From 386c963daa3a85ed5a4b0e28bcdf707f6d05c623 Mon Sep 17 00:00:00 2001 From: chenk Date: Thu, 23 Nov 2023 12:02:07 +0200 Subject: [PATCH] release: prepare v0.17.0-rc (#1653) * release: prepare v0.17.0-rc Signed-off-by: chenk * release: prepare v0.17.0-rc Signed-off-by: chenk --------- Signed-off-by: chenk --- RELEASING.md | 10 +++--- deploy/helm/Chart.yaml | 4 +-- deploy/helm/README.md | 2 +- deploy/helm/templates/specs/cis-1.23.yaml | 2 +- deploy/helm/templates/specs/nsa-1.0.yaml | 2 +- deploy/helm/templates/specs/pss-baseline.yaml | 2 +- .../helm/templates/specs/pss-restricted.yaml | 2 +- deploy/static/namespace.yaml | 2 +- deploy/static/trivy-operator.yaml | 36 +++++++++---------- docs/docs/crds/clustercompliance-report.md | 2 +- docs/docs/crds/configaudit-report.md | 2 +- docs/docs/crds/exposedsecret-report.md | 2 +- docs/docs/crds/rbacassessment-report.md | 2 +- .../caching_scan_results_by_repo_digest.md | 4 +-- docs/docs/design/design_compliance_report.md | 4 +-- .../design_starboard_at_scale.excalidraw | 4 +-- ..._scan_job_in_same_namespace_of_workload.md | 2 +- docs/docs/design/ttl_scans.md | 2 +- .../managed-registries.md | 2 +- docs/tutorials/private-registries.md | 2 +- itest/helper/helper.go | 2 +- mkdocs.yml | 4 +-- pkg/metrics/collector.go | 14 +++----- pkg/plugins/trivy/plugin.go | 2 +- 24 files changed, 54 insertions(+), 58 deletions(-) diff --git a/RELEASING.md b/RELEASING.md index 348ac676a..bdc23a196 100644 --- a/RELEASING.md +++ b/RELEASING.md @@ -46,17 +46,17 @@ 5. Create an annotated git tag and push it to the `upstream`. This will trigger the [`.github/workflows/release.yaml`] workflow ```sh - git tag -v0.16.4 -m 'Release v0.16.4' - git push upstream v0.16.4 + git tag -v0.17.0-rc -m 'Release v0.17.0-rc' + git push upstream v0.17.0-rc ``` 6. Verify that the `release` workflow has built and published the following artifacts 1. Trivy-operator container images published to DockerHub - `docker.io/aquasec/trivy-operator:0.16.4` + `docker.io/aquasec/trivy-operator:0.17.0-rc` 2. Trivy-operator container images published to Amazon ECR Public Gallery - `public.ecr.aws/aquasecurity/trivy-operator:0.16.4` + `public.ecr.aws/aquasecurity/trivy-operator:0.17.0-rc` 3. Trivy-operator container images published to GitHub Container Registry - `ghcr.io/aquasecurity/trivy-operator:0.16.4` + `ghcr.io/aquasecurity/trivy-operator:0.17.0-rc` 7. Submit trivy-operator Operator to OperatorHub and ArtifactHUB by opening the PR to the repository. diff --git a/deploy/helm/Chart.yaml b/deploy/helm/Chart.yaml index 7b8e0ca13..ea2676ee4 100644 --- a/deploy/helm/Chart.yaml +++ b/deploy/helm/Chart.yaml @@ -6,12 +6,12 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.18.4 +version: 0.19.0-rc # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. -appVersion: 0.16.4 +appVersion: 0.17.0-rc # kubeVersion: A SemVer range of compatible Kubernetes versions (optional) diff --git a/deploy/helm/README.md b/deploy/helm/README.md index 344dfb7d6..0069db8c1 100644 --- a/deploy/helm/README.md +++ b/deploy/helm/README.md @@ -1,6 +1,6 @@ # trivy-operator -![Version: 0.18.4](https://img.shields.io/badge/Version-0.18.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.16.4](https://img.shields.io/badge/AppVersion-0.16.4-informational?style=flat-square) +![Version: 0.19.0-rc](https://img.shields.io/badge/Version-0.19.0--rc-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.17.0-rc](https://img.shields.io/badge/AppVersion-0.17.0--rc-informational?style=flat-square) Keeps security report resources updated diff --git a/deploy/helm/templates/specs/cis-1.23.yaml b/deploy/helm/templates/specs/cis-1.23.yaml index e090a58fe..b230680e3 100644 --- a/deploy/helm/templates/specs/cis-1.23.yaml +++ b/deploy/helm/templates/specs/cis-1.23.yaml @@ -5,7 +5,7 @@ metadata: labels: app.kubernetes.io/name: trivy-operator app.kubernetes.io/instance: trivy-operator - app.kubernetes.io/version: 0.16.4 + app.kubernetes.io/version: 0.17.0-rc app.kubernetes.io/managed-by: kubectl spec: cron: {{ .Values.compliance.cron | quote}} diff --git a/deploy/helm/templates/specs/nsa-1.0.yaml b/deploy/helm/templates/specs/nsa-1.0.yaml index 5a23f65aa..c097b371a 100644 --- a/deploy/helm/templates/specs/nsa-1.0.yaml +++ b/deploy/helm/templates/specs/nsa-1.0.yaml @@ -5,7 +5,7 @@ metadata: labels: app.kubernetes.io/name: trivy-operator app.kubernetes.io/instance: trivy-operator - app.kubernetes.io/version: "0.16.4" + app.kubernetes.io/version: "0.17.0-rc" app.kubernetes.io/managed-by: kubectl spec: cron: {{ .Values.compliance.cron | quote }} diff --git a/deploy/helm/templates/specs/pss-baseline.yaml b/deploy/helm/templates/specs/pss-baseline.yaml index c20ef2dc4..40728180c 100644 --- a/deploy/helm/templates/specs/pss-baseline.yaml +++ b/deploy/helm/templates/specs/pss-baseline.yaml @@ -5,7 +5,7 @@ metadata: labels: app.kubernetes.io/name: trivy-operator app.kubernetes.io/instance: trivy-operator - app.kubernetes.io/version: 0.16.4 + app.kubernetes.io/version: 0.17.0-rc app.kubernetes.io/managed-by: kubectl spec: cron: {{ .Values.compliance.cron | quote }} diff --git a/deploy/helm/templates/specs/pss-restricted.yaml b/deploy/helm/templates/specs/pss-restricted.yaml index e11034eaa..7f91f2b43 100644 --- a/deploy/helm/templates/specs/pss-restricted.yaml +++ b/deploy/helm/templates/specs/pss-restricted.yaml @@ -5,7 +5,7 @@ metadata: labels: app.kubernetes.io/name: trivy-operator app.kubernetes.io/instance: trivy-operator - app.kubernetes.io/version: 0.16.4 + app.kubernetes.io/version: 0.17.0-rc app.kubernetes.io/managed-by: kubectl spec: cron: {{ .Values.compliance.cron | quote }} diff --git a/deploy/static/namespace.yaml b/deploy/static/namespace.yaml index 2a4945f9b..1203162da 100644 --- a/deploy/static/namespace.yaml +++ b/deploy/static/namespace.yaml @@ -6,5 +6,5 @@ metadata: labels: app.kubernetes.io/name: trivy-operator app.kubernetes.io/instance: trivy-operator - app.kubernetes.io/version: "0.16.4" + app.kubernetes.io/version: "0.17.0-rc" app.kubernetes.io/managed-by: kubectl diff --git a/deploy/static/trivy-operator.yaml b/deploy/static/trivy-operator.yaml index d0ec0d94d..91efb2023 100644 --- a/deploy/static/trivy-operator.yaml +++ b/deploy/static/trivy-operator.yaml @@ -2446,7 +2446,7 @@ metadata: labels: app.kubernetes.io/name: trivy-operator app.kubernetes.io/instance: trivy-operator - app.kubernetes.io/version: "0.16.4" + app.kubernetes.io/version: "0.17.0-rc" app.kubernetes.io/managed-by: kubectl --- # Source: trivy-operator/templates/configmaps/operator.yaml @@ -2458,7 +2458,7 @@ metadata: labels: app.kubernetes.io/name: trivy-operator app.kubernetes.io/instance: trivy-operator - app.kubernetes.io/version: "0.16.4" + app.kubernetes.io/version: "0.17.0-rc" app.kubernetes.io/managed-by: kubectl data: nodeCollector.volumes: "[{\"hostPath\":{\"path\":\"/var/lib/etcd\"},\"name\":\"var-lib-etcd\"},{\"hostPath\":{\"path\":\"/var/lib/kubelet\"},\"name\":\"var-lib-kubelet\"},{\"hostPath\":{\"path\":\"/var/lib/kube-scheduler\"},\"name\":\"var-lib-kube-scheduler\"},{\"hostPath\":{\"path\":\"/var/lib/kube-controller-manager\"},\"name\":\"var-lib-kube-controller-manager\"},{\"hostPath\":{\"path\":\"/etc/systemd\"},\"name\":\"etc-systemd\"},{\"hostPath\":{\"path\":\"/lib/systemd\"},\"name\":\"lib-systemd\"},{\"hostPath\":{\"path\":\"/etc/kubernetes\"},\"name\":\"etc-kubernetes\"},{\"hostPath\":{\"path\":\"/etc/cni/net.d/\"},\"name\":\"etc-cni-netd\"}]" @@ -2480,7 +2480,7 @@ metadata: labels: app.kubernetes.io/name: trivy-operator app.kubernetes.io/instance: trivy-operator - app.kubernetes.io/version: "0.16.4" + app.kubernetes.io/version: "0.17.0-rc" app.kubernetes.io/managed-by: kubectl data: --- @@ -2493,7 +2493,7 @@ metadata: labels: app.kubernetes.io/name: trivy-operator app.kubernetes.io/instance: trivy-operator - app.kubernetes.io/version: "0.16.4" + app.kubernetes.io/version: "0.17.0-rc" app.kubernetes.io/managed-by: kubectl data: trivy.repository: "ghcr.io/aquasecurity/trivy" @@ -2527,7 +2527,7 @@ metadata: labels: app.kubernetes.io/name: trivy-operator app.kubernetes.io/instance: trivy-operator - app.kubernetes.io/version: "0.16.4" + app.kubernetes.io/version: "0.17.0-rc" app.kubernetes.io/managed-by: kubectl --- # Source: trivy-operator/templates/secrets/trivy.yaml @@ -2539,7 +2539,7 @@ metadata: labels: app.kubernetes.io/name: trivy-operator app.kubernetes.io/instance: trivy-operator - app.kubernetes.io/version: "0.16.4" + app.kubernetes.io/version: "0.17.0-rc" app.kubernetes.io/managed-by: kubectl data: --- @@ -2552,7 +2552,7 @@ metadata: labels: app.kubernetes.io/name: trivy-operator app.kubernetes.io/instance: trivy-operator - app.kubernetes.io/version: "0.16.4" + app.kubernetes.io/version: "0.17.0-rc" app.kubernetes.io/managed-by: kubectl spec: replicas: 1 @@ -2572,7 +2572,7 @@ spec: automountServiceAccountToken: true containers: - name: "trivy-operator" - image: "ghcr.io/aquasecurity/trivy-operator:0.16.4" + image: "ghcr.io/aquasecurity/trivy-operator:0.17.0-rc" imagePullPolicy: IfNotPresent env: - name: OPERATOR_NAMESPACE @@ -2699,7 +2699,7 @@ metadata: labels: app.kubernetes.io/name: trivy-operator app.kubernetes.io/instance: trivy-operator - app.kubernetes.io/version: "0.16.4" + app.kubernetes.io/version: "0.17.0-rc" app.kubernetes.io/managed-by: kubectl spec: @@ -3073,7 +3073,7 @@ metadata: labels: app.kubernetes.io/name: trivy-operator app.kubernetes.io/instance: trivy-operator - app.kubernetes.io/version: "0.16.4" + app.kubernetes.io/version: "0.17.0-rc" app.kubernetes.io/managed-by: kubectl roleRef: apiGroup: rbac.authorization.k8s.io @@ -3094,7 +3094,7 @@ metadata: labels: app.kubernetes.io/name: trivy-operator app.kubernetes.io/instance: trivy-operator - app.kubernetes.io/version: "0.16.4" + app.kubernetes.io/version: "0.17.0-rc" app.kubernetes.io/managed-by: kubectl rules: - apiGroups: @@ -3121,7 +3121,7 @@ metadata: labels: app.kubernetes.io/name: trivy-operator app.kubernetes.io/instance: trivy-operator - app.kubernetes.io/version: "0.16.4" + app.kubernetes.io/version: "0.17.0-rc" app.kubernetes.io/managed-by: kubectl roleRef: apiGroup: rbac.authorization.k8s.io @@ -3141,7 +3141,7 @@ metadata: labels: app.kubernetes.io/name: trivy-operator app.kubernetes.io/instance: trivy-operator - app.kubernetes.io/version: "0.16.4" + app.kubernetes.io/version: "0.17.0-rc" app.kubernetes.io/managed-by: kubectl rules: - apiGroups: @@ -3171,7 +3171,7 @@ metadata: labels: app.kubernetes.io/name: trivy-operator app.kubernetes.io/instance: trivy-operator - app.kubernetes.io/version: "0.16.4" + app.kubernetes.io/version: "0.17.0-rc" app.kubernetes.io/managed-by: kubectl roleRef: apiGroup: rbac.authorization.k8s.io @@ -3191,7 +3191,7 @@ metadata: labels: app.kubernetes.io/name: trivy-operator app.kubernetes.io/instance: trivy-operator - app.kubernetes.io/version: "0.16.4" + app.kubernetes.io/version: "0.17.0-rc" app.kubernetes.io/managed-by: kubectl rbac.authorization.k8s.io/aggregate-to-view: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" @@ -3216,7 +3216,7 @@ metadata: labels: app.kubernetes.io/name: trivy-operator app.kubernetes.io/instance: trivy-operator - app.kubernetes.io/version: "0.16.4" + app.kubernetes.io/version: "0.17.0-rc" app.kubernetes.io/managed-by: kubectl rbac.authorization.k8s.io/aggregate-to-view: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" @@ -3241,7 +3241,7 @@ metadata: labels: app.kubernetes.io/name: trivy-operator app.kubernetes.io/instance: trivy-operator - app.kubernetes.io/version: "0.16.4" + app.kubernetes.io/version: "0.17.0-rc" app.kubernetes.io/managed-by: kubectl rbac.authorization.k8s.io/aggregate-to-view: "true" rbac.authorization.k8s.io/aggregate-to-edit: "true" @@ -3266,5 +3266,5 @@ metadata: labels: app.kubernetes.io/name: trivy-operator app.kubernetes.io/instance: trivy-operator - app.kubernetes.io/version: "0.16.4" + app.kubernetes.io/version: "0.17.0-rc" app.kubernetes.io/managed-by: kubectl diff --git a/docs/docs/crds/clustercompliance-report.md b/docs/docs/crds/clustercompliance-report.md index fb0244616..35b03eb8e 100644 --- a/docs/docs/crds/clustercompliance-report.md +++ b/docs/docs/crds/clustercompliance-report.md @@ -1346,7 +1346,7 @@ status: "app.kubernetes.io/instance": "trivy-operator", "app.kubernetes.io/managed-by": "kubectl", "app.kubernetes.io/name": "trivy-operator", - "app.kubernetes.io/version": "0.16.4" + "app.kubernetes.io/version": "0.17.0-rc" }, "name": "cis", "resourceVersion": "8985", diff --git a/docs/docs/crds/configaudit-report.md b/docs/docs/crds/configaudit-report.md index 5866bc1d5..9527c2c02 100644 --- a/docs/docs/crds/configaudit-report.md +++ b/docs/docs/crds/configaudit-report.md @@ -34,7 +34,7 @@ report: scanner: name: Trivy vendor: Aqua Security - version: '0.16.4' + version: '0.17.0-rc' summary: criticalCount: 2 highCount: 0 diff --git a/docs/docs/crds/exposedsecret-report.md b/docs/docs/crds/exposedsecret-report.md index 2eaceeabb..820a3d168 100644 --- a/docs/docs/crds/exposedsecret-report.md +++ b/docs/docs/crds/exposedsecret-report.md @@ -33,7 +33,7 @@ metadata: report: artifact: repository: myimagewithsecret - tag: v0.16.4 + tag: v0.17.0-rc registry: server: index.docker.io scanner: diff --git a/docs/docs/crds/rbacassessment-report.md b/docs/docs/crds/rbacassessment-report.md index be9f62070..560f3587c 100644 --- a/docs/docs/crds/rbacassessment-report.md +++ b/docs/docs/crds/rbacassessment-report.md @@ -176,7 +176,7 @@ report: scanner: name: Trivy vendor: Aqua Security - version: '0.16.4' + version: '0.17.0-rc' summary: criticalCount: 1 highCount: 0 diff --git a/docs/docs/design/caching_scan_results_by_repo_digest.md b/docs/docs/design/caching_scan_results_by_repo_digest.md index 92ce92b41..5251d96df 100644 --- a/docs/docs/design/caching_scan_results_by_repo_digest.md +++ b/docs/docs/design/caching_scan_results_by_repo_digest.md @@ -129,5 +129,5 @@ We can't use something like ownerReference since it would delete all vulnerabili a gate. * Both Trivy-Operator CLI and Trivy-Operator Operator can read and leverage ClusterVulnerabilityReports. -[Standalone]: https://aquasecurity.github.io/trivy-operator/v0.16.4/integrations/vulnerability-scanners/trivy/#standalone -[ClientServer]: https://aquasecurity.github.io/trivy-operator/v0.16.4/integrations/vulnerability-scanners/trivy/#clientserver +[Standalone]: https://aquasecurity.github.io/trivy-operator/v0.17.0-rc/integrations/vulnerability-scanners/trivy/#standalone +[ClientServer]: https://aquasecurity.github.io/trivy-operator/v0.17.0-rc/integrations/vulnerability-scanners/trivy/#clientserver diff --git a/docs/docs/design/design_compliance_report.md b/docs/docs/design/design_compliance_report.md index b090dc147..2b7fee006 100644 --- a/docs/docs/design/design_compliance_report.md +++ b/docs/docs/design/design_compliance_report.md @@ -542,7 +542,7 @@ metadata: name: clustercompliancereports.aquasecurity.github.io labels: app.kubernetes.io/managed-by: trivy-operator - app.kubernetes.io/version: "0.16.4" + app.kubernetes.io/version: "0.17.0-rc" spec: group: aquasecurity.github.io scope: Cluster @@ -678,7 +678,7 @@ metadata: name: clustercompliancedetailreports.aquasecurity.github.io labels: app.kubernetes.io/managed-by: trivy-operator - app.kubernetes.io/version: "0.16.4" + app.kubernetes.io/version: "0.17.0-rc" spec: group: aquasecurity.github.io versions: diff --git a/docs/docs/design/design_starboard_at_scale.excalidraw b/docs/docs/design/design_starboard_at_scale.excalidraw index 0aa8abf8a..4216197e6 100644 --- a/docs/docs/design/design_starboard_at_scale.excalidraw +++ b/docs/docs/design/design_starboard_at_scale.excalidraw @@ -11835,7 +11835,7 @@ "versionNonce": 596868769, "isDeleted": false, "boundElementIds": null, - "text": "apiVersion: batch/v1\nkind: Job\nmetadata:\n name: scan-vulnerabilityreport-\n namespace: trivy-system\nspec:\n template:\n spec:\n containers:\n - name: nginx\n image: aquasec/trivy:0.16.4\n command: [\"trivy\", \"image\", \"nginx:1.16\"]\n restartPolicy: Never\n backoffLimit: 1", + "text": "apiVersion: batch/v1\nkind: Job\nmetadata:\n name: scan-vulnerabilityreport-\n namespace: trivy-system\nspec:\n template:\n spec:\n containers:\n - name: nginx\n image: aquasec/trivy:0.17.0-rc\n command: [\"trivy\", \"image\", \"nginx:1.16\"]\n restartPolicy: Never\n backoffLimit: 1", "fontSize": 20, "fontFamily": 3, "textAlign": "left", @@ -11895,7 +11895,7 @@ "boundElementIds": [], "fontSize": 20, "fontFamily": 3, - "text": "apiVersion: v1\nkind: Pod\nmetadata:\n name: scan-vulnerabilityreport--\n namespace: trivy-system\nspec:\n containers:\n - name: nginx\n image: aquasec/trivy:0.16.4\n command: [\"trivy\", \"image\", \"nginx:1.16\"]\n", + "text": "apiVersion: v1\nkind: Pod\nmetadata:\n name: scan-vulnerabilityreport--\n namespace: trivy-system\nspec:\n containers:\n - name: nginx\n image: aquasec/trivy:0.17.0-rc\n command: [\"trivy\", \"image\", \"nginx:1.16\"]\n", "baseline": 259, "textAlign": "left", "verticalAlign": "top" diff --git a/docs/docs/design/design_vuln_scan_job_in_same_namespace_of_workload.md b/docs/docs/design/design_vuln_scan_job_in_same_namespace_of_workload.md index cb86fba41..42cd314c3 100644 --- a/docs/docs/design/design_vuln_scan_job_in_same_namespace_of_workload.md +++ b/docs/docs/design/design_vuln_scan_job_in_same_namespace_of_workload.md @@ -219,6 +219,6 @@ With this approach trivy operator will not have to worry about managing(create/d - As we will run scan job with service account of workload and if there are some very strict PSP defined in the cluster then scan job will be blocked due to the PSP. -[ECR registry configuration]: https://aquasecurity.github.io/trivy-operator/v0.16.4/integrations/managed-registries/#amazon-elastic-container-registry-ecr +[ECR registry configuration]: https://aquasecurity.github.io/trivy-operator/v0.17.0-rc/integrations/managed-registries/#amazon-elastic-container-registry-ecr [IAM role to service account]: https://docs.aws.amazon.com/eks/latest/userguide/specify-service-account-role.html [Trivy fs command]: https://github.com/aquasecurity/trivy-operator/blob/main/docs/design/design_trivy_file_system_scanner.md diff --git a/docs/docs/design/ttl_scans.md b/docs/docs/design/ttl_scans.md index 5ee11d47d..0bad51176 100644 --- a/docs/docs/design/ttl_scans.md +++ b/docs/docs/design/ttl_scans.md @@ -44,7 +44,7 @@ metadata: report: artifact: repository: fluxcd/source-controller - tag: v0.16.4 + tag: v0.17.0-rc registry: server: ghcr.io scanner: diff --git a/docs/docs/vulnerability-scanning/managed-registries.md b/docs/docs/vulnerability-scanning/managed-registries.md index bce70c4a7..5eb058bb4 100644 --- a/docs/docs/vulnerability-scanning/managed-registries.md +++ b/docs/docs/vulnerability-scanning/managed-registries.md @@ -40,7 +40,7 @@ metadata: labels: app.kubernetes.io/name: trivy-operator app.kubernetes.io/instance: trivy-operator - app.kubernetes.io/version: "0.16.4" + app.kubernetes.io/version: "0.17.0-rc" app.kubernetes.io/managed-by: kubectl azure.workload.identity/use: "true" annotations: diff --git a/docs/tutorials/private-registries.md b/docs/tutorials/private-registries.md index 3fe18a76a..2cf6b6d90 100644 --- a/docs/tutorials/private-registries.md +++ b/docs/tutorials/private-registries.md @@ -303,4 +303,4 @@ data: The last way that you could give the Trivy operator access to your private container registry is through managed registries. In this case, the container registry and your Kubernetes cluster would have to be on the same cloud provider; then you can define access to your container namespace as part of the IAM account. Once defined, trivy will already have the permissions for the registry. -For additional information, please refer to the [documentation on managed registries.](https://aquasecurity.github.io/trivy-operator/v0.16.4/docs/vulnerability-scanning/managed-registries/) +For additional information, please refer to the [documentation on managed registries.](https://aquasecurity.github.io/trivy-operator/v0.17.0-rc/docs/vulnerability-scanning/managed-registries/) diff --git a/itest/helper/helper.go b/itest/helper/helper.go index 6750450ef..cb30664ec 100644 --- a/itest/helper/helper.go +++ b/itest/helper/helper.go @@ -236,7 +236,7 @@ var ( trivyScanner = v1alpha1.Scanner{ Name: v1alpha1.ScannerNameTrivy, Vendor: "Aqua Security", - Version: "0.16.4", + Version: "0.17.0-rc", } ) diff --git a/mkdocs.yml b/mkdocs.yml index aaf87eaf3..ea1ac0262 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -88,8 +88,8 @@ extra: method: mike provider: mike var: - prev_git_tag: "v0.16.3" - chart_version: "0.18.4" + prev_git_tag: "v0.16.4" + chart_version: "0.19.0-rc" plugins: - search diff --git a/pkg/metrics/collector.go b/pkg/metrics/collector.go index 046690cee..7a8d6bff9 100644 --- a/pkg/metrics/collector.go +++ b/pkg/metrics/collector.go @@ -78,7 +78,6 @@ const ( //compliance compliance_id = "compliance_id" compliance_name = "compliance_name" - ) type metricDescriptors struct { @@ -105,7 +104,6 @@ type metricDescriptors struct { imageInfoLabels []string complianceInfoLabels []string - // Descriptors imageVulnDesc *prometheus.Desc vulnIdDesc *prometheus.Desc @@ -517,7 +515,6 @@ func buildMetricDescriptors(config trivyoperator.ConfigData) metricDescriptors { imageInfoLabels: imageInfoLabels, complianceInfoLabels: clusterComplianceInfoLabels, - imageVulnDesc: imageVulnDesc, vulnIdDesc: vulnIdDesc, configAuditDesc: configAuditDesc, @@ -532,7 +529,6 @@ func buildMetricDescriptors(config trivyoperator.ConfigData) metricDescriptors { complianceDesc: complianceDesc, imageInfoDesc: imageInfoDesc, complianceInfoDesc: complianceInfoDesc, - } } @@ -579,9 +575,9 @@ func (c ResourcesMetricsCollector) Collect(metrics chan<- prometheus.Metric) { c.collectClusterRbacAssessmentReports(ctx, metrics) c.collectClusterComplianceReports(ctx, metrics) - if c.Config.MetricsImageInfo { - c.collectImageReports(ctx, metrics, targetNamespaces) - } + if c.Config.MetricsImageInfo { + c.collectImageReports(ctx, metrics, targetNamespaces) + } if c.Config.MetricsClusterComplianceInfo { c.collectClusterComplianceInfoReports(ctx, metrics) @@ -980,7 +976,7 @@ func (c ResourcesMetricsCollector) collectImageReports(ctx context.Context, metr labelValues[8] = r.Report.Artifact.Digest labelValues[9] = string(r.Report.OS.Family) labelValues[10] = r.Report.OS.Name - labelValues[11] = "" + labelValues[11] = "" if r.Report.OS.Eosl { labelValues[11] = strconv.FormatBool(r.Report.OS.Eosl) } @@ -989,9 +985,9 @@ func (c ResourcesMetricsCollector) collectImageReports(ctx context.Context, metr labelValues[i+12] = r.Labels[label] } metrics <- prometheus.MustNewConstMetric(c.imageInfoDesc, prometheus.GaugeValue, float64(1), labelValues...) - } } } + } } func (c *ResourcesMetricsCollector) collectClusterComplianceInfoReports(ctx context.Context, metrics chan<- prometheus.Metric) { diff --git a/pkg/plugins/trivy/plugin.go b/pkg/plugins/trivy/plugin.go index abbbee864..28927c59b 100644 --- a/pkg/plugins/trivy/plugin.go +++ b/pkg/plugins/trivy/plugin.go @@ -235,7 +235,7 @@ func (p *plugin) parseImageRef(imageRef string, imageID string) (v1alpha1.Regist return registry, artifact, nil } -func (p *plugin) parseOSRef(reports ty.Report) (v1alpha1.OS) { +func (p *plugin) parseOSRef(reports ty.Report) v1alpha1.OS { os := v1alpha1.OS{} if reports.Metadata.OS != nil { os.Family = reports.Metadata.OS.Family