release: prepare v0.16.0-rc (#1475)

* release: prepare v0.16.0-rc Signed-off-by: chenk <[email protected]> * release: prepare v0.16.0-rc Signed-off-by: chenk <[email protected]> * release: prepare v0.16.0-rc Signed-off-by: chenk <[email protected]> * release: prepare v0.16.0-rc Signed-off-by: chenk <[email protected]> * release: prepare v0.16.0-rc Signed-off-by: chenk <[email protected]> * release: prepare v0.16.0-rc Signed-off-by: chenk <[email protected]> * release: prepare v0.16.0-rc Signed-off-by: chenk <[email protected]> * release: prepare v0.16.0-rc Signed-off-by: chenk <[email protected]> * release: prepare v0.16.0-rc Signed-off-by: chenk <[email protected]> * release: prepare v0.16.0-rc Signed-off-by: chenk <[email protected]> * release: prepare v0.16.0-rc Signed-off-by: chenk <[email protected]> * release: prepare v0.16.0-rc Signed-off-by: chenk <[email protected]> * release: prepare v0.16.0-rc Signed-off-by: chenk <[email protected]> * release: prepare v0.16.0-rc Signed-off-by: chenk <[email protected]> * release: prepare v0.16.0-rc Signed-off-by: chenk <[email protected]> * release: prepare v0.16.0-rc Signed-off-by: chenk <[email protected]> * release: prepare v0.16.0-rc Signed-off-by: chenk <[email protected]> --------- Signed-off-by: chenk <[email protected]>
aquasecurity · Sep 3, 2023 · b5af09b · b5af09b
1 parent 35213ef
commit b5af09b
Show file tree

Hide file tree

Showing 21 changed files with 53 additions and 55 deletions.
diff --git a/.github/workflows/validate-chart-appVersion.yaml b/.github/workflows/validate-chart-appVersion.yaml
@@ -1,10 +1,7 @@
 name: Chart-Content
-
 on:
-  pull_request:
-    types:
-      - opened
-      - synchronize
+  pull_request_target:
+    types: [opened, reopened, ready_for_review, synchronize]
     paths:
       - deploy/helm/Chart.yaml
 
@@ -14,6 +11,7 @@ jobs:
     permissions:
       contents: write
       pull-requests: write
+
     steps:
       - name: Check out code
         uses: actions/checkout@v2
@@ -38,6 +36,7 @@ jobs:
         with:
           labels: app-version-changed
 
+
       - name: remove app-version-changed label
         if: ${{ steps.latest_tag.outputs.tag == steps.chart_version.outputs.app_version }}
         uses: actions-ecosystem/action-remove-labels@v1

diff --git a/RELEASING.md b/RELEASING.md
@@ -46,17 +46,17 @@
 5. Create an annotated git tag and push it to the `upstream`. This will trigger the [`.github/workflows/release.yaml`] workflow
 
    ```
-   git tag -v0.15.1 -m 'Release v0.15.1'
-   git push upstream v0.15.1
+   git tag -v0.16.0-rc -m 'Release v0.16.0-rc'
+   git push upstream v0.16.0-rc
    ```
 
 6. Verify that the `release` workflow has built and published the following artifacts
    1. Trivy-operator container images published to DockerHub
-       `docker.io/aquasec/trivy-operator:0.15.1`
+       `docker.io/aquasec/trivy-operator:0.16.0-rc`
    2. Trivy-operator container images published to Amazon ECR Public Gallery
-       `public.ecr.aws/aquasecurity/trivy-operator:0.15.1`
+       `public.ecr.aws/aquasecurity/trivy-operator:0.16.0-rc`
    2. Trivy-operator container images published to GitHub Container Registry
-       `ghcr.io/aquasecurity/trivy-operator:0.15.1`
+       `ghcr.io/aquasecurity/trivy-operator:0.16.0-rc`
 7. Publish docs on <https://aquasecurity.github.io/trivy-operator/> by manually triggering the [`.github/workflows/publish-docs.yaml`] workflow
 8. Submit trivy-operator Operator to OperatorHub and ArtifactHUB by opening the PR to the <https://github.com/k8s-operatorhub/community-operators> repository.
 
@@ -65,5 +65,4 @@
 [`deploy/helm/templates/specs/nsa-1.0.yaml`]: ./deploy/helm/templates/specs/nsa-1.0.yaml
 [`mkdocs.yml`]: ./mkdocs.yml
 [`.github/workflows/release.yaml`]: ./.github/workflows/release.yaml
-[`.github/workflows/publish-helm-chart.yaml`]: ./.github/workflows/publish-helm-chart.yaml
 [`.github/workflows/publish-docs.yaml`]: ./.github/workflows/publish-docs.yaml
diff --git a/deploy/helm/Chart.yaml b/deploy/helm/Chart.yaml
@@ -6,12 +6,12 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.17.0
+version: 0.18.0-rc
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
-appVersion: 0.15.1
+appVersion: 0.16.0-rc
 
 # kubeVersion: A SemVer range of compatible Kubernetes versions (optional)
 

diff --git a/deploy/helm/README.md b/deploy/helm/README.md
@@ -1,6 +1,6 @@
 # trivy-operator
 
-![Version: 0.17.0](https://img.shields.io/badge/Version-0.17.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.15.1](https://img.shields.io/badge/AppVersion-0.15.1-informational?style=flat-square)
+![Version: 0.18.0-rc](https://img.shields.io/badge/Version-0.18.0--rc-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.16.0-rc](https://img.shields.io/badge/AppVersion-0.16.0--rc-informational?style=flat-square)
 
 Keeps security report resources updated
 

diff --git a/deploy/helm/templates/specs/cis-1.23.yaml b/deploy/helm/templates/specs/cis-1.23.yaml
@@ -5,7 +5,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: 0.15.1
+    app.kubernetes.io/version: 0.16.0-rc
     app.kubernetes.io/managed-by: kubectl
 spec:
   cron: {{ .Values.compliance.cron | quote}}

diff --git a/deploy/helm/templates/specs/nsa-1.0.yaml b/deploy/helm/templates/specs/nsa-1.0.yaml
@@ -5,7 +5,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.15.1"
+    app.kubernetes.io/version: "0.16.0-rc"
     app.kubernetes.io/managed-by: kubectl
 spec:
   cron: {{ .Values.compliance.cron | quote }}

diff --git a/deploy/helm/templates/specs/pss-baseline.yaml b/deploy/helm/templates/specs/pss-baseline.yaml
@@ -5,7 +5,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: 0.15.1
+    app.kubernetes.io/version: 0.16.0-rc
     app.kubernetes.io/managed-by: kubectl
 spec:
   cron: {{ .Values.compliance.cron | quote }}

diff --git a/deploy/helm/templates/specs/pss-restricted.yaml b/deploy/helm/templates/specs/pss-restricted.yaml
@@ -5,7 +5,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: 0.15.1
+    app.kubernetes.io/version: 0.16.0-rc
     app.kubernetes.io/managed-by: kubectl
 spec:
   cron: {{ .Values.compliance.cron | quote }}

diff --git a/deploy/static/namespace.yaml b/deploy/static/namespace.yaml
@@ -6,5 +6,5 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.15.1"
+    app.kubernetes.io/version: "0.16.0-rc"
     app.kubernetes.io/managed-by: kubectl
diff --git a/deploy/static/trivy-operator.yaml b/deploy/static/trivy-operator.yaml
@@ -2104,7 +2104,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.15.1"
+    app.kubernetes.io/version: "0.16.0-rc"
     app.kubernetes.io/managed-by: kubectl
 ---
 # Source: trivy-operator/templates/config.yaml
@@ -2116,7 +2116,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.15.1"
+    app.kubernetes.io/version: "0.16.0-rc"
     app.kubernetes.io/managed-by: kubectl
 ---
 # Source: trivy-operator/templates/config.yaml
@@ -2128,7 +2128,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.15.1"
+    app.kubernetes.io/version: "0.16.0-rc"
     app.kubernetes.io/managed-by: kubectl
 data:
 ---
@@ -2141,7 +2141,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.15.1"
+    app.kubernetes.io/version: "0.16.0-rc"
     app.kubernetes.io/managed-by: kubectl
 data:
   nodeCollector.volumes: "[{\"hostPath\":{\"path\":\"/var/lib/etcd\"},\"name\":\"var-lib-etcd\"},{\"hostPath\":{\"path\":\"/var/lib/kubelet\"},\"name\":\"var-lib-kubelet\"},{\"hostPath\":{\"path\":\"/var/lib/kube-scheduler\"},\"name\":\"var-lib-kube-scheduler\"},{\"hostPath\":{\"path\":\"/var/lib/kube-controller-manager\"},\"name\":\"var-lib-kube-controller-manager\"},{\"hostPath\":{\"path\":\"/etc/systemd\"},\"name\":\"etc-systemd\"},{\"hostPath\":{\"path\":\"/lib/systemd\"},\"name\":\"lib-systemd\"},{\"hostPath\":{\"path\":\"/etc/kubernetes\"},\"name\":\"etc-kubernetes\"},{\"hostPath\":{\"path\":\"/etc/cni/net.d/\"},\"name\":\"etc-cni-netd\"}]"
@@ -2163,7 +2163,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.15.1"
+    app.kubernetes.io/version: "0.16.0-rc"
     app.kubernetes.io/managed-by: kubectl
 data:
   trivy.repository: "ghcr.io/aquasecurity/trivy"
@@ -2194,7 +2194,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.15.1"
+    app.kubernetes.io/version: "0.16.0-rc"
     app.kubernetes.io/managed-by: kubectl
 spec:
   replicas: 1
@@ -2214,7 +2214,7 @@ spec:
       automountServiceAccountToken: true
       containers:
         - name: "trivy-operator"
-          image: "ghcr.io/aquasecurity/trivy-operator:0.15.1"
+          image: "ghcr.io/aquasecurity/trivy-operator:0.16.0-rc"
           imagePullPolicy: IfNotPresent
           env:
             - name: OPERATOR_NAMESPACE
@@ -2336,7 +2336,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.15.1"
+    app.kubernetes.io/version: "0.16.0-rc"
     app.kubernetes.io/managed-by: kubectl
 rules:
   - apiGroups:
@@ -2363,7 +2363,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.15.1"
+    app.kubernetes.io/version: "0.16.0-rc"
     app.kubernetes.io/managed-by: kubectl
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -2383,7 +2383,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.15.1"
+    app.kubernetes.io/version: "0.16.0-rc"
     app.kubernetes.io/managed-by: kubectl
 data:
 # example
@@ -2433,7 +2433,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.15.1"
+    app.kubernetes.io/version: "0.16.0-rc"
     app.kubernetes.io/managed-by: kubectl
 ---
 # Source: trivy-operator/templates/rbac.yaml
@@ -2784,7 +2784,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.15.1"
+    app.kubernetes.io/version: "0.16.0-rc"
     app.kubernetes.io/managed-by: kubectl
     rbac.authorization.k8s.io/aggregate-to-view: "true"
     rbac.authorization.k8s.io/aggregate-to-edit: "true"
@@ -2809,7 +2809,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.15.1"
+    app.kubernetes.io/version: "0.16.0-rc"
     app.kubernetes.io/managed-by: kubectl
     rbac.authorization.k8s.io/aggregate-to-view: "true"
     rbac.authorization.k8s.io/aggregate-to-edit: "true"
@@ -2834,7 +2834,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.15.1"
+    app.kubernetes.io/version: "0.16.0-rc"
     app.kubernetes.io/managed-by: kubectl
     rbac.authorization.k8s.io/aggregate-to-view: "true"
     rbac.authorization.k8s.io/aggregate-to-edit: "true"
@@ -2858,7 +2858,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.15.1"
+    app.kubernetes.io/version: "0.16.0-rc"
     app.kubernetes.io/managed-by: kubectl
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -2878,7 +2878,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.15.1"
+    app.kubernetes.io/version: "0.16.0-rc"
     app.kubernetes.io/managed-by: kubectl
 rules:
   - apiGroups:
@@ -2908,7 +2908,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.15.1"
+    app.kubernetes.io/version: "0.16.0-rc"
     app.kubernetes.io/managed-by: kubectl
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -2928,7 +2928,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.15.1"
+    app.kubernetes.io/version: "0.16.0-rc"
     app.kubernetes.io/managed-by: kubectl
 spec:
   clusterIP: None

diff --git a/docs/docs/crds/clustercompliance-report.md b/docs/docs/crds/clustercompliance-report.md
@@ -1346,7 +1346,7 @@ status:
             "app.kubernetes.io/instance": "trivy-operator",
             "app.kubernetes.io/managed-by": "kubectl",
             "app.kubernetes.io/name": "trivy-operator",
-            "app.kubernetes.io/version": "0.15.1"
+            "app.kubernetes.io/version": "0.16.0-rc"
         },
         "name": "cis",
         "resourceVersion": "8985",

diff --git a/docs/docs/crds/configaudit-report.md b/docs/docs/crds/configaudit-report.md
@@ -36,7 +36,7 @@ report:
   scanner:
     name: Trivy 
     vendor: Aqua Security
-    version: '0.15.1'
+    version: '0.16.0-rc'
   summary:
     criticalCount: 2
     highCount: 0

diff --git a/docs/docs/crds/exposedsecret-report.md b/docs/docs/crds/exposedsecret-report.md
@@ -34,7 +34,7 @@ metadata:
 report:
   artifact:
     repository: myimagewithsecret
-    tag: v0.15.1
+    tag: v0.16.0-rc
   registry:
     server: index.docker.io
   scanner:

diff --git a/docs/docs/crds/rbacassessment-report.md b/docs/docs/crds/rbacassessment-report.md
@@ -177,7 +177,7 @@ report:
   scanner:
     name: Trivy
     vendor: Aqua Security
-    version: '0.15.1'
+    version: '0.16.0-rc'
   summary:
     criticalCount: 1
     highCount: 0

diff --git a/docs/docs/design/caching_scan_results_by_repo_digest.md b/docs/docs/design/caching_scan_results_by_repo_digest.md
@@ -129,5 +129,5 @@ We can't use something like ownerReference since it would delete all vulnerabili
   a gate.
 * Both Trivy-Operator CLI and Trivy-Operator Operator can read and leverage ClusterVulnerabilityReports.
 
-[Standalone]: https://aquasecurity.github.io/trivy-operator/v0.15.1/integrations/vulnerability-scanners/trivy/#standalone
-[ClientServer]: https://aquasecurity.github.io/trivy-operator/v0.15.1/integrations/vulnerability-scanners/trivy/#clientserver
+[Standalone]: https://aquasecurity.github.io/trivy-operator/v0.16.0-rc/integrations/vulnerability-scanners/trivy/#standalone
+[ClientServer]: https://aquasecurity.github.io/trivy-operator/v0.16.0-rc/integrations/vulnerability-scanners/trivy/#clientserver
diff --git a/docs/docs/design/design_compliance_report.md b/docs/docs/design/design_compliance_report.md
@@ -542,7 +542,7 @@ metadata:
   name: clustercompliancereports.aquasecurity.github.io
   labels:
     app.kubernetes.io/managed-by: trivy-operator
-    app.kubernetes.io/version: "0.15.1"
+    app.kubernetes.io/version: "0.16.0-rc"
 spec:
   group: aquasecurity.github.io
   scope: Cluster
@@ -678,7 +678,7 @@ metadata:
   name: clustercompliancedetailreports.aquasecurity.github.io
   labels:
     app.kubernetes.io/managed-by: trivy-operator
-    app.kubernetes.io/version: "0.15.1"
+    app.kubernetes.io/version: "0.16.0-rc"
 spec:
   group: aquasecurity.github.io
   versions:

diff --git a/docs/docs/design/design_vuln_scan_job_in_same_namespace_of_workload.md b/docs/docs/design/design_vuln_scan_job_in_same_namespace_of_workload.md
@@ -219,6 +219,6 @@ With this approach trivy operator will not have to worry about managing(create/d
     - As we will run scan job with service account of workload and if there are some very strict PSP defined in the cluster
     then scan job will be blocked due to the PSP.
 
-[ECR registry configuration]: https://aquasecurity.github.io/trivy-operator/v0.15.1/integrations/managed-registries/#amazon-elastic-container-registry-ecr
+[ECR registry configuration]: https://aquasecurity.github.io/trivy-operator/v0.16.0-rc/integrations/managed-registries/#amazon-elastic-container-registry-ecr
 [IAM role to service account]: https://docs.aws.amazon.com/eks/latest/userguide/specify-service-account-role.html
 [Trivy fs command]: https://github.com/aquasecurity/trivy-operator/blob/main/docs/design/design_trivy_file_system_scanner.md
diff --git a/docs/docs/vulnerability-scanning/managed-registries.md b/docs/docs/vulnerability-scanning/managed-registries.md
@@ -40,7 +40,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.15.1"
+    app.kubernetes.io/version: "0.16.0-rc"
     app.kubernetes.io/managed-by: kubectl
     azure.workload.identity/use: "true"
   annotations:

diff --git a/docs/tutorials/grafana-dashboard.md b/docs/tutorials/grafana-dashboard.md
@@ -92,7 +92,7 @@ Next, we can install the operator with the following command:
 helm install trivy-operator aqua/trivy-operator \
   --namespace trivy-system \
   --create-namespace \
-  --version 0.15.1 \
+  --version 0.16.0-rc \
   --values trivy-values.yaml
 ```