diff --git a/deploy/helm/values.yaml b/deploy/helm/values.yaml index aa30338cf..f70868d85 100644 --- a/deploy/helm/values.yaml +++ b/deploy/helm/values.yaml @@ -92,7 +92,7 @@ trivy: createConfig: true # imageRef the Trivy image reference. - imageRef: docker.io/aquasec/trivy:0.22.0 + imageRef: docker.io/aquasec/trivy:0.23.0 # mode is the Trivy client mode. Either Standalone or ClientServer. Depending # on the active mode other settings might be applicable or required. diff --git a/deploy/static/03-starboard-operator.config.yaml b/deploy/static/03-starboard-operator.config.yaml index 7f94a0964..f1ac19a8c 100644 --- a/deploy/static/03-starboard-operator.config.yaml +++ b/deploy/static/03-starboard-operator.config.yaml @@ -47,7 +47,7 @@ metadata: app.kubernetes.io/version: "0.14.1" app.kubernetes.io/managed-by: kubectl data: - trivy.imageRef: "docker.io/aquasec/trivy:0.22.0" + trivy.imageRef: "docker.io/aquasec/trivy:0.23.0" trivy.mode: "Standalone" trivy.severity: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL" trivy.resources.requests.cpu: 100m diff --git a/docs/integrations/vulnerability-scanners/trivy.md b/docs/integrations/vulnerability-scanners/trivy.md index cf4d651b5..14cd3e7de 100644 --- a/docs/integrations/vulnerability-scanners/trivy.md +++ b/docs/integrations/vulnerability-scanners/trivy.md @@ -82,7 +82,7 @@ EOF | CONFIGMAP KEY | DEFAULT | DESCRIPTION | |------------------------------------|------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `trivy.imageRef` | `docker.io/aquasec/trivy:0.22.0` | Trivy image reference | +| `trivy.imageRef` | `docker.io/aquasec/trivy:0.23.0` | Trivy image reference | | `trivy.mode` | `Standalone` | Trivy client mode. Either `Standalone` or `ClientServer`. Depending on the active mode other settings might be applicable or required. | | `trivy.severity` | `UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL` | A comma separated list of severity levels reported by Trivy | | `trivy.ignoreUnfixed` | N/A | Whether to show only fixed vulnerabilities in vulnerabilities reported by Trivy. Set to `"true"` to enable it. | diff --git a/itest/matcher/matcher.go b/itest/matcher/matcher.go index 8ef8c4e14..0e0f04be3 100644 --- a/itest/matcher/matcher.go +++ b/itest/matcher/matcher.go @@ -22,7 +22,7 @@ var ( trivyScanner = v1alpha1.Scanner{ Name: "Trivy", Vendor: "Aqua Security", - Version: "0.22.0", + Version: "0.23.0", } polarisScanner = v1alpha1.Scanner{ Name: "Polaris", diff --git a/itest/matcher/matcher_test.go b/itest/matcher/matcher_test.go index 1fb48ad2b..cfa33ce35 100644 --- a/itest/matcher/matcher_test.go +++ b/itest/matcher/matcher_test.go @@ -58,7 +58,7 @@ func TestVulnerabilityReportMatcher(t *testing.T) { Scanner: v1alpha1.Scanner{ Name: "Trivy", Vendor: "Aqua Security", - Version: "0.22.0", + Version: "0.23.0", }, Vulnerabilities: []v1alpha1.Vulnerability{}, }, diff --git a/pkg/plugin/trivy/plugin.go b/pkg/plugin/trivy/plugin.go index c657ffd72..577b022c1 100644 --- a/pkg/plugin/trivy/plugin.go +++ b/pkg/plugin/trivy/plugin.go @@ -229,7 +229,7 @@ func NewPlugin(clock ext.Clock, idGenerator ext.IDGenerator, client client.Clien func (p *plugin) Init(ctx starboard.PluginContext) error { return ctx.EnsureConfig(starboard.PluginConfig{ Data: map[string]string{ - keyTrivyImageRef: "docker.io/aquasec/trivy:0.22.0", + keyTrivyImageRef: "docker.io/aquasec/trivy:0.23.0", keyTrivySeverity: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL", keyTrivyMode: string(Standalone), diff --git a/pkg/plugin/trivy/plugin_test.go b/pkg/plugin/trivy/plugin_test.go index 93b17c516..88c2d7ac3 100644 --- a/pkg/plugin/trivy/plugin_test.go +++ b/pkg/plugin/trivy/plugin_test.go @@ -470,7 +470,7 @@ func TestPlugin_Init(t *testing.T) { ResourceVersion: "1", }, Data: map[string]string{ - "trivy.imageRef": "docker.io/aquasec/trivy:0.22.0", + "trivy.imageRef": "docker.io/aquasec/trivy:0.23.0", "trivy.severity": "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL", "trivy.mode": "Standalone", @@ -495,7 +495,7 @@ func TestPlugin_Init(t *testing.T) { ResourceVersion: "1", }, Data: map[string]string{ - "trivy.imageRef": "docker.io/aquasec/trivy:0.22.0", + "trivy.imageRef": "docker.io/aquasec/trivy:0.23.0", "trivy.severity": "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL", "trivy.mode": "Standalone", }, @@ -529,7 +529,7 @@ func TestPlugin_Init(t *testing.T) { ResourceVersion: "1", }, Data: map[string]string{ - "trivy.imageRef": "docker.io/aquasec/trivy:0.22.0", + "trivy.imageRef": "docker.io/aquasec/trivy:0.23.0", "trivy.severity": "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL", "trivy.mode": "Standalone", }, @@ -2693,7 +2693,7 @@ CVE-2019-1543`, { name: "Trivy fs scan command in Standalone mode", config: map[string]string{ - "trivy.imageRef": "docker.io/aquasec/trivy:0.22.0", + "trivy.imageRef": "docker.io/aquasec/trivy:0.23.0", "trivy.mode": string(trivy.Standalone), "trivy.command": string(trivy.FileSystemScan), "trivy.resources.requests.cpu": "100m", @@ -2737,7 +2737,7 @@ CVE-2019-1543`, InitContainers: []corev1.Container{ { Name: "00000000-0000-0000-0000-000000000001", - Image: "docker.io/aquasec/trivy:0.22.0", + Image: "docker.io/aquasec/trivy:0.23.0", ImagePullPolicy: corev1.PullIfNotPresent, TerminationMessagePolicy: corev1.TerminationMessageFallbackToLogsOnError, Command: []string{ @@ -2766,7 +2766,7 @@ CVE-2019-1543`, }, { Name: "00000000-0000-0000-0000-000000000002", - Image: "docker.io/aquasec/trivy:0.22.0", + Image: "docker.io/aquasec/trivy:0.23.0", ImagePullPolicy: corev1.PullIfNotPresent, TerminationMessagePolicy: corev1.TerminationMessageFallbackToLogsOnError, Env: []corev1.EnvVar{