release: prepare v0.19.4 (#1981)

Signed-off-by: chenk <[email protected]>
aquasecurity · Apr 4, 2024 · 7782f3a · 7782f3a
1 parent a14724d
commit 7782f3a
Show file tree

Hide file tree

Showing 25 changed files with 58 additions and 58 deletions.
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -351,7 +351,7 @@ kubectl apply -f https://github.com/operator-framework/operator-lifecycle-manage
 or
 
 ```
-curl -L https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.21.3/install.sh -o install.sh
+curl -L https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.21.4/install.sh -o install.sh
 chmod +x install.sh
 ./install.sh v0.20.0
 ```

diff --git a/README.md b/README.md
@@ -67,7 +67,7 @@ Install the Helm Chart:
    helm install trivy-operator aqua/trivy-operator \
      --namespace trivy-system \
      --create-namespace \
-     --version 0.21.3
+     --version 0.21.4
 ```
 
 #### Option 2: Install from OCI registry (supported in Helm v3.8.0+)
@@ -78,7 +78,7 @@ Install the Helm Chart:
    helm install trivy-operator oci://ghcr.io/aquasecurity/helm-charts/trivy-operator \
      --namespace trivy-system \
      --create-namespace \
-     --version 0.21.3
+     --version 0.21.4
 ```
 
 This will install the Trivy Helm Chart into the `trivy-system` namespace and start triggering the scans.

diff --git a/RELEASING.md b/RELEASING.md
@@ -46,17 +46,17 @@
 5. Create an annotated git tag and push it to the `upstream`. This will trigger the [`.github/workflows/release.yaml`] workflow
 
    ```sh
-   git tag -v0.19.3 -m 'Release v0.19.3'
-   git push upstream v0.19.3
+   git tag -v0.19.4 -m 'Release v0.19.4'
+   git push upstream v0.19.4
    ```
 
 6. Verify that the `release` workflow has built and published the following artifacts
    1. Trivy-operator container images published to DockerHub
-       `docker.io/aquasec/trivy-operator:0.19.3`
+       `docker.io/aquasec/trivy-operator:0.19.4`
    2. Trivy-operator container images published to Amazon ECR Public Gallery
-       `public.ecr.aws/aquasecurity/trivy-operator:0.19.3`
+       `public.ecr.aws/aquasecurity/trivy-operator:0.19.4`
    3. Trivy-operator container images published to GitHub Container Registry
-       `ghcr.io/aquasecurity/trivy-operator:0.19.3`
+       `ghcr.io/aquasecurity/trivy-operator:0.19.4`
 
 7. Submit trivy-operator Operator to OperatorHub and ArtifactHUB by opening the PR to the <https://github.com/k8s-operatorhub/community-operators> repository.
 

diff --git a/deploy/helm/Chart.yaml b/deploy/helm/Chart.yaml
@@ -6,12 +6,12 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.21.3
+version: 0.21.4
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
-appVersion: 0.19.3
+appVersion: 0.19.4
 
 # kubeVersion: A SemVer range of compatible Kubernetes versions (optional)
 

diff --git a/deploy/helm/README.md b/deploy/helm/README.md
@@ -1,6 +1,6 @@
 # trivy-operator
 
-![Version: 0.21.3](https://img.shields.io/badge/Version-0.21.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.19.3](https://img.shields.io/badge/AppVersion-0.19.3-informational?style=flat-square)
+![Version: 0.21.4](https://img.shields.io/badge/Version-0.21.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.19.4](https://img.shields.io/badge/AppVersion-0.19.4-informational?style=flat-square)
 
 Keeps security report resources updated
 

diff --git a/deploy/helm/templates/specs/cis-1.23.yaml b/deploy/helm/templates/specs/cis-1.23.yaml
@@ -5,7 +5,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: 0.19.3
+    app.kubernetes.io/version: 0.19.4
     app.kubernetes.io/managed-by: kubectl
 spec:
   cron: {{ .Values.compliance.cron | quote}}

diff --git a/deploy/helm/templates/specs/nsa-1.0.yaml b/deploy/helm/templates/specs/nsa-1.0.yaml
@@ -5,7 +5,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.19.3"
+    app.kubernetes.io/version: "0.19.4"
     app.kubernetes.io/managed-by: kubectl
 spec:
   cron: {{ .Values.compliance.cron | quote }}

diff --git a/deploy/helm/templates/specs/pss-baseline.yaml b/deploy/helm/templates/specs/pss-baseline.yaml
@@ -5,7 +5,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: 0.19.3
+    app.kubernetes.io/version: 0.19.4
     app.kubernetes.io/managed-by: kubectl
 spec:
   cron: {{ .Values.compliance.cron | quote }}

diff --git a/deploy/helm/templates/specs/pss-restricted.yaml b/deploy/helm/templates/specs/pss-restricted.yaml
@@ -5,7 +5,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: 0.19.3
+    app.kubernetes.io/version: 0.19.4
     app.kubernetes.io/managed-by: kubectl
 spec:
   cron: {{ .Values.compliance.cron | quote }}

diff --git a/deploy/static/namespace.yaml b/deploy/static/namespace.yaml
@@ -6,5 +6,5 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.19.3"
+    app.kubernetes.io/version: "0.19.4"
     app.kubernetes.io/managed-by: kubectl
diff --git a/deploy/static/trivy-operator.yaml b/deploy/static/trivy-operator.yaml
@@ -2864,7 +2864,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.19.3"
+    app.kubernetes.io/version: "0.19.4"
     app.kubernetes.io/managed-by: kubectl
 ---
 # Source: trivy-operator/templates/configmaps/operator.yaml
@@ -2876,7 +2876,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.19.3"
+    app.kubernetes.io/version: "0.19.4"
     app.kubernetes.io/managed-by: kubectl
 data:
   nodeCollector.volumes: "[{\"hostPath\":{\"path\":\"/var/lib/etcd\"},\"name\":\"var-lib-etcd\"},{\"hostPath\":{\"path\":\"/var/lib/kubelet\"},\"name\":\"var-lib-kubelet\"},{\"hostPath\":{\"path\":\"/var/lib/kube-scheduler\"},\"name\":\"var-lib-kube-scheduler\"},{\"hostPath\":{\"path\":\"/var/lib/kube-controller-manager\"},\"name\":\"var-lib-kube-controller-manager\"},{\"hostPath\":{\"path\":\"/etc/systemd\"},\"name\":\"etc-systemd\"},{\"hostPath\":{\"path\":\"/lib/systemd\"},\"name\":\"lib-systemd\"},{\"hostPath\":{\"path\":\"/etc/kubernetes\"},\"name\":\"etc-kubernetes\"},{\"hostPath\":{\"path\":\"/etc/cni/net.d/\"},\"name\":\"etc-cni-netd\"}]"
@@ -2900,7 +2900,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.19.3"
+    app.kubernetes.io/version: "0.19.4"
     app.kubernetes.io/managed-by: kubectl
 data:
 ---
@@ -2913,7 +2913,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.19.3"
+    app.kubernetes.io/version: "0.19.4"
     app.kubernetes.io/managed-by: kubectl
 data:
   OPERATOR_LOG_DEV_MODE: "false"
@@ -2965,7 +2965,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.19.3"
+    app.kubernetes.io/version: "0.19.4"
     app.kubernetes.io/managed-by: kubectl
 data:
   trivy.repository: "ghcr.io/aquasecurity/trivy"
@@ -3001,7 +3001,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.19.3"
+    app.kubernetes.io/version: "0.19.4"
     app.kubernetes.io/managed-by: kubectl
 data:
 ---
@@ -3014,7 +3014,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.19.3"
+    app.kubernetes.io/version: "0.19.4"
     app.kubernetes.io/managed-by: kubectl
 data:
 ---
@@ -3027,7 +3027,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.19.3"
+    app.kubernetes.io/version: "0.19.4"
     app.kubernetes.io/managed-by: kubectl
 spec:
   replicas: 1
@@ -3047,7 +3047,7 @@ spec:
       automountServiceAccountToken: true
       containers:
         - name: "trivy-operator"
-          image: "ghcr.io/aquasecurity/trivy-operator:0.19.3"
+          image: "ghcr.io/aquasecurity/trivy-operator:0.19.4"
           imagePullPolicy: IfNotPresent
           env:
             - name: OPERATOR_NAMESPACE
@@ -3108,7 +3108,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.19.3"
+    app.kubernetes.io/version: "0.19.4"
     app.kubernetes.io/managed-by: kubectl
 spec:
   clusterIP: None
@@ -3500,7 +3500,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.19.3"
+    app.kubernetes.io/version: "0.19.4"
     app.kubernetes.io/managed-by: kubectl
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -3521,7 +3521,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.19.3"
+    app.kubernetes.io/version: "0.19.4"
     app.kubernetes.io/managed-by: kubectl
 rules:
   - apiGroups:
@@ -3548,7 +3548,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.19.3"
+    app.kubernetes.io/version: "0.19.4"
     app.kubernetes.io/managed-by: kubectl
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -3568,7 +3568,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.19.3"
+    app.kubernetes.io/version: "0.19.4"
     app.kubernetes.io/managed-by: kubectl
 rules:
   - apiGroups:
@@ -3598,7 +3598,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.19.3"
+    app.kubernetes.io/version: "0.19.4"
     app.kubernetes.io/managed-by: kubectl
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -3618,7 +3618,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.19.3"
+    app.kubernetes.io/version: "0.19.4"
     app.kubernetes.io/managed-by: kubectl
     rbac.authorization.k8s.io/aggregate-to-view: "true"
     rbac.authorization.k8s.io/aggregate-to-edit: "true"
@@ -3643,7 +3643,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.19.3"
+    app.kubernetes.io/version: "0.19.4"
     app.kubernetes.io/managed-by: kubectl
     rbac.authorization.k8s.io/aggregate-to-view: "true"
     rbac.authorization.k8s.io/aggregate-to-edit: "true"
@@ -3668,7 +3668,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.19.3"
+    app.kubernetes.io/version: "0.19.4"
     app.kubernetes.io/managed-by: kubectl
     rbac.authorization.k8s.io/aggregate-to-view: "true"
     rbac.authorization.k8s.io/aggregate-to-edit: "true"
@@ -3693,5 +3693,5 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.19.3"
+    app.kubernetes.io/version: "0.19.4"
     app.kubernetes.io/managed-by: kubectl
diff --git a/docs/docs/crds/clustercompliance-report.md b/docs/docs/crds/clustercompliance-report.md
@@ -1346,7 +1346,7 @@ status:
             "app.kubernetes.io/instance": "trivy-operator",
             "app.kubernetes.io/managed-by": "kubectl",
             "app.kubernetes.io/name": "trivy-operator",
-            "app.kubernetes.io/version": "0.19.3"
+            "app.kubernetes.io/version": "0.19.4"
         },
         "name": "cis",
         "resourceVersion": "8985",

diff --git a/docs/docs/crds/configaudit-report.md b/docs/docs/crds/configaudit-report.md
@@ -34,7 +34,7 @@ report:
   scanner:
     name: Trivy 
     vendor: Aqua Security
-    version: '0.19.3'
+    version: '0.19.4'
   summary:
     criticalCount: 2
     highCount: 0

diff --git a/docs/docs/crds/exposedsecret-report.md b/docs/docs/crds/exposedsecret-report.md
@@ -33,7 +33,7 @@ metadata:
 report:
   artifact:
     repository: myimagewithsecret
-    tag: v0.19.3
+    tag: v0.19.4
   registry:
     server: index.docker.io
   scanner:

diff --git a/docs/docs/crds/rbacassessment-report.md b/docs/docs/crds/rbacassessment-report.md
@@ -176,7 +176,7 @@ report:
   scanner:
     name: Trivy
     vendor: Aqua Security
-    version: '0.19.3'
+    version: '0.19.4'
   summary:
     criticalCount: 1
     highCount: 0

diff --git a/docs/docs/design/caching_scan_results_by_repo_digest.md b/docs/docs/design/caching_scan_results_by_repo_digest.md
@@ -129,5 +129,5 @@ We can't use something like ownerReference since it would delete all vulnerabili
   a gate.
 * Both Trivy-Operator CLI and Trivy-Operator Operator can read and leverage ClusterVulnerabilityReports.
 
-[Standalone]: https://aquasecurity.github.io/trivy-operator/v0.19.3/integrations/vulnerability-scanners/trivy/#standalone
-[ClientServer]: https://aquasecurity.github.io/trivy-operator/v0.19.3/integrations/vulnerability-scanners/trivy/#clientserver
+[Standalone]: https://aquasecurity.github.io/trivy-operator/v0.19.4/integrations/vulnerability-scanners/trivy/#standalone
+[ClientServer]: https://aquasecurity.github.io/trivy-operator/v0.19.4/integrations/vulnerability-scanners/trivy/#clientserver
diff --git a/docs/docs/design/design_compliance_report.md b/docs/docs/design/design_compliance_report.md
@@ -542,7 +542,7 @@ metadata:
   name: clustercompliancereports.aquasecurity.github.io
   labels:
     app.kubernetes.io/managed-by: trivy-operator
-    app.kubernetes.io/version: "0.19.3"
+    app.kubernetes.io/version: "0.19.4"
 spec:
   group: aquasecurity.github.io
   scope: Cluster
@@ -678,7 +678,7 @@ metadata:
   name: clustercompliancedetailreports.aquasecurity.github.io
   labels:
     app.kubernetes.io/managed-by: trivy-operator
-    app.kubernetes.io/version: "0.19.3"
+    app.kubernetes.io/version: "0.19.4"
 spec:
   group: aquasecurity.github.io
   versions:

diff --git a/docs/docs/design/design_starboard_at_scale.excalidraw b/docs/docs/design/design_starboard_at_scale.excalidraw
@@ -11835,7 +11835,7 @@
       "versionNonce": 596868769,
       "isDeleted": false,
       "boundElementIds": null,
-      "text": "apiVersion: batch/v1\nkind: Job\nmetadata:\n  name: scan-vulnerabilityreport-<workload hash>\n  namespace: trivy-system\nspec:\n  template:\n    spec:\n      containers:\n      - name: nginx\n        image: aquasec/trivy:0.19.3\n        command: [\"trivy\",  \"image\", \"nginx:1.16\"]\n      restartPolicy: Never\n  backoffLimit: 1",
+      "text": "apiVersion: batch/v1\nkind: Job\nmetadata:\n  name: scan-vulnerabilityreport-<workload hash>\n  namespace: trivy-system\nspec:\n  template:\n    spec:\n      containers:\n      - name: nginx\n        image: aquasec/trivy:0.19.4\n        command: [\"trivy\",  \"image\", \"nginx:1.16\"]\n      restartPolicy: Never\n  backoffLimit: 1",
       "fontSize": 20,
       "fontFamily": 3,
       "textAlign": "left",
@@ -11895,7 +11895,7 @@
       "boundElementIds": [],
       "fontSize": 20,
       "fontFamily": 3,
-      "text": "apiVersion: v1\nkind: Pod\nmetadata:\n  name: scan-vulnerabilityreport-<workload hash>-<pod-hash>\n  namespace: trivy-system\nspec:\n  containers:\n    - name: nginx\n      image: aquasec/trivy:0.19.3\n      command: [\"trivy\",  \"image\", \"nginx:1.16\"]\n",
+      "text": "apiVersion: v1\nkind: Pod\nmetadata:\n  name: scan-vulnerabilityreport-<workload hash>-<pod-hash>\n  namespace: trivy-system\nspec:\n  containers:\n    - name: nginx\n      image: aquasec/trivy:0.19.4\n      command: [\"trivy\",  \"image\", \"nginx:1.16\"]\n",
       "baseline": 259,
       "textAlign": "left",
       "verticalAlign": "top"

diff --git a/docs/docs/design/design_trivy_file_system_scanner.md b/docs/docs/design/design_trivy_file_system_scanner.md
@@ -117,10 +117,10 @@ spec:
           emptyDir: { }
       initContainers:
         # The trivy-get-binary init container is used to copy out the trivy executable
-        # binary from the upstream Trivy container image, i.e. aquasec/trivy:0.19.3,
+        # binary from the upstream Trivy container image, i.e. aquasec/trivy:0.19.4,
         # to a shared emptyDir volume.
         - name: trivy-get-binary
-          image: aquasec/trivy:0.19.3
+          image: aquasec/trivy:0.19.4
           command:
             - cp
             - -v
@@ -135,7 +135,7 @@ spec:
         # This won't be required once Trivy supports ClientServer mode
         # for the fs subcommand.
         - name: trivy-download-db
-          image: aquasec/trivy:0.19.3
+          image: aquasec/trivy:0.19.4
           command:
             - /var/trivy-operator/trivy
             - --download-db-only