Releases: aquasecurity/trivy-operator
Releases · aquasecurity/trivy-operator
v0.22.0
Ref to Release Notes #2169
Changelog
✨ Notable Changes ✨
- 1d4ec56: feat: dynamic compliance reports (#2160) (@chen-keinan)
🐛 Notable Fixes 🐛
- ec93a42: fix: Prevent grouped vulnerability entries by including target and package path (#2140) (@kersten)
- 5d266cf: fix: helm param gcr service account auth (#2108) (@chen-keinan)
- 181ebae: fix: update olm defaults (#2138) (@chen-keinan)
📝 Documentation 📝
- 3448c9e: docs: add section on importing the Grafana dashboard using the Grafana Helm Chart (#2155) (@maritiren)
🔧 Miscellaneous 🔧
- 74a7d44: chore: bump github.com/hashicorp/go-getter-v1.7.5 (#2162) (@chen-keinan)
- d7f3484: chore: make operator policies-config optional (#2152) (@chen-keinan)
👷 Other work 👷
- 1c035b0: build(deps): bump github.com/aquasecurity/trivy from 0.52.0 to 0.52.2 (#2149) (@dependabot[bot])
- d135915: build(deps): bump github.com/aws/aws-sdk-go from 1.53.14 to 1.53.19 (#2133) (@dependabot[bot])
- 08afd7f: build(deps): bump github.com/aws/aws-sdk-go from 1.53.19 to 1.54.6 (#2157) (@dependabot[bot])
- d6632d9: build(deps): bump github.com/aws/aws-sdk-go from 1.54.6 to 1.54.11 (#2164) (@dependabot[bot])
- 19bf370: build(deps): bump github.com/google/go-containerregistry (#2145) (@dependabot[bot])
- 20acccc: build(deps): bump golang.org/x/net from 0.25.0 to 0.26.0 (#2131) (@dependabot[bot])
- 886550d: build(deps): bump golang.org/x/text from 0.15.0 to 0.16.0 (#2129) (@dependabot[bot])
- bb9a08d: build(deps): bump goreleaser/goreleaser-action from 5 to 6 (#2128) (@dependabot[bot])
- fbf4a75: build(deps): bump k8s.io/apiextensions-apiserver from 0.30.1 to 0.30.2 (#2156) (@dependabot[bot])
- 8bc9854: build(deps): bump k8s.io/cli-runtime from 0.30.1 to 0.30.2 (#2148) (@dependabot[bot])
- 2479a90: build(deps): bump k8s.io/client-go from 0.30.1 to 0.30.2 (#2146) (@dependabot[bot])
- d9924b1: build(deps): bump sigs.k8s.io/controller-runtime from 0.18.3 to 0.18.4 (#2130) (@dependabot[bot])
- af05935: fix typos (#2154) (@maritiren)
Contributors
kersten, maritiren, and 2 other contributors
Assets 20
- 501 Bytes
2024-07-04T09:00:13Z - 3.21 KB
2024-07-04T09:00:12Z - 96 Bytes
2024-07-04T09:00:14Z - 31.6 MB
2024-07-04T09:00:14Z - 3.21 KB
2024-07-04T09:00:13Z - 96 Bytes
2024-07-04T09:00:13Z - 30.9 MB
2024-07-04T09:00:13Z - 3.21 KB
2024-07-04T09:00:13Z - 96 Bytes
2024-07-04T09:00:12Z - 30 MB
2024-07-04T09:00:12Z -
2024-07-04T08:38:02Z -
2024-07-04T08:38:02Z - Loading
v0.21.3
v0.21.2
Changelog
🐛 Notable Fixes 🐛
- 20a8a5b: fix: Add scanJobAnnotations to the Job instead of just the Pod (#2111) (@darkhelmet)
- dcbb19a: fix: log failed container error (#2112) (@chen-keinan)
- f1dada8: fix: non completed containers with invalid stacktrace (#2107) (@chen-keinan)
- f222fef: fix: policies bundle insecure (#2100) (@chen-keinan)
- 4cde7c1: fix: set default value for useBuiltIntPolicies (#2114) (@chen-keinan)
🔧 Miscellaneous 🔧
- b4bab35: chore: bump trivy 0.52.0 (#2115) (@chen-keinan)
👷 Other work 👷
- f048e86: build(deps): bump docker/login-action from 3.1.0 to 3.2.0 (#2119) (@dependabot[bot])
- 0babd17: build(deps): bump github.com/aquasecurity/trivy from 0.51.2 to 0.51.4 (#2106) (@dependabot[bot])
- ce31865: build(deps): bump github.com/aws/aws-sdk-go from 1.53.0 to 1.53.10 (#2105) (@dependabot[bot])
- 7dea6fd: build(deps): bump github.com/aws/aws-sdk-go from 1.53.10 to 1.53.14 (#2118) (@dependabot[bot])
- fc164c3: build(deps): bump github.com/go-logr/logr from 1.4.1 to 1.4.2 (#2102) (@dependabot[bot])
- 7f90963: build(deps): bump github.com/onsi/ginkgo/v2 from 2.17.3 to 2.19.0 (#2103) (@dependabot[bot])
- 12ebab1: build(deps): bump sigs.k8s.io/controller-runtime from 0.18.2 to 0.18.3 (#2104) (@dependabot[bot])
Contributors
darkhelmet, chen-keinan, and dependabot
Assets 20
v0.21.1
Changelog
✨ Notable Changes ✨
- d472cd6: feat(helm): Add http/https proxy option in operator (#2087) (@bunseokbot)
👮 Security updates👮
- 39e5f7f: sec: cve-2023-42366 (#2085) (@chen-keinan)
🔧 Miscellaneous 🔧
- f284c83: chore: auto bump minor golang version (#2093) (@chen-keinan)
👷 Other work 👷
- 83ff5c0: build(deps): bump k8s.io/api from 0.30.0 to 0.30.1 (#2092) (@dependabot[bot])
- 8d22cdf: build(deps): bump k8s.io/apiextensions-apiserver from 0.30.0 to 0.30.1 (#2090) (@dependabot[bot])
- 25c69d7: build(deps): bump k8s.io/cli-runtime from 0.30.0 to 0.30.1 (#2091) (@dependabot[bot])
- 86c65a5: build(deps): bump k8s.io/client-go from 0.30.0 to 0.30.1 (#2089) (@dependabot[bot])
Contributors
bunseokbot, chen-keinan, and dependabot
Assets 20
v0.21.0
Changelog
✨ Notable Changes ✨
- 8c62a23: feat(helm): only deploy ClusterComplianceReports if enabled (#2027) (@elchenberg)
- 96a010b: feat: Add custom header options for webhook notification (#2044) (@bunseokbot)
- 289f303: feat: filter container by regex (#2080) (@chen-keinan)
🐛 Notable Fixes 🐛
- 81cd4ca: fix: cves high and critical (#2077) (@chen-keinan)
- 727b9ab: fix: node-collector cves high critical (#2075) (@chen-keinan)
- 22d6898: fix: the use of embedded checks, fallback for air-gapped env. (#2074) (@chen-keinan)
- fcfad91: fix: trivy db repository credential set (#2064) (@kimtaehong)
🔧 Miscellaneous 🔧
- 1cbf7bd: chore: bump k8s.io libs-0.30.0 & fix lint issues (#2040) (@chen-keinan)
- 40bcbe0: chore: bump trivy 0.51.2 (#2081) (@chen-keinan)
- dca19ab: chore: bump trivy-0.50.4 (#2041) (@chen-keinan)
- c19a52b: chore: bump trivy-0.51.1 (#2054) (@chen-keinan)
👷 Other work 👷
- 6f37df7: build(deps): bump aquaproj/aqua-installer from 3.0.0 to 3.0.1 (#2065) (@dependabot[bot])
- 4b1c6c3: build(deps): bump github.com/aws/aws-sdk-go from 1.51.25 to 1.51.30 (#2047) (@dependabot[bot])
- 8e350ab: build(deps): bump github.com/aws/aws-sdk-go from 1.51.30 to 1.52.2 (#2058) (@dependabot[bot])
- e425d5e: build(deps): bump github.com/aws/aws-sdk-go from 1.52.2 to 1.53.0 (#2069) (@dependabot[bot])
- cd737be: build(deps): bump github.com/onsi/ginkgo/v2 from 2.17.1 to 2.17.2 (#2050) (@dependabot[bot])
- 015e514: build(deps): bump github.com/onsi/ginkgo/v2 from 2.17.2 to 2.17.3 (#2071) (@dependabot[bot])
- 17d52b6: build(deps): bump github.com/onsi/gomega from 1.32.0 to 1.33.0 (#2031) (@dependabot[bot])
- c66f771: build(deps): bump github.com/onsi/gomega from 1.33.0 to 1.33.1 (#2070) (@dependabot[bot])
- c987127: build(deps): bump github.com/prometheus/client_golang (#2068) (@dependabot[bot])
- ad73f01: build(deps): bump golang.org/x/net from 0.24.0 to 0.25.0 (#2060) (@dependabot[bot])
- 48984f0: build(deps): bump golangci/golangci-lint-action from 4.0.0 to 5.1.0 (#2045) (@dependabot[bot])
- fd87877: build(deps): bump golangci/golangci-lint-action from 5.1.0 to 5.3.0 (#2056) (@dependabot[bot])
- 3c8dbab: build(deps): bump golangci/golangci-lint-action from 5.3.0 to 6.0.1 (#2066) (@dependabot[bot])
- 2720782: build(deps): bump helm/kind-action from 1.9.0 to 1.10.0 (#2046) (@dependabot[bot])
- 3d82ecc: build(deps): bump k8s.io/cli-runtime from 0.29.3 to 0.30.0 (#2048) (@dependabot[bot])
- 54c1d7a: build(deps): bump sigs.k8s.io/controller-runtime (#2049) (@dependabot[bot])
- d567158: build(deps): bump sigs.k8s.io/controller-runtime from 0.18.0 to 0.18.1 (#2059) (@dependabot[bot])
- 10bbeff: build(deps): bump sigs.k8s.io/controller-runtime from 0.18.1 to 0.18.2 (#2067) (@dependabot[bot])
Contributors
bunseokbot, kimtaehong, and 3 other contributors
Assets 20
v0.20.1
Changelog
✨ Notable Changes ✨
- ba16b57: feat: add helm value for adding annotations to the trivy operator deployment (#1989) (@martijnvdp)
- eaf2b20: feat: scan-job custom volumes (#2020) (@chen-keinan)
- 0f9e0f8: feat: separate toleration setting for node-collector (#2006) (@chen-keinan)
🐛 Notable Fixes 🐛
- 8b906fd: fix(helm): trivy server value typo (#2001) (@ABWassim)
- b56e499: fix: add policies download err msg and fallback to embeded (#2000) (@chen-keinan)
- d810d14: fix: better error handling for node config api data (#2004) (@chen-keinan)
- 759019d: fix: better handling for kubelet config (#2017) (@chen-keinan)
- 9e8663c: fix: log entry name on policy loader (#2013) (@chen-keinan)
- 201d00a: fix: typo fail download policy label (#2035) (@bunseokbot)
👮 Security updates👮
- a509895: sec: update go-getter to latest version (#2023) (@Starttoaster)
📝 Documentation 📝
- f8bf366: docs: add information on running Helm Chart in client server mode (#2005) (@AnaisUrlichs)
- ec64431: docs: version callout (#2012) (@AnaisUrlichs)
🔧 Miscellaneous 🔧
- 9b8c3e5: chore: bump trivy-0.50.2 (#2037) (@chen-keinan)
- 77c9675: chore: update built-in checks package repository name (#2014) (@chen-keinan)
👷 Other work 👷
- 1bf2c8f: Updates ignorePolicy comments in values.yaml (#1988) (@KateFiroozi)
- 4a06fc2: build(deps): bump azure/setup-helm from 4.1.0 to 4.2.0 (#2029) (@dependabot[bot])
- a324c2d: build(deps): bump github.com/aws/aws-sdk-go from 1.51.11 to 1.51.16 (#1990) (@dependabot[bot])
- 3c03632: build(deps): bump github.com/aws/aws-sdk-go from 1.51.16 to 1.51.21 (#2009) (@dependabot[bot])
- 6146286: build(deps): bump github.com/aws/aws-sdk-go from 1.51.21 to 1.51.25 (#2033) (@dependabot[bot])
- 098e084: build(deps): bump golang.org/x/net from 0.22.0 to 0.24.0 (#1991) (@dependabot[bot])
- 83e64f2: build(deps): bump sigs.k8s.io/controller-runtime from 0.17.2 to 0.17.3 (#2010) (@dependabot[bot])
- ef8f01b: build(deps): bump sigstore/cosign-installer from 3.4.0 to 3.5.0 (#2011) (@dependabot[bot])
Contributors
bunseokbot, chen-keinan, and 6 other contributors
Assets 20
v0.20.0
Changelog
✨ Notable Changes ✨
- ba16b57: feat: add helm value for adding annotations to the trivy operator deployment (#1989) (@martijnvdp)
- eaf2b20: feat: scan-job custom volumes (#2020) (@chen-keinan)
- 0f9e0f8: feat: separate toleration setting for node-collector (#2006) (@chen-keinan)
🐛 Notable Fixes 🐛
- 8b906fd: fix(helm): trivy server value typo (#2001) (@ABWassim)
- b56e499: fix: add policies download err msg and fallback to embeded (#2000) (@chen-keinan)
- d810d14: fix: better error handling for node config api data (#2004) (@chen-keinan)
- 759019d: fix: better handling for kubelet config (#2017) (@chen-keinan)
- 9e8663c: fix: log entry name on policy loader (#2013) (@chen-keinan)
👮 Security updates👮
- a509895: sec: update go-getter to latest version (#2023) (@Starttoaster)
📝 Documentation 📝
- f8bf366: docs: add information on running Helm Chart in client server mode (#2005) (@AnaisUrlichs)
- ec64431: docs: version callout (#2012) (@AnaisUrlichs)
🔧 Miscellaneous 🔧
- 77c9675: chore: update built-in checks package repository name (#2014) (@chen-keinan)
👷 Other work 👷
- 1bf2c8f: Updates ignorePolicy comments in values.yaml (#1988) (@KateFiroozi)
- a324c2d: build(deps): bump github.com/aws/aws-sdk-go from 1.51.11 to 1.51.16 (#1990) (@dependabot[bot])
- 3c03632: build(deps): bump github.com/aws/aws-sdk-go from 1.51.16 to 1.51.21 (#2009) (@dependabot[bot])
- 098e084: build(deps): bump golang.org/x/net from 0.22.0 to 0.24.0 (#1991) (@dependabot[bot])
- 83e64f2: build(deps): bump sigs.k8s.io/controller-runtime from 0.17.2 to 0.17.3 (#2010) (@dependabot[bot])
- ef8f01b: build(deps): bump sigstore/cosign-installer from 3.4.0 to 3.5.0 (#2011) (@dependabot[bot])
Contributors
chen-keinan, Starttoaster, and 5 other contributors
Assets 20
v0.19.4
Contributors
chen-keinan
Assets 20
v0.19.3
Changelog
🐛 Notable Fixes 🐛
- 228e0fe: fix: add annotation job pod template spec (#1975) (@chen-keinan)
- 2af353a: fix: add appropriate info msg for not supported windows images (#1966) (@chen-keinan)
- 8ca4b5f: fix: configure context timeout for sync resources (#1974) (@chen-keinan)
- f38ca4e: fix: handle non sha256 digest (#1967) (@chen-keinan)
- fa6f596: fix: lazy loading of config-audit policies (#1958) (@chen-keinan)
🔧 Miscellaneous 🔧
- 4cf0c1c: chore: clean-up un-used folders and files (#1964) (@chen-keinan)
👷 Other work 👷
- b5b694b: build(deps): bump actions/setup-python from 5.0.0 to 5.1.0 (#1968) (@dependabot[bot])
- b798f2c: build(deps): bump github.com/aws/aws-sdk-go from 1.51.8 to 1.51.11 (#1969) (@dependabot[bot])
- 9b856d5: refactor: integration tests (#1962) (@chen-keinan)
- 35b6806: refactor: tests e2e config (#1963) (@chen-keinan)
Contributors
chen-keinan and dependabot
Assets 20
v0.19.2
Changelog
✨ Notable Changes ✨
- 380f5d3: feat: Add existing secret to policies bundle (#1952) (@KevinDW-Fluxys)
- 2432d4a: feat: Helm, allow to define service type for metrics Service (#1929) (@ilpianista)
🔧 Miscellaneous 🔧
- 5dcf4ef: chore: bump trivy lib and scan-job v0.50.0 (#1949) (@chen-keinan)
👷 Other work 👷
- 67faec0: build(deps): bump aquaproj/aqua-installer from 2.3.0 to 3.0.0 (#1944) (@dependabot[bot])
- b5f6e90: build(deps): bump github.com/aws/aws-sdk-go from 1.50.35 to 1.51.8 (#1950) (@dependabot[bot])
- 1386a94: build(deps): bump github.com/onsi/ginkgo/v2 from 2.16.0 to 2.17.1 (#1940) (@dependabot[bot])
- 7e0814e: build(deps): bump github.com/onsi/gomega from 1.31.1 to 1.32.0 (#1943) (@dependabot[bot])
- f4208c5: build(deps): bump k8s.io/apiextensions-apiserver from 0.29.2 to 0.29.3 (#1941) (@dependabot[bot])
- 1dc8c4c: initialize logging earlier in the main function (#1935) (@Hacks4Snacks)
Contributors
ilpianista, chen-keinan, and 3 other contributors