From 5794ab30f81f0ab7c103c3e962ffd4aa729a55ba Mon Sep 17 00:00:00 2001
From: Yoav Rotem <yoavrotems97@gmail.com>
Date: Thu, 28 Oct 2021 16:26:14 +0300
Subject: [PATCH] chore(reps): upgrade kube-bench from v0.6.3 to 0.6.5 (#782)

Resolves: #747
---
 deploy/helm/values.yaml                         | 2 +-
 deploy/static/03-starboard-operator.config.yaml | 2 +-
 docs/settings.md                                | 2 +-
 itest/starboard/starboard_cli_test.go           | 2 +-
 pkg/kubebench/scanner_test.go                   | 4 ++--
 pkg/starboard/config.go                         | 2 +-
 6 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/deploy/helm/values.yaml b/deploy/helm/values.yaml
index 68f45d24f..9e8b5d7de 100644
--- a/deploy/helm/values.yaml
+++ b/deploy/helm/values.yaml
@@ -147,7 +147,7 @@ trivy:
   # serverCustomHeaders: "foo=bar"
 
 kubeBench:
-  imageRef: docker.io/aquasec/kube-bench:0.6.3
+  imageRef: docker.io/aquasec/kube-bench:v0.6.5
 
 polaris:
   imageRef: quay.io/fairwinds/polaris:4.2
diff --git a/deploy/static/03-starboard-operator.config.yaml b/deploy/static/03-starboard-operator.config.yaml
index 7b66ac18f..80e24171b 100644
--- a/deploy/static/03-starboard-operator.config.yaml
+++ b/deploy/static/03-starboard-operator.config.yaml
@@ -9,7 +9,7 @@ metadata:
 data:
   vulnerabilityReports.scanner: Trivy
   configAuditReports.scanner: Polaris
-  kube-bench.imageRef: docker.io/aquasec/kube-bench:0.6.3
+  kube-bench.imageRef: docker.io/aquasec/kube-bench:v0.6.5
 ---
 apiVersion: v1
 kind: Secret
diff --git a/docs/settings.md b/docs/settings.md
index ca7b3d3f9..d4743d31f 100644
--- a/docs/settings.md
+++ b/docs/settings.md
@@ -55,7 +55,7 @@ configuration settings for common use cases. For example, switch Trivy from
 | `configAuditReports.scanner`   | `Polaris`                             | The name of the plugin that generates config audit reports. Either `Polaris` or `Conftest`. |
 | `scanJob.tolerations`          | N/A                                   | JSON representation of the [tolerations] to be applied to the scanner pods so that they can run on nodes with matching taints. Example: `'[{"key":"key1", "operator":"Equal", "value":"value1", "effect":"NoSchedule"}]'` |
 | `scanJob.annotations`          | N/A                                   | One-line comma-separated representation of the annotations which the user wants the scanner pods to be annotated with. Example: `foo=bar,env=stage` will annotate the scanner pods with the annotations `foo: bar` and `env: stage` |
-| `kube-bench.imageRef`          | `docker.io/aquasec/kube-bench:0.6.3`  | kube-bench image reference |
+| `kube-bench.imageRef`          | `docker.io/aquasec/kube-bench:v0.6.5`  | kube-bench image reference |
 | `kube-hunter.imageRef`         | `docker.io/aquasec/kube-hunter:0.6.3` | kube-hunter image reference |
 | `kube-hunter.quick`            | `"false"`                             | Whether to use kube-hunter's "quick" scanning mode (subnet 24). Set to `"true"` to enable. |
 
diff --git a/itest/starboard/starboard_cli_test.go b/itest/starboard/starboard_cli_test.go
index cf7bcb7ec..3668a0377 100644
--- a/itest/starboard/starboard_cli_test.go
+++ b/itest/starboard/starboard_cli_test.go
@@ -1149,7 +1149,7 @@ var _ = Describe("Starboard CLI", func() {
 						"Scanner": Equal(v1alpha1.Scanner{
 							Name:    "kube-bench",
 							Vendor:  "Aqua Security",
-							Version: "0.6.3",
+							Version: "v0.6.5",
 						}),
 					}),
 				}))
diff --git a/pkg/kubebench/scanner_test.go b/pkg/kubebench/scanner_test.go
index df6e984fc..3796037a5 100644
--- a/pkg/kubebench/scanner_test.go
+++ b/pkg/kubebench/scanner_test.go
@@ -26,7 +26,7 @@ var (
 
 func TestKubeBenchPlugin_GetScanJobSpec(t *testing.T) {
 	config := starboard.ConfigData{
-		"kube-bench.imageRef": "docker.io/aquasec/kube-bench:0.6.3",
+		"kube-bench.imageRef": "docker.io/aquasec/kube-bench:v0.6.5",
 	}
 	node := corev1.Node{
 		ObjectMeta: metav1.ObjectMeta{
@@ -96,7 +96,7 @@ func TestKubeBenchPlugin_GetScanJobSpec(t *testing.T) {
 		Containers: []corev1.Container{
 			{
 				Name:                     "kube-bench",
-				Image:                    "docker.io/aquasec/kube-bench:0.6.3",
+				Image:                    "docker.io/aquasec/kube-bench:v0.6.5",
 				ImagePullPolicy:          corev1.PullIfNotPresent,
 				TerminationMessagePolicy: corev1.TerminationMessageFallbackToLogsOnError,
 				Command:                  []string{"sh"},
diff --git a/pkg/starboard/config.go b/pkg/starboard/config.go
index f77b10517..2893a3e03 100644
--- a/pkg/starboard/config.go
+++ b/pkg/starboard/config.go
@@ -76,7 +76,7 @@ func GetDefaultConfig() ConfigData {
 		keyVulnerabilityReportsScanner: string(Trivy),
 		keyConfigAuditReportsScanner:   string(Polaris),
 
-		"kube-bench.imageRef":  "docker.io/aquasec/kube-bench:0.6.3",
+		"kube-bench.imageRef":  "docker.io/aquasec/kube-bench:v0.6.5",
 		"kube-hunter.imageRef": "docker.io/aquasec/kube-hunter:0.6.3",
 		"kube-hunter.quick":    "false",
 	}