chore: Bump up kube-bench from v0.5.0 to v0.6.3 (#630)

Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
aquasecurity · Jun 26, 2021 · 0d612c1 · 0d612c1
1 parent 5623487
commit 0d612c1
Show file tree

Hide file tree

Showing 6 changed files with 7 additions and 7 deletions.
diff --git a/deploy/helm/values.yaml b/deploy/helm/values.yaml
@@ -94,7 +94,7 @@ trivy:
   severity: UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL
 
 kubeBench:
-  imageRef: docker.io/aquasec/kube-bench:0.5.0
+  imageRef: docker.io/aquasec/kube-bench:0.6.3
 
 polaris:
   imageRef: quay.io/fairwinds/polaris:3.2

diff --git a/deploy/static/05-starboard-operator.config.yaml b/deploy/static/05-starboard-operator.config.yaml
@@ -7,7 +7,7 @@ metadata:
 data:
   vulnerabilityReports.scanner: Trivy
   configAuditReports.scanner: Polaris
-  kube-bench.imageRef: docker.io/aquasec/kube-bench:0.5.0
+  kube-bench.imageRef: docker.io/aquasec/kube-bench:0.6.3
 ---
 apiVersion: v1
 kind: ConfigMap

diff --git a/docs/settings.md b/docs/settings.md
@@ -75,7 +75,7 @@ The following tables list available configuration settings with their default va
 | `trivy.insecureRegistry.<id>`   | N/A                                                    | The registry to which insecure connections are allowed. There can be multiple registries with different registry `<id>`. |
 | `aqua.imageRef`                 | `docker.io/aquasec/scanner:5.3`                        | Aqua scanner image reference. The tag determines the version of the `scanner` binary executable and it must be compatible with version of Aqua console. |
 | `aqua.serverURL`                | N/A                                                    | The endpoint URL of Aqua management console |
-| `kube-bench.imageRef`           | `docker.io/aquasec/kube-bench:0.5.0`                   | kube-bench image reference |
+| `kube-bench.imageRef`           | `docker.io/aquasec/kube-bench:0.6.3`                   | kube-bench image reference |
 | `kube-hunter.imageRef`          | `docker.io/aquasec/kube-hunter:0.4.1`                  | kube-hunter image reference |
 | `kube-hunter.quick`             | `"false"`                                              | Whether to use kube-hunter's "quick" scanning mode (subnet 24). Set to `"true"` to enable. |
 | `polaris.imageRef`              | `quay.io/fairwinds/polaris:3.2`                        | Polaris image reference |

diff --git a/itest/starboard/starboard_cli_test.go b/itest/starboard/starboard_cli_test.go
@@ -1044,7 +1044,7 @@ var _ = Describe("Starboard CLI", func() {
 						"Scanner": Equal(v1alpha1.Scanner{
 							Name:    "kube-bench",
 							Vendor:  "Aqua Security",
-							Version: "0.5.0",
+							Version: "0.6.3",
 						}),
 					}),
 				}))

diff --git a/pkg/kubebench/scanner_test.go b/pkg/kubebench/scanner_test.go
@@ -26,7 +26,7 @@ var (
 
 func TestKubeBenchPlugin_GetScanJobSpec(t *testing.T) {
 	config := starboard.ConfigData{
-		"kube-bench.imageRef": "docker.io/aquasec/kube-bench:0.5.0",
+		"kube-bench.imageRef": "docker.io/aquasec/kube-bench:0.6.3",
 	}
 	node := corev1.Node{
 		ObjectMeta: metav1.ObjectMeta{
@@ -96,7 +96,7 @@ func TestKubeBenchPlugin_GetScanJobSpec(t *testing.T) {
 		Containers: []corev1.Container{
 			{
 				Name:                     "kube-bench",
-				Image:                    "docker.io/aquasec/kube-bench:0.5.0",
+				Image:                    "docker.io/aquasec/kube-bench:0.6.3",
 				ImagePullPolicy:          corev1.PullIfNotPresent,
 				TerminationMessagePolicy: corev1.TerminationMessageFallbackToLogsOnError,
 				Command:                  []string{"sh"},

diff --git a/pkg/starboard/config.go b/pkg/starboard/config.go
@@ -72,7 +72,7 @@ func GetDefaultConfig() ConfigData {
 		keyVulnerabilityReportsScanner: string(Trivy),
 		keyConfigAuditReportsScanner:   string(Polaris),
 
-		"kube-bench.imageRef":  "docker.io/aquasec/kube-bench:0.5.0",
+		"kube-bench.imageRef":  "docker.io/aquasec/kube-bench:0.6.3",
 		"kube-hunter.imageRef": "docker.io/aquasec/kube-hunter:0.4.1",
 		"kube-hunter.quick":    "false",
 	}