,10 @@
links:
items:
type: string
type: array
+ packagePURL:
+ type: string
packagePath:
type: string
packageType:
type: string
diff -U 4 -r out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/crds/aquasecurity.github.io_vulnerabilityreports.yaml out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/crds/aquasecurity.github.io_vulnerabilityreports.yaml
--- out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/crds/aquasecurity.github.io_vulnerabilityreports.yaml 2024-11-26 12:24:45.772740268 +0000
+++ out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/crds/aquasecurity.github.io_vulnerabilityreports.yaml 2024-11-26 12:24:20.584442862 +0000
@@ -210,8 +210,12 @@
V3Score:
type: number
V3Vector:
type: string
+ V40Score:
+ type: number
+ V40Vector:
+ type: string
type: object
type: object
cvsssource:
type: string
@@ -232,8 +236,10 @@
links:
items:
type: string
type: array
+ packagePURL:
+ type: string
packagePath:
type: string
packageType:
type: string
diff -U 4 -r out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/configmaps/operator.yaml out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/configmaps/operator.yaml
--- out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/configmaps/operator.yaml 2024-11-26 12:24:45.772740268 +0000
+++ out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/configmaps/operator.yaml 2024-11-26 12:24:20.584442862 +0000
@@ -5,12 +5,12 @@
metadata:
name: trivy-operator
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
data:
nodeCollector.volumes: "[{\"hostPath\":{\"path\":\"/var/lib/etcd\"},\"name\":\"var-lib-etcd\"},{\"hostPath\":{\"path\":\"/var/lib/kubelet\"},\"name\":\"var-lib-kubelet\"},{\"hostPath\":{\"path\":\"/var/lib/kube-scheduler\"},\"name\":\"var-lib-kube-scheduler\"},{\"hostPath\":{\"path\":\"/var/lib/kube-controller-manager\"},\"name\":\"var-lib-kube-controller-manager\"},{\"hostPath\":{\"path\":\"/etc/systemd\"},\"name\":\"etc-systemd\"},{\"hostPath\":{\"path\":\"/lib/systemd\"},\"name\":\"lib-systemd\"},{\"hostPath\":{\"path\":\"/etc/kubernetes\"},\"name\":\"etc-kubernetes\"},{\"hostPath\":{\"path\":\"/etc/cni/net.d/\"},\"name\":\"etc-cni-netd\"}]"
nodeCollector.volumeMounts: "[{\"mountPath\":\"/var/lib/etcd\",\"name\":\"var-lib-etcd\",\"readOnly\":true},{\"mountPath\":\"/var/lib/kubelet\",\"name\":\"var-lib-kubelet\",\"readOnly\":true},{\"mountPath\":\"/var/lib/kube-scheduler\",\"name\":\"var-lib-kube-scheduler\",\"readOnly\":true},{\"mountPath\":\"/var/lib/kube-controller-manager\",\"name\":\"var-lib-kube-controller-manager\",\"readOnly\":true},{\"mountPath\":\"/etc/systemd\",\"name\":\"etc-systemd\",\"readOnly\":true},{\"mountPath\":\"/lib/systemd/\",\"name\":\"lib-systemd\",\"readOnly\":true},{\"mountPath\":\"/etc/kubernetes\",\"name\":\"etc-kubernetes\",\"readOnly\":true},{\"mountPath\":\"/etc/cni/net.d/\",\"name\":\"etc-cni-netd\",\"readOnly\":true}]"
@@ -23,8 +23,8 @@
report.resourceLabels: "backstage.io/kubernetes-id"
metrics.resourceLabelsPrefix: "k8s_label_"
report.recordFailedChecksOnly: "true"
node.collector.imageRef: "ghcr.io/aquasecurity/node-collector:0.3.1"
- policies.bundle.oci.ref: "ghcr.io/aquasecurity/trivy-checks:0"
+ policies.bundle.oci.ref: "mirror.gcr.io/aquasec/trivy-checks:1"
policies.bundle.insecure: "false"
node.collector.nodeSelector: "true"
diff -U 4 -r out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/configmaps/trivy-operator-config.yaml out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/configmaps/trivy-operator-config.yaml
--- out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/configmaps/trivy-operator-config.yaml 2024-11-26 12:24:45.772740268 +0000
+++ out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/configmaps/trivy-operator-config.yaml 2024-11-26 12:24:20.584442862 +0000
@@ -5,12 +5,12 @@
metadata:
name: trivy-operator-config
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
data:
OPERATOR_LOG_DEV_MODE: "false"
OPERATOR_SCAN_JOB_TTL: ""
diff -U 4 -r out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/configmaps/trivy.yaml out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/configmaps/trivy.yaml
--- out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/configmaps/trivy.yaml 2024-11-26 12:24:45.772740268 +0000
+++ out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/configmaps/trivy.yaml 2024-11-26 12:24:20.584442862 +0000
@@ -5,31 +5,31 @@
metadata:
name: trivy-operator-trivy-config
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
data:
- trivy.repository: "ghcr.io/aquasecurity/trivy"
- trivy.tag: "0.53.0"
+ trivy.repository: "mirror.gcr.io/aquasec/trivy"
+ trivy.tag: "0.57.1"
trivy.imagePullPolicy: "IfNotPresent"
trivy.additionalVulnerabilityReportFields: ""
trivy.severity: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL"
trivy.slow: "true"
trivy.skipJavaDBUpdate: "false"
trivy.includeDevDeps: "false"
trivy.imageScanCacheDir: "/tmp/trivy/.cache"
trivy.filesystemScanCacheDir: "/var/trivyoperator/trivy-db"
- trivy.dbRepository: "ghcr.io/aquasecurity/trivy-db"
- trivy.javaDbRepository: "ghcr.io/aquasecurity/trivy-java-db"
+ trivy.dbRepository: "mirror.gcr.io/aquasec/trivy-db"
+ trivy.javaDbRepository: "mirror.gcr.io/aquasec/trivy-java-db"
trivy.command: "image"
trivy.sbomSources: ""
trivy.dbRepositoryInsecure: "false"
- trivy.useBuiltinRegoPolicies: "true"
- trivy.useEmbeddedRegoPolicies: "false"
+ trivy.useBuiltinRegoPolicies: "false"
+ trivy.useEmbeddedRegoPolicies: "true"
trivy.supportedConfigAuditKinds: "Workload,Service,Role,ClusterRole,NetworkPolicy,Ingress,LimitRange,ResourceQuota"
trivy.ignoreUnfixed: "true"
trivy.timeout: "10m0s"
trivy.mode: "Standalone"
diff -U 4 -r out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/deployment.yaml out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/deployment.yaml
--- out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/deployment.yaml 2024-11-26 12:24:45.776740313 +0000
+++ out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/deployment.yaml 2024-11-26 12:24:20.584442862 +0000
@@ -5,12 +5,12 @@
metadata:
name: release-name-trivy-operator
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
spec:
replicas: 1
strategy:
@@ -28,9 +28,9 @@
serviceAccountName: release-name-trivy-operator
automountServiceAccountToken: true
containers:
- name: "trivy-operator"
- image: "ghcr.io/aquasecurity/trivy-operator:0.22.0"
+ image: "mirror.gcr.io/aquasec/trivy-operator:0.23.0"
imagePullPolicy: IfNotPresent
env:
- name: OPERATOR_NAMESPACE
value: default
diff -U 4 -r out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/monitor/service.yaml out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/monitor/service.yaml
--- out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/monitor/service.yaml 2024-11-26 12:24:45.776740313 +0000
+++ out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/monitor/service.yaml 2024-11-26 12:24:20.584442862 +0000
@@ -5,12 +5,12 @@
metadata:
name: release-name-trivy-operator
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
spec:
clusterIP: None
ports:
diff -U 4 -r out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/clusterrolebinding.yaml out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/clusterrolebinding.yaml
--- out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/clusterrolebinding.yaml 2024-11-26 12:24:45.776740313 +0000
+++ out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/clusterrolebinding.yaml 2024-11-26 12:24:20.584442862 +0000
@@ -4,12 +4,12 @@
kind: ClusterRoleBinding
metadata:
name: release-name-trivy-operator
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
diff -U 4 -r out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/leader-election-role.yaml out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/leader-election-role.yaml
--- out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/leader-election-role.yaml 2024-11-26 12:24:45.776740313 +0000
+++ out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/leader-election-role.yaml 2024-11-26 12:24:20.584442862 +0000
@@ -6,12 +6,12 @@
metadata:
name: release-name-trivy-operator-leader-election
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
rules:
- apiGroups:
- coordination.k8s.io
diff -U 4 -r out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/leader-election-rolebinding.yaml out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/leader-election-rolebinding.yaml
--- out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/leader-election-rolebinding.yaml 2024-11-26 12:24:45.776740313 +0000
+++ out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/leader-election-rolebinding.yaml 2024-11-26 12:24:20.584442862 +0000
@@ -5,12 +5,12 @@
metadata:
name: release-name-trivy-operator-leader-election
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
diff -U 4 -r out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/role.yaml out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/role.yaml
--- out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/role.yaml 2024-11-26 12:24:45.776740313 +0000
+++ out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/role.yaml 2024-11-26 12:24:20.584442862 +0000
@@ -5,12 +5,12 @@
metadata:
name: release-name-trivy-operator
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
rules:
- apiGroups:
- ""
diff -U 4 -r out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/rolebinding.yaml out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/rolebinding.yaml
--- out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/rolebinding.yaml 2024-11-26 12:24:45.776740313 +0000
+++ out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/rolebinding.yaml 2024-11-26 12:24:20.584442862 +0000
@@ -5,12 +5,12 @@
metadata:
name: release-name-trivy-operator
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
diff -U 4 -r out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/view-configauditreports-clusterrole.yaml out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/view-configauditreports-clusterrole.yaml
--- out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/view-configauditreports-clusterrole.yaml 2024-11-26 12:24:45.772740268 +0000
+++ out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/view-configauditreports-clusterrole.yaml 2024-11-26 12:24:20.584442862 +0000
@@ -5,12 +5,12 @@
kind: ClusterRole
metadata:
name: aggregate-config-audit-reports-view
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
rbac.authorization.k8s.io/aggregate-to-admin: "true"
diff -U 4 -r out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/view-exposedsecretreports-clusterrole.yaml out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/view-exposedsecretreports-clusterrole.yaml
--- out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/view-exposedsecretreports-clusterrole.yaml 2024-11-26 12:24:45.772740268 +0000
+++ out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/view-exposedsecretreports-clusterrole.yaml 2024-11-26 12:24:20.584442862 +0000
@@ -5,12 +5,12 @@
kind: ClusterRole
metadata:
name: aggregate-exposed-secret-reports-view
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
rbac.authorization.k8s.io/aggregate-to-admin: "true"
diff -U 4 -r out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/view-vulnerabilityreports-clusterrole.yaml out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/view-vulnerabilityreports-clusterrole.yaml
--- out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/view-vulnerabilityreports-clusterrole.yaml 2024-11-26 12:24:45.776740313 +0000
+++ out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/rbac/view-vulnerabilityreports-clusterrole.yaml 2024-11-26 12:24:20.584442862 +0000
@@ -5,12 +5,12 @@
kind: ClusterRole
metadata:
name: aggregate-vulnerability-reports-view
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
rbac.authorization.k8s.io/aggregate-to-admin: "true"
diff -U 4 -r out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/secrets/operator.yaml out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/secrets/operator.yaml
--- out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/secrets/operator.yaml 2024-11-26 12:24:45.772740268 +0000
+++ out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/secrets/operator.yaml 2024-11-26 12:24:20.584442862 +0000
@@ -5,10 +5,10 @@
metadata:
name: trivy-operator
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
data:
diff -U 4 -r out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/secrets/trivy.yaml out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/secrets/trivy.yaml
--- out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/secrets/trivy.yaml 2024-11-26 12:24:45.772740268 +0000
+++ out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/secrets/trivy.yaml 2024-11-26 12:24:20.584442862 +0000
@@ -5,10 +5,10 @@
metadata:
name: trivy-operator-trivy-config
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
data:
diff -U 4 -r out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/serviceaccount.yaml out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/serviceaccount.yaml
--- out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/serviceaccount.yaml 2024-11-26 12:24:45.772740268 +0000
+++ out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/serviceaccount.yaml 2024-11-26 12:24:20.584442862 +0000
@@ -5,9 +5,9 @@
metadata:
name: release-name-trivy-operator
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
diff -U 4 -r out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-cis-1.23.yaml out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-cis-1.23.yaml
--- out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-cis-1.23.yaml 2024-11-26 12:24:45.776740313 +0000
+++ out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-cis-1.23.yaml 2024-11-26 12:24:20.584442862 +0000
@@ -6,9 +6,9 @@
name: k8s-cis-1.23
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
- app.kubernetes.io/version: 0.22.0
+ app.kubernetes.io/version: 0.23.0
app.kubernetes.io/managed-by: kubectl
spec:
cron: "0 */6 * * *"
reportType: "summary"
diff -U 4 -r out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-nsa-1.0.yaml out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-nsa-1.0.yaml
--- out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-nsa-1.0.yaml 2024-11-26 12:24:45.776740313 +0000
+++ out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-nsa-1.0.yaml 2024-11-26 12:24:20.584442862 +0000
@@ -6,9 +6,9 @@
name: k8s-nsa-1.0
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
- app.kubernetes.io/version: 0.22.0
+ app.kubernetes.io/version: 0.23.0
app.kubernetes.io/managed-by: kubectl
spec:
cron: "0 */6 * * *"
reportType: "summary"
diff -U 4 -r out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-pss-baseline-0.1.yaml out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-pss-baseline-0.1.yaml
--- out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-pss-baseline-0.1.yaml 2024-11-26 12:24:45.776740313 +0000
+++ out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-pss-baseline-0.1.yaml 2024-11-26 12:24:20.584442862 +0000
@@ -6,9 +6,9 @@
name: k8s-pss-baseline-0.1
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
- app.kubernetes.io/version: 0.22.0
+ app.kubernetes.io/version: 0.23.0
app.kubernetes.io/managed-by: kubectl
spec:
cron: "0 */6 * * *"
reportType: "summary"
diff -U 4 -r out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-pss-restricted-0.1.yaml out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-pss-restricted-0.1.yaml
--- out/target/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-pss-restricted-0.1.yaml 2024-11-26 12:24:45.776740313 +0000
+++ out/pr/trivy/values-metalstackyaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-pss-restricted-0.1.yaml 2024-11-26 12:24:20.584442862 +0000
@@ -6,9 +6,9 @@
name: k8s-pss-restricted-0.1
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
- app.kubernetes.io/version: 0.22.0
+ app.kubernetes.io/version: 0.23.0
app.kubernetes.io/managed-by: kubectl
spec:
cron: "0 */6 * * *"
reportType: "summary"
diff -U 4 -r out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/crds/aquasecurity.github.io_clustervulnerabilityreports.yaml out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/crds/aquasecurity.github.io_clustervulnerabilityreports.yaml
--- out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/crds/aquasecurity.github.io_clustervulnerabilityreports.yaml 2024-11-26 12:24:45.892741642 +0000
+++ out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/crds/aquasecurity.github.io_clustervulnerabilityreports.yaml 2024-11-26 12:24:20.704444269 +0000
@@ -209,8 +209,12 @@
V3Score:
type: number
V3Vector:
type: string
+ V40Score:
+ type: number
+ V40Vector:
+ type: string
type: object
type: object
cvsssource:
type: string
@@ -231,8 +235,10 @@
links:
items:
type: string
type: array
+ packagePURL:
+ type: string
packagePath:
type: string
packageType:
type: string
diff -U 4 -r out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/crds/aquasecurity.github.io_vulnerabilityreports.yaml out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/crds/aquasecurity.github.io_vulnerabilityreports.yaml
--- out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/crds/aquasecurity.github.io_vulnerabilityreports.yaml 2024-11-26 12:24:45.892741642 +0000
+++ out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/crds/aquasecurity.github.io_vulnerabilityreports.yaml 2024-11-26 12:24:20.704444269 +0000
@@ -210,8 +210,12 @@
V3Score:
type: number
V3Vector:
type: string
+ V40Score:
+ type: number
+ V40Vector:
+ type: string
type: object
type: object
cvsssource:
type: string
@@ -232,8 +236,10 @@
links:
items:
type: string
type: array
+ packagePURL:
+ type: string
packagePath:
type: string
packageType:
type: string
diff -U 4 -r out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/configmaps/operator.yaml out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/configmaps/operator.yaml
--- out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/configmaps/operator.yaml 2024-11-26 12:24:45.896741687 +0000
+++ out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/configmaps/operator.yaml 2024-11-26 12:24:20.704444269 +0000
@@ -5,12 +5,12 @@
metadata:
name: trivy-operator
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
data:
nodeCollector.volumes: "[{\"hostPath\":{\"path\":\"/var/lib/etcd\"},\"name\":\"var-lib-etcd\"},{\"hostPath\":{\"path\":\"/var/lib/kubelet\"},\"name\":\"var-lib-kubelet\"},{\"hostPath\":{\"path\":\"/var/lib/kube-scheduler\"},\"name\":\"var-lib-kube-scheduler\"},{\"hostPath\":{\"path\":\"/var/lib/kube-controller-manager\"},\"name\":\"var-lib-kube-controller-manager\"},{\"hostPath\":{\"path\":\"/etc/systemd\"},\"name\":\"etc-systemd\"},{\"hostPath\":{\"path\":\"/lib/systemd\"},\"name\":\"lib-systemd\"},{\"hostPath\":{\"path\":\"/etc/kubernetes\"},\"name\":\"etc-kubernetes\"},{\"hostPath\":{\"path\":\"/etc/cni/net.d/\"},\"name\":\"etc-cni-netd\"}]"
nodeCollector.volumeMounts: "[{\"mountPath\":\"/var/lib/etcd\",\"name\":\"var-lib-etcd\",\"readOnly\":true},{\"mountPath\":\"/var/lib/kubelet\",\"name\":\"var-lib-kubelet\",\"readOnly\":true},{\"mountPath\":\"/var/lib/kube-scheduler\",\"name\":\"var-lib-kube-scheduler\",\"readOnly\":true},{\"mountPath\":\"/var/lib/kube-controller-manager\",\"name\":\"var-lib-kube-controller-manager\",\"readOnly\":true},{\"mountPath\":\"/etc/systemd\",\"name\":\"etc-systemd\",\"readOnly\":true},{\"mountPath\":\"/lib/systemd/\",\"name\":\"lib-systemd\",\"readOnly\":true},{\"mountPath\":\"/etc/kubernetes\",\"name\":\"etc-kubernetes\",\"readOnly\":true},{\"mountPath\":\"/etc/cni/net.d/\",\"name\":\"etc-cni-netd\",\"readOnly\":true}]"
@@ -23,8 +23,8 @@
report.resourceLabels: "backstage.io/kubernetes-id"
metrics.resourceLabelsPrefix: "k8s_label_"
report.recordFailedChecksOnly: "true"
node.collector.imageRef: "ghcr.io/aquasecurity/node-collector:0.3.1"
- policies.bundle.oci.ref: "ghcr.io/aquasecurity/trivy-checks:0"
+ policies.bundle.oci.ref: "mirror.gcr.io/aquasec/trivy-checks:1"
policies.bundle.insecure: "false"
node.collector.nodeSelector: "true"
diff -U 4 -r out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/configmaps/trivy-operator-config.yaml out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/configmaps/trivy-operator-config.yaml
--- out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/configmaps/trivy-operator-config.yaml 2024-11-26 12:24:45.896741687 +0000
+++ out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/configmaps/trivy-operator-config.yaml 2024-11-26 12:24:20.704444269 +0000
@@ -5,12 +5,12 @@
metadata:
name: trivy-operator-config
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
data:
OPERATOR_LOG_DEV_MODE: "false"
OPERATOR_SCAN_JOB_TTL: ""
diff -U 4 -r out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/configmaps/trivy.yaml out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/configmaps/trivy.yaml
--- out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/configmaps/trivy.yaml 2024-11-26 12:24:45.896741687 +0000
+++ out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/configmaps/trivy.yaml 2024-11-26 12:24:20.704444269 +0000
@@ -5,31 +5,31 @@
metadata:
name: trivy-operator-trivy-config
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
data:
- trivy.repository: "ghcr.io/aquasecurity/trivy"
- trivy.tag: "0.53.0"
+ trivy.repository: "mirror.gcr.io/aquasec/trivy"
+ trivy.tag: "0.57.1"
trivy.imagePullPolicy: "IfNotPresent"
trivy.additionalVulnerabilityReportFields: "Target,Class"
trivy.severity: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL"
trivy.slow: "false"
trivy.skipJavaDBUpdate: "false"
trivy.includeDevDeps: "false"
trivy.imageScanCacheDir: "/tmp/trivy/.cache"
trivy.filesystemScanCacheDir: "/var/trivyoperator/trivy-db"
- trivy.dbRepository: "ghcr.io/aquasecurity/trivy-db"
- trivy.javaDbRepository: "ghcr.io/aquasecurity/trivy-java-db"
+ trivy.dbRepository: "mirror.gcr.io/aquasec/trivy-db"
+ trivy.javaDbRepository: "mirror.gcr.io/aquasec/trivy-java-db"
trivy.command: "image"
trivy.sbomSources: ""
trivy.dbRepositoryInsecure: "false"
- trivy.useBuiltinRegoPolicies: "true"
- trivy.useEmbeddedRegoPolicies: "false"
+ trivy.useBuiltinRegoPolicies: "false"
+ trivy.useEmbeddedRegoPolicies: "true"
trivy.supportedConfigAuditKinds: "Workload,Service,Role,ClusterRole,NetworkPolicy,Ingress,LimitRange,ResourceQuota"
trivy.ignoreUnfixed: "true"
trivy.timeout: "10m0s"
trivy.mode: "Standalone"
diff -U 4 -r out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/deployment.yaml out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/deployment.yaml
--- out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/deployment.yaml 2024-11-26 12:24:45.896741687 +0000
+++ out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/deployment.yaml 2024-11-26 12:24:20.708444316 +0000
@@ -5,12 +5,12 @@
metadata:
name: release-name-trivy-operator
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
spec:
replicas: 1
strategy:
@@ -28,9 +28,9 @@
serviceAccountName: release-name-trivy-operator
automountServiceAccountToken: true
containers:
- name: "trivy-operator"
- image: "ghcr.io/aquasecurity/trivy-operator:0.22.0"
+ image: "mirror.gcr.io/aquasec/trivy-operator:0.23.0"
imagePullPolicy: IfNotPresent
env:
- name: OPERATOR_NAMESPACE
value: default
diff -U 4 -r out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/monitor/service.yaml out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/monitor/service.yaml
--- out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/monitor/service.yaml 2024-11-26 12:24:45.896741687 +0000
+++ out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/monitor/service.yaml 2024-11-26 12:24:20.708444316 +0000
@@ -5,12 +5,12 @@
metadata:
name: release-name-trivy-operator
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
spec:
clusterIP: None
ports:
diff -U 4 -r out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/clusterrolebinding.yaml out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/clusterrolebinding.yaml
--- out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/clusterrolebinding.yaml 2024-11-26 12:24:45.896741687 +0000
+++ out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/clusterrolebinding.yaml 2024-11-26 12:24:20.708444316 +0000
@@ -4,12 +4,12 @@
kind: ClusterRoleBinding
metadata:
name: release-name-trivy-operator
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
diff -U 4 -r out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/leader-election-role.yaml out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/leader-election-role.yaml
--- out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/leader-election-role.yaml 2024-11-26 12:24:45.896741687 +0000
+++ out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/leader-election-role.yaml 2024-11-26 12:24:20.708444316 +0000
@@ -6,12 +6,12 @@
metadata:
name: release-name-trivy-operator-leader-election
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
rules:
- apiGroups:
- coordination.k8s.io
diff -U 4 -r out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/leader-election-rolebinding.yaml out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/leader-election-rolebinding.yaml
--- out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/leader-election-rolebinding.yaml 2024-11-26 12:24:45.896741687 +0000
+++ out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/leader-election-rolebinding.yaml 2024-11-26 12:24:20.708444316 +0000
@@ -5,12 +5,12 @@
metadata:
name: release-name-trivy-operator-leader-election
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
diff -U 4 -r out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/role.yaml out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/role.yaml
--- out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/role.yaml 2024-11-26 12:24:45.896741687 +0000
+++ out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/role.yaml 2024-11-26 12:24:20.708444316 +0000
@@ -5,12 +5,12 @@
metadata:
name: release-name-trivy-operator
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
rules:
- apiGroups:
- ""
diff -U 4 -r out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/rolebinding.yaml out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/rolebinding.yaml
--- out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/rolebinding.yaml 2024-11-26 12:24:45.896741687 +0000
+++ out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/rolebinding.yaml 2024-11-26 12:24:20.708444316 +0000
@@ -5,12 +5,12 @@
metadata:
name: release-name-trivy-operator
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
diff -U 4 -r out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/view-configauditreports-clusterrole.yaml out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/view-configauditreports-clusterrole.yaml
--- out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/view-configauditreports-clusterrole.yaml 2024-11-26 12:24:45.896741687 +0000
+++ out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/view-configauditreports-clusterrole.yaml 2024-11-26 12:24:20.708444316 +0000
@@ -5,12 +5,12 @@
kind: ClusterRole
metadata:
name: aggregate-config-audit-reports-view
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
rbac.authorization.k8s.io/aggregate-to-admin: "true"
diff -U 4 -r out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/view-exposedsecretreports-clusterrole.yaml out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/view-exposedsecretreports-clusterrole.yaml
--- out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/view-exposedsecretreports-clusterrole.yaml 2024-11-26 12:24:45.896741687 +0000
+++ out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/view-exposedsecretreports-clusterrole.yaml 2024-11-26 12:24:20.708444316 +0000
@@ -5,12 +5,12 @@
kind: ClusterRole
metadata:
name: aggregate-exposed-secret-reports-view
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
rbac.authorization.k8s.io/aggregate-to-admin: "true"
diff -U 4 -r out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/view-vulnerabilityreports-clusterrole.yaml out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/view-vulnerabilityreports-clusterrole.yaml
--- out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/view-vulnerabilityreports-clusterrole.yaml 2024-11-26 12:24:45.896741687 +0000
+++ out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/rbac/view-vulnerabilityreports-clusterrole.yaml 2024-11-26 12:24:20.708444316 +0000
@@ -5,12 +5,12 @@
kind: ClusterRole
metadata:
name: aggregate-vulnerability-reports-view
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
rbac.authorization.k8s.io/aggregate-to-admin: "true"
diff -U 4 -r out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/secrets/operator.yaml out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/secrets/operator.yaml
--- out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/secrets/operator.yaml 2024-11-26 12:24:45.892741642 +0000
+++ out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/secrets/operator.yaml 2024-11-26 12:24:20.704444269 +0000
@@ -5,10 +5,10 @@
metadata:
name: trivy-operator
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
data:
diff -U 4 -r out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/secrets/trivy.yaml out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/secrets/trivy.yaml
--- out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/secrets/trivy.yaml 2024-11-26 12:24:45.896741687 +0000
+++ out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/secrets/trivy.yaml 2024-11-26 12:24:20.704444269 +0000
@@ -5,10 +5,10 @@
metadata:
name: trivy-operator-trivy-config
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
data:
diff -U 4 -r out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/serviceaccount.yaml out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/serviceaccount.yaml
--- out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/serviceaccount.yaml 2024-11-26 12:24:45.892741642 +0000
+++ out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/serviceaccount.yaml 2024-11-26 12:24:20.704444269 +0000
@@ -5,9 +5,9 @@
metadata:
name: release-name-trivy-operator
namespace: default
labels:
- helm.sh/chart: trivy-operator-0.24.1
+ helm.sh/chart: trivy-operator-0.25.0
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: release-name
- app.kubernetes.io/version: "0.22.0"
+ app.kubernetes.io/version: "0.23.0"
app.kubernetes.io/managed-by: Helm
diff -U 4 -r out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-cis-1.23.yaml out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-cis-1.23.yaml
--- out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-cis-1.23.yaml 2024-11-26 12:24:45.896741687 +0000
+++ out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-cis-1.23.yaml 2024-11-26 12:24:20.708444316 +0000
@@ -6,9 +6,9 @@
name: k8s-cis-1.23
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
- app.kubernetes.io/version: 0.22.0
+ app.kubernetes.io/version: 0.23.0
app.kubernetes.io/managed-by: kubectl
spec:
cron: "0 */6 * * *"
reportType: "summary"
diff -U 4 -r out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-nsa-1.0.yaml out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-nsa-1.0.yaml
--- out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-nsa-1.0.yaml 2024-11-26 12:24:45.896741687 +0000
+++ out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-nsa-1.0.yaml 2024-11-26 12:24:20.708444316 +0000
@@ -6,9 +6,9 @@
name: k8s-nsa-1.0
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
- app.kubernetes.io/version: 0.22.0
+ app.kubernetes.io/version: 0.23.0
app.kubernetes.io/managed-by: kubectl
spec:
cron: "0 */6 * * *"
reportType: "summary"
diff -U 4 -r out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-pss-baseline-0.1.yaml out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-pss-baseline-0.1.yaml
--- out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-pss-baseline-0.1.yaml 2024-11-26 12:24:45.896741687 +0000
+++ out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-pss-baseline-0.1.yaml 2024-11-26 12:24:20.708444316 +0000
@@ -6,9 +6,9 @@
name: k8s-pss-baseline-0.1
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
- app.kubernetes.io/version: 0.22.0
+ app.kubernetes.io/version: 0.23.0
app.kubernetes.io/managed-by: kubectl
spec:
cron: "0 */6 * * *"
reportType: "summary"
diff -U 4 -r out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-pss-restricted-0.1.yaml out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-pss-restricted-0.1.yaml
--- out/target/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-pss-restricted-0.1.yaml 2024-11-26 12:24:45.896741687 +0000
+++ out/pr/trivy/values-uibklab.yaml/sx-trivy/charts/trivy-operator/templates/specs/k8s-pss-restricted-0.1.yaml 2024-11-26 12:24:20.708444316 +0000
@@ -6,9 +6,9 @@
name: k8s-pss-restricted-0.1
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
- app.kubernetes.io/version: 0.22.0
+ app.kubernetes.io/version: 0.23.0
app.kubernetes.io/managed-by: kubectl
spec:
cron: "0 */6 * * *"
reportType: "summary" |
Changes Default Valuesdiff -U 4 -r out-default-values/target/trivy_trivy-operator_default-values.out out-default-values/pr/trivy_trivy-operator_default-values.out
--- out-default-values/target/trivy_trivy-operator_default-values.out 2024-11-26 12:24:45.976742604 +0000
+++ out-default-values/pr/trivy_trivy-operator_default-values.out 2024-11-26 12:24:20.788445254 +0000
@@ -184,10 +184,10 @@
# -- valuesFromSecret name of a Secret to apply OPERATOR_* environment variables. Will override Helm AND ConfigMap values.
valuesFromSecret: ""
image:
- registry: "ghcr.io"
- repository: "aquasecurity/trivy-operator"
+ registry: "mirror.gcr.io"
+ repository: "aquasec/trivy-operator"
# -- tag is an override of the image tag, which is by default set by the
# appVersion field in Chart.yaml.
tag: ""
# -- pullPolicy set the operator pullPolicy
@@ -335,13 +335,13 @@
# -- createConfig indicates whether to create config objects
createConfig: true
image:
# -- registry of the Trivy image
- registry: ghcr.io
+ registry: mirror.gcr.io
# -- repository of the Trivy image
- repository: aquasecurity/trivy
+ repository: aquasec/trivy
# -- tag version of the Trivy image
- tag: 0.53.0
+ tag: 0.57.1
# -- imagePullSecret is the secret name to be used when pulling trivy image from private registries example : reg-secret
# It is the user responsibility to create the secret for the private registry in `trivy-operator` namespace
imagePullSecret: ~
@@ -516,10 +516,10 @@
# Trivy client to Trivy server. Only applicable in ClientServer mode.
serverCustomHeaders: ~
# serverCustomHeaders: "foo=bar"
- dbRegistry: "ghcr.io"
- dbRepository: "aquasecurity/trivy-db"
+ dbRegistry: "mirror.gcr.io"
+ dbRepository: "aquasec/trivy-db"
# -- The username for dbRepository authentication
#
dbRepositoryUsername: ~
@@ -528,24 +528,24 @@
#
dbRepositoryPassword: ~
# -- javaDbRegistry is the registry for the Java vulnerability database.
- javaDbRegistry: "ghcr.io"
- javaDbRepository: "aquasecurity/trivy-java-db"
+ javaDbRegistry: "mirror.gcr.io"
+ javaDbRepository: "aquasec/trivy-java-db"
# -- The Flag to enable insecure connection for downloading trivy-db via proxy (air-gaped env)
#
dbRepositoryInsecure: "false"
- # -- The Flag to enable the usage of builtin rego policies by default, these policies are downloaded by default from ghcr.io/aquasecurity/trivy-checks
+ # -- The Flag to enable the usage of builtin rego policies by default, these policies are downloaded by default from mirror.gcr.io/aquasec/trivy-checks
#
- useBuiltinRegoPolicies: "true"
+ useBuiltinRegoPolicies: "false"
# -- The Flag to enable the usage of external rego policies config-map, this should be used when the user wants to use their own rego policies
#
externalRegoPoliciesEnabled: false
# -- To enable the usage of embedded rego policies, set the flag useEmbeddedRegoPolicies. This should serve as a fallback for air-gapped environments.
# When useEmbeddedRegoPolicies is set to true, useBuiltinRegoPolicies should be set to false.
- useEmbeddedRegoPolicies: "false"
+ useEmbeddedRegoPolicies: "true"
# -- The Flag is the list of supported kinds separated by comma delimiter to be scanned by the config audit scanner
#
supportedConfigAuditKinds: "Workload,Service,Role,ClusterRole,NetworkPolicy,Ingress,LimitRange,ResourceQuota"
@@ -685,13 +685,13 @@
automountServiceAccountToken: true
policiesBundle:
# -- registry of the policies bundle
- registry: ghcr.io
+ registry: mirror.gcr.io
# -- repository of the policies bundle
- repository: aquasecurity/trivy-checks
+ repository: aquasec/trivy-checks
# -- tag version of the policies bundle
- tag: 0
+ tag: 1
# -- registryUser is the user for the registry
registryUser: ~
# -- registryPassword is the password for the registry
registryPassword: ~ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
0.24.1->0.25.0Release Notes
aquasecurity/helm-charts (trivy-operator)
v0.25.0Compare Source
Keeps security report resources updated
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.