Skip to content

Commit

Permalink
release: prepare v0.20.1 (#2038)
Browse files Browse the repository at this point in the history
Signed-off-by: chenk <[email protected]>
  • Loading branch information
chen-keinan authored Apr 24, 2024
1 parent 9b8c3e5 commit e47d3f7
Show file tree
Hide file tree
Showing 24 changed files with 72 additions and 60 deletions.
6 changes: 3 additions & 3 deletions CONTRIBUTING.md
Original file line number Diff line number Diff line change
Expand Up @@ -344,16 +344,16 @@ chart, then run `mage generate:docs` to ensure the helm docs are up-to-date.
To install [Operator Lifecycle Manager] (OLM) run:

```
kubectl apply -f https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.20.0/crds.yaml
kubectl apply -f https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.20.0/olm.yaml
kubectl apply -f https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.20.1/crds.yaml
kubectl apply -f https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.20.1/olm.yaml
```

or

```
curl -L https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.21.4/install.sh -o install.sh
chmod +x install.sh
./install.sh v0.20.0
./install.sh v0.20.1
```

### Build the Catalog Image
Expand Down
10 changes: 5 additions & 5 deletions RELEASING.md
Original file line number Diff line number Diff line change
Expand Up @@ -46,17 +46,17 @@
5. Create an annotated git tag and push it to the `upstream`. This will trigger the [`.github/workflows/release.yaml`] workflow

```sh
git tag -v0.20.0 -m 'Release v0.20.0'
git push upstream v0.20.0
git tag -v0.20.1 -m 'Release v0.20.1'
git push upstream v0.20.1
```

6. Verify that the `release` workflow has built and published the following artifacts
1. Trivy-operator container images published to DockerHub
`docker.io/aquasec/trivy-operator:0.20.0`
`docker.io/aquasec/trivy-operator:0.20.1`
2. Trivy-operator container images published to Amazon ECR Public Gallery
`public.ecr.aws/aquasecurity/trivy-operator:0.20.0`
`public.ecr.aws/aquasecurity/trivy-operator:0.20.1`
3. Trivy-operator container images published to GitHub Container Registry
`ghcr.io/aquasecurity/trivy-operator:0.20.0`
`ghcr.io/aquasecurity/trivy-operator:0.20.1`

7. Submit trivy-operator Operator to OperatorHub and ArtifactHUB by opening the PR to the <https://github.com/k8s-operatorhub/community-operators> repository.

Expand Down
4 changes: 2 additions & 2 deletions deploy/helm/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,12 +6,12 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.22.0
version: 0.22.1

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
appVersion: 0.20.0
appVersion: 0.20.1

# kubeVersion: A SemVer range of compatible Kubernetes versions (optional)

Expand Down
2 changes: 1 addition & 1 deletion deploy/helm/README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# trivy-operator

![Version: 0.22.0](https://img.shields.io/badge/Version-0.22.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.20.0](https://img.shields.io/badge/AppVersion-0.20.0-informational?style=flat-square)
![Version: 0.22.1](https://img.shields.io/badge/Version-0.22.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.20.1](https://img.shields.io/badge/AppVersion-0.20.1-informational?style=flat-square)

Keeps security report resources updated

Expand Down
2 changes: 1 addition & 1 deletion deploy/helm/templates/specs/cis-1.23.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: 0.20.0
app.kubernetes.io/version: 0.20.1
app.kubernetes.io/managed-by: kubectl
spec:
cron: {{ .Values.compliance.cron | quote}}
Expand Down
2 changes: 1 addition & 1 deletion deploy/helm/templates/specs/nsa-1.0.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.20.0"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
spec:
cron: {{ .Values.compliance.cron | quote }}
Expand Down
2 changes: 1 addition & 1 deletion deploy/helm/templates/specs/pss-baseline.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: 0.20.0
app.kubernetes.io/version: 0.20.1
app.kubernetes.io/managed-by: kubectl
spec:
cron: {{ .Values.compliance.cron | quote }}
Expand Down
2 changes: 1 addition & 1 deletion deploy/helm/templates/specs/pss-restricted.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: 0.20.0
app.kubernetes.io/version: 0.20.1
app.kubernetes.io/managed-by: kubectl
spec:
cron: {{ .Values.compliance.cron | quote }}
Expand Down
2 changes: 1 addition & 1 deletion deploy/static/namespace.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,5 +6,5 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.20.0"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
38 changes: 19 additions & 19 deletions deploy/static/trivy-operator.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2919,7 +2919,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.20.0"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
---
# Source: trivy-operator/templates/configmaps/operator.yaml
Expand All @@ -2931,7 +2931,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.20.0"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
data:
nodeCollector.volumes: "[{\"hostPath\":{\"path\":\"/var/lib/etcd\"},\"name\":\"var-lib-etcd\"},{\"hostPath\":{\"path\":\"/var/lib/kubelet\"},\"name\":\"var-lib-kubelet\"},{\"hostPath\":{\"path\":\"/var/lib/kube-scheduler\"},\"name\":\"var-lib-kube-scheduler\"},{\"hostPath\":{\"path\":\"/var/lib/kube-controller-manager\"},\"name\":\"var-lib-kube-controller-manager\"},{\"hostPath\":{\"path\":\"/etc/systemd\"},\"name\":\"etc-systemd\"},{\"hostPath\":{\"path\":\"/lib/systemd\"},\"name\":\"lib-systemd\"},{\"hostPath\":{\"path\":\"/etc/kubernetes\"},\"name\":\"etc-kubernetes\"},{\"hostPath\":{\"path\":\"/etc/cni/net.d/\"},\"name\":\"etc-cni-netd\"}]"
Expand All @@ -2955,7 +2955,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.20.0"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
data:
---
Expand All @@ -2968,7 +2968,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.20.0"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
data:
OPERATOR_LOG_DEV_MODE: "false"
Expand Down Expand Up @@ -3020,7 +3020,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.20.0"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
data:
trivy.repository: "ghcr.io/aquasecurity/trivy"
Expand Down Expand Up @@ -3056,7 +3056,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.20.0"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
data:
---
Expand All @@ -3069,7 +3069,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.20.0"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
data:
---
Expand All @@ -3082,7 +3082,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.20.0"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
spec:
replicas: 1
Expand All @@ -3102,7 +3102,7 @@ spec:
automountServiceAccountToken: true
containers:
- name: "trivy-operator"
image: "ghcr.io/aquasecurity/trivy-operator:0.20.0"
image: "ghcr.io/aquasecurity/trivy-operator:0.20.1"
imagePullPolicy: IfNotPresent
env:
- name: OPERATOR_NAMESPACE
Expand Down Expand Up @@ -3163,7 +3163,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.20.0"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
spec:
clusterIP: None
Expand Down Expand Up @@ -3554,7 +3554,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.20.0"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
roleRef:
apiGroup: rbac.authorization.k8s.io
Expand All @@ -3575,7 +3575,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.20.0"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
rules:
- apiGroups:
Expand All @@ -3602,7 +3602,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.20.0"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
roleRef:
apiGroup: rbac.authorization.k8s.io
Expand All @@ -3622,7 +3622,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.20.0"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
rules:
- apiGroups:
Expand Down Expand Up @@ -3652,7 +3652,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.20.0"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
roleRef:
apiGroup: rbac.authorization.k8s.io
Expand All @@ -3672,7 +3672,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.20.0"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
Expand All @@ -3697,7 +3697,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.20.0"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
Expand All @@ -3722,7 +3722,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.20.0"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
Expand All @@ -3747,5 +3747,5 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.20.0"
app.kubernetes.io/version: "0.20.1"
app.kubernetes.io/managed-by: kubectl
2 changes: 1 addition & 1 deletion docs/docs/crds/clustercompliance-report.md
Original file line number Diff line number Diff line change
Expand Up @@ -1346,7 +1346,7 @@ status:
"app.kubernetes.io/instance": "trivy-operator",
"app.kubernetes.io/managed-by": "kubectl",
"app.kubernetes.io/name": "trivy-operator",
"app.kubernetes.io/version": "0.20.0"
"app.kubernetes.io/version": "0.20.1"
},
"name": "cis",
"resourceVersion": "8985",
Expand Down
2 changes: 1 addition & 1 deletion docs/docs/crds/configaudit-report.md
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ report:
scanner:
name: Trivy
vendor: Aqua Security
version: '0.20.0'
version: '0.20.1'
summary:
criticalCount: 2
highCount: 0
Expand Down
2 changes: 1 addition & 1 deletion docs/docs/crds/exposedsecret-report.md
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ metadata:
report:
artifact:
repository: myimagewithsecret
tag: v0.20.0
tag: v0.20.1
registry:
server: index.docker.io
scanner:
Expand Down
2 changes: 1 addition & 1 deletion docs/docs/crds/rbacassessment-report.md
Original file line number Diff line number Diff line change
Expand Up @@ -176,7 +176,7 @@ report:
scanner:
name: Trivy
vendor: Aqua Security
version: '0.20.0'
version: '0.20.1'
summary:
criticalCount: 1
highCount: 0
Expand Down
4 changes: 2 additions & 2 deletions docs/docs/design/caching_scan_results_by_repo_digest.md
Original file line number Diff line number Diff line change
Expand Up @@ -129,5 +129,5 @@ We can't use something like ownerReference since it would delete all vulnerabili
a gate.
* Both Trivy-Operator CLI and Trivy-Operator Operator can read and leverage ClusterVulnerabilityReports.

[Standalone]: https://aquasecurity.github.io/trivy-operator/v0.20.0/integrations/vulnerability-scanners/trivy/#standalone
[ClientServer]: https://aquasecurity.github.io/trivy-operator/v0.20.0/integrations/vulnerability-scanners/trivy/#clientserver
[Standalone]: https://aquasecurity.github.io/trivy-operator/v0.20.1/integrations/vulnerability-scanners/trivy/#standalone
[ClientServer]: https://aquasecurity.github.io/trivy-operator/v0.20.1/integrations/vulnerability-scanners/trivy/#clientserver
4 changes: 2 additions & 2 deletions docs/docs/design/design_compliance_report.md
Original file line number Diff line number Diff line change
Expand Up @@ -542,7 +542,7 @@ metadata:
name: clustercompliancereports.aquasecurity.github.io
labels:
app.kubernetes.io/managed-by: trivy-operator
app.kubernetes.io/version: "0.20.0"
app.kubernetes.io/version: "0.20.1"
spec:
group: aquasecurity.github.io
scope: Cluster
Expand Down Expand Up @@ -678,7 +678,7 @@ metadata:
name: clustercompliancedetailreports.aquasecurity.github.io
labels:
app.kubernetes.io/managed-by: trivy-operator
app.kubernetes.io/version: "0.20.0"
app.kubernetes.io/version: "0.20.1"
spec:
group: aquasecurity.github.io
versions:
Expand Down
4 changes: 2 additions & 2 deletions docs/docs/design/design_starboard_at_scale.excalidraw
Original file line number Diff line number Diff line change
Expand Up @@ -11835,7 +11835,7 @@
"versionNonce": 596868769,
"isDeleted": false,
"boundElementIds": null,
"text": "apiVersion: batch/v1\nkind: Job\nmetadata:\n name: scan-vulnerabilityreport-<workload hash>\n namespace: trivy-system\nspec:\n template:\n spec:\n containers:\n - name: nginx\n image: aquasec/trivy:0.20.0\n command: [\"trivy\", \"image\", \"nginx:1.16\"]\n restartPolicy: Never\n backoffLimit: 1",
"text": "apiVersion: batch/v1\nkind: Job\nmetadata:\n name: scan-vulnerabilityreport-<workload hash>\n namespace: trivy-system\nspec:\n template:\n spec:\n containers:\n - name: nginx\n image: aquasec/trivy:0.20.1\n command: [\"trivy\", \"image\", \"nginx:1.16\"]\n restartPolicy: Never\n backoffLimit: 1",
"fontSize": 20,
"fontFamily": 3,
"textAlign": "left",
Expand Down Expand Up @@ -11895,7 +11895,7 @@
"boundElementIds": [],
"fontSize": 20,
"fontFamily": 3,
"text": "apiVersion: v1\nkind: Pod\nmetadata:\n name: scan-vulnerabilityreport-<workload hash>-<pod-hash>\n namespace: trivy-system\nspec:\n containers:\n - name: nginx\n image: aquasec/trivy:0.20.0\n command: [\"trivy\", \"image\", \"nginx:1.16\"]\n",
"text": "apiVersion: v1\nkind: Pod\nmetadata:\n name: scan-vulnerabilityreport-<workload hash>-<pod-hash>\n namespace: trivy-system\nspec:\n containers:\n - name: nginx\n image: aquasec/trivy:0.20.1\n command: [\"trivy\", \"image\", \"nginx:1.16\"]\n",
"baseline": 259,
"textAlign": "left",
"verticalAlign": "top"
Expand Down
6 changes: 3 additions & 3 deletions docs/docs/design/design_trivy_file_system_scanner.md
Original file line number Diff line number Diff line change
Expand Up @@ -117,10 +117,10 @@ spec:
emptyDir: { }
initContainers:
# The trivy-get-binary init container is used to copy out the trivy executable
# binary from the upstream Trivy container image, i.e. aquasec/trivy:0.20.0,
# binary from the upstream Trivy container image, i.e. aquasec/trivy:0.20.1,
# to a shared emptyDir volume.
- name: trivy-get-binary
image: aquasec/trivy:0.20.0
image: aquasec/trivy:0.20.1
command:
- cp
- -v
Expand All @@ -135,7 +135,7 @@ spec:
# This won't be required once Trivy supports ClientServer mode
# for the fs subcommand.
- name: trivy-download-db
image: aquasec/trivy:0.20.0
image: aquasec/trivy:0.20.1
command:
- /var/trivy-operator/trivy
- --download-db-only
Expand Down
Loading

0 comments on commit e47d3f7

Please sign in to comment.