release: prepare v0.22.0 (#2166)

* release: prepare v0.22.0 Signed-off-by: chenk <[email protected]> * release: prepare v0.22.0 Signed-off-by: chenk <[email protected]> --------- Signed-off-by: chenk <[email protected]>
aquasecurity · Jul 4, 2024 · 0dead55 · 0dead55
1 parent 1d4ec56
commit 0dead55
Show file tree

Hide file tree

Showing 26 changed files with 60 additions and 60 deletions.
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -344,16 +344,16 @@ chart, then run `mage generate:docs` to ensure the helm docs are up-to-date.
 To install [Operator Lifecycle Manager] (OLM) run:
 
 ```
-kubectl apply -f https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.21.3/crds.yaml
-kubectl apply -f https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.21.3/olm.yaml
+kubectl apply -f https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.22.0/crds.yaml
+kubectl apply -f https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.22.0/olm.yaml
 ```
 
 or
 
 ```
 curl -L https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.21.4/install.sh -o install.sh
 chmod +x install.sh
-./install.sh v0.21.3
+./install.sh v0.22.0
 ```
 
 ### Build the Catalog Image

diff --git a/RELEASING.md b/RELEASING.md
@@ -46,17 +46,17 @@
 5. Create an annotated git tag and push it to the `upstream`. This will trigger the [`.github/workflows/release.yaml`] workflow
 
    ```sh
-   git tag -v0.21.3 -m 'Release v0.21.3'
-   git push upstream v0.21.3
+   git tag -v0.22.0 -m 'Release v0.22.0'
+   git push upstream v0.22.0
    ```
 
 6. Verify that the `release` workflow has built and published the following artifacts
    1. Trivy-operator container images published to DockerHub
-       `docker.io/aquasec/trivy-operator:0.21.3`
+       `docker.io/aquasec/trivy-operator:0.22.0`
    2. Trivy-operator container images published to Amazon ECR Public Gallery
-       `public.ecr.aws/aquasecurity/trivy-operator:0.21.3`
+       `public.ecr.aws/aquasecurity/trivy-operator:0.22.0`
    3. Trivy-operator container images published to GitHub Container Registry
-       `ghcr.io/aquasecurity/trivy-operator:0.21.3`
+       `ghcr.io/aquasecurity/trivy-operator:0.22.0`
 
 7. Submit trivy-operator Operator to OperatorHub and ArtifactHUB by opening the PR to the <https://github.com/k8s-operatorhub/community-operators> repository.
 

diff --git a/deploy/helm/Chart.yaml b/deploy/helm/Chart.yaml
@@ -6,12 +6,12 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.23.3
+version: 0.24.0
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
-appVersion: 0.21.3
+appVersion: 0.22.0
 
 # kubeVersion: A SemVer range of compatible Kubernetes versions (optional)
 

diff --git a/deploy/helm/README.md b/deploy/helm/README.md
@@ -1,6 +1,6 @@
 # trivy-operator
 
-![Version: 0.23.3](https://img.shields.io/badge/Version-0.23.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.21.3](https://img.shields.io/badge/AppVersion-0.21.3-informational?style=flat-square)
+![Version: 0.24.0](https://img.shields.io/badge/Version-0.24.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.22.0](https://img.shields.io/badge/AppVersion-0.22.0-informational?style=flat-square)
 
 Keeps security report resources updated
 

diff --git a/deploy/helm/templates/specs/eks-cis-1.4.yaml b/deploy/helm/templates/specs/eks-cis-1.4.yaml
@@ -6,7 +6,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: 0.21.3
+    app.kubernetes.io/version: 0.22.0
     app.kubernetes.io/managed-by: kubectl
 spec:
   cron: {{ .Values.compliance.cron | quote }}

diff --git a/deploy/helm/templates/specs/k8s-cis-1.23.yaml b/deploy/helm/templates/specs/k8s-cis-1.23.yaml
@@ -8,7 +8,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: 0.21.3
+    app.kubernetes.io/version: 0.22.0
     app.kubernetes.io/managed-by: kubectl
 spec:
   cron: {{ .Values.compliance.cron | quote }}

diff --git a/deploy/helm/templates/specs/k8s-nsa-1.0.yaml b/deploy/helm/templates/specs/k8s-nsa-1.0.yaml
@@ -7,7 +7,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: 0.21.3
+    app.kubernetes.io/version: 0.22.0
     app.kubernetes.io/managed-by: kubectl
 spec:
   cron: {{ .Values.compliance.cron | quote}}

diff --git a/deploy/helm/templates/specs/k8s-pss-baseline-0.1.yaml b/deploy/helm/templates/specs/k8s-pss-baseline-0.1.yaml
@@ -7,7 +7,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: 0.21.3
+    app.kubernetes.io/version: 0.22.0
     app.kubernetes.io/managed-by: kubectl
 spec:
   cron: {{ .Values.compliance.cron | quote}}

diff --git a/deploy/helm/templates/specs/k8s-pss-restricted-0.1.yaml b/deploy/helm/templates/specs/k8s-pss-restricted-0.1.yaml
@@ -7,7 +7,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: 0.21.3
+    app.kubernetes.io/version: 0.22.0
     app.kubernetes.io/managed-by: kubectl
 spec:
   cron: {{ .Values.compliance.cron | quote}}

diff --git a/deploy/helm/templates/specs/rke2-cis-1.24.yaml b/deploy/helm/templates/specs/rke2-cis-1.24.yaml
@@ -7,7 +7,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: 0.21.3
+    app.kubernetes.io/version: 0.22.0
     app.kubernetes.io/managed-by: kubectl
 spec:
   cron: {{ .Values.compliance.cron | quote}}

diff --git a/deploy/static/namespace.yaml b/deploy/static/namespace.yaml
@@ -6,5 +6,5 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.21.3"
+    app.kubernetes.io/version: "0.22.0"
     app.kubernetes.io/managed-by: kubectl
diff --git a/deploy/static/trivy-operator.yaml b/deploy/static/trivy-operator.yaml
@@ -2937,7 +2937,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.21.3"
+    app.kubernetes.io/version: "0.22.0"
     app.kubernetes.io/managed-by: kubectl
 ---
 # Source: trivy-operator/templates/configmaps/operator.yaml
@@ -2949,7 +2949,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.21.3"
+    app.kubernetes.io/version: "0.22.0"
     app.kubernetes.io/managed-by: kubectl
 data:
   nodeCollector.volumes: "[{\"hostPath\":{\"path\":\"/var/lib/etcd\"},\"name\":\"var-lib-etcd\"},{\"hostPath\":{\"path\":\"/var/lib/kubelet\"},\"name\":\"var-lib-kubelet\"},{\"hostPath\":{\"path\":\"/var/lib/kube-scheduler\"},\"name\":\"var-lib-kube-scheduler\"},{\"hostPath\":{\"path\":\"/var/lib/kube-controller-manager\"},\"name\":\"var-lib-kube-controller-manager\"},{\"hostPath\":{\"path\":\"/etc/systemd\"},\"name\":\"etc-systemd\"},{\"hostPath\":{\"path\":\"/lib/systemd\"},\"name\":\"lib-systemd\"},{\"hostPath\":{\"path\":\"/etc/kubernetes\"},\"name\":\"etc-kubernetes\"},{\"hostPath\":{\"path\":\"/etc/cni/net.d/\"},\"name\":\"etc-cni-netd\"}]"
@@ -2976,7 +2976,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.21.3"
+    app.kubernetes.io/version: "0.22.0"
     app.kubernetes.io/managed-by: kubectl
 data:
   OPERATOR_LOG_DEV_MODE: "false"
@@ -3029,7 +3029,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.21.3"
+    app.kubernetes.io/version: "0.22.0"
     app.kubernetes.io/managed-by: kubectl
 data:
   trivy.repository: "ghcr.io/aquasecurity/trivy"
@@ -3066,7 +3066,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.21.3"
+    app.kubernetes.io/version: "0.22.0"
     app.kubernetes.io/managed-by: kubectl
 data:
 ---
@@ -3079,7 +3079,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.21.3"
+    app.kubernetes.io/version: "0.22.0"
     app.kubernetes.io/managed-by: kubectl
 data:
 ---
@@ -3092,7 +3092,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.21.3"
+    app.kubernetes.io/version: "0.22.0"
     app.kubernetes.io/managed-by: kubectl
 spec:
   replicas: 1
@@ -3112,7 +3112,7 @@ spec:
       automountServiceAccountToken: true
       containers:
         - name: "trivy-operator"
-          image: "ghcr.io/aquasecurity/trivy-operator:0.21.3"
+          image: "ghcr.io/aquasecurity/trivy-operator:0.22.0"
           imagePullPolicy: IfNotPresent
           env:
             - name: OPERATOR_NAMESPACE
@@ -3173,7 +3173,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.21.3"
+    app.kubernetes.io/version: "0.22.0"
     app.kubernetes.io/managed-by: kubectl
 spec:
   clusterIP: None
@@ -3564,7 +3564,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.21.3"
+    app.kubernetes.io/version: "0.22.0"
     app.kubernetes.io/managed-by: kubectl
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -3585,7 +3585,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.21.3"
+    app.kubernetes.io/version: "0.22.0"
     app.kubernetes.io/managed-by: kubectl
 rules:
   - apiGroups:
@@ -3612,7 +3612,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.21.3"
+    app.kubernetes.io/version: "0.22.0"
     app.kubernetes.io/managed-by: kubectl
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -3632,7 +3632,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.21.3"
+    app.kubernetes.io/version: "0.22.0"
     app.kubernetes.io/managed-by: kubectl
 rules:
   - apiGroups:
@@ -3662,7 +3662,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.21.3"
+    app.kubernetes.io/version: "0.22.0"
     app.kubernetes.io/managed-by: kubectl
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -3682,7 +3682,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.21.3"
+    app.kubernetes.io/version: "0.22.0"
     app.kubernetes.io/managed-by: kubectl
     rbac.authorization.k8s.io/aggregate-to-view: "true"
     rbac.authorization.k8s.io/aggregate-to-edit: "true"
@@ -3707,7 +3707,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.21.3"
+    app.kubernetes.io/version: "0.22.0"
     app.kubernetes.io/managed-by: kubectl
     rbac.authorization.k8s.io/aggregate-to-view: "true"
     rbac.authorization.k8s.io/aggregate-to-edit: "true"
@@ -3732,7 +3732,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.21.3"
+    app.kubernetes.io/version: "0.22.0"
     app.kubernetes.io/managed-by: kubectl
     rbac.authorization.k8s.io/aggregate-to-view: "true"
     rbac.authorization.k8s.io/aggregate-to-edit: "true"
@@ -3757,5 +3757,5 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.21.3"
+    app.kubernetes.io/version: "0.22.0"
     app.kubernetes.io/managed-by: kubectl
diff --git a/docs/docs/crds/clustercompliance-report.md b/docs/docs/crds/clustercompliance-report.md
@@ -1346,7 +1346,7 @@ status:
             "app.kubernetes.io/instance": "trivy-operator",
             "app.kubernetes.io/managed-by": "kubectl",
             "app.kubernetes.io/name": "trivy-operator",
-            "app.kubernetes.io/version": "0.21.3"
+            "app.kubernetes.io/version": "0.22.0"
         },
         "name": "cis",
         "resourceVersion": "8985",

diff --git a/docs/docs/crds/configaudit-report.md b/docs/docs/crds/configaudit-report.md
@@ -34,7 +34,7 @@ report:
   scanner:
     name: Trivy 
     vendor: Aqua Security
-    version: '0.21.3'
+    version: '0.22.0'
   summary:
     criticalCount: 2
     highCount: 0

diff --git a/docs/docs/crds/exposedsecret-report.md b/docs/docs/crds/exposedsecret-report.md
@@ -33,7 +33,7 @@ metadata:
 report:
   artifact:
     repository: myimagewithsecret
-    tag: v0.21.3
+    tag: v0.22.0
   registry:
     server: index.docker.io
   scanner:

diff --git a/docs/docs/crds/rbacassessment-report.md b/docs/docs/crds/rbacassessment-report.md
@@ -176,7 +176,7 @@ report:
   scanner:
     name: Trivy
     vendor: Aqua Security
-    version: '0.21.3'
+    version: '0.22.0'
   summary:
     criticalCount: 1
     highCount: 0

diff --git a/docs/docs/design/caching_scan_results_by_repo_digest.md b/docs/docs/design/caching_scan_results_by_repo_digest.md
@@ -129,5 +129,5 @@ We can't use something like ownerReference since it would delete all vulnerabili
   a gate.
 * Both Trivy-Operator CLI and Trivy-Operator Operator can read and leverage ClusterVulnerabilityReports.
 
-[Standalone]: https://aquasecurity.github.io/trivy-operator/v0.21.3/integrations/vulnerability-scanners/trivy/#standalone
-[ClientServer]: https://aquasecurity.github.io/trivy-operator/v0.21.3/integrations/vulnerability-scanners/trivy/#clientserver
+[Standalone]: https://aquasecurity.github.io/trivy-operator/v0.22.0/integrations/vulnerability-scanners/trivy/#standalone
+[ClientServer]: https://aquasecurity.github.io/trivy-operator/v0.22.0/integrations/vulnerability-scanners/trivy/#clientserver
diff --git a/docs/docs/design/design_compliance_report.md b/docs/docs/design/design_compliance_report.md
@@ -542,7 +542,7 @@ metadata:
   name: clustercompliancereports.aquasecurity.github.io
   labels:
     app.kubernetes.io/managed-by: trivy-operator
-    app.kubernetes.io/version: "0.21.3"
+    app.kubernetes.io/version: "0.22.0"
 spec:
   group: aquasecurity.github.io
   scope: Cluster
@@ -678,7 +678,7 @@ metadata:
   name: clustercompliancedetailreports.aquasecurity.github.io
   labels:
     app.kubernetes.io/managed-by: trivy-operator
-    app.kubernetes.io/version: "0.21.3"
+    app.kubernetes.io/version: "0.22.0"
 spec:
   group: aquasecurity.github.io
   versions:

diff --git a/docs/docs/design/design_starboard_at_scale.excalidraw b/docs/docs/design/design_starboard_at_scale.excalidraw
@@ -11835,7 +11835,7 @@
       "versionNonce": 596868769,
       "isDeleted": false,
       "boundElementIds": null,
-      "text": "apiVersion: batch/v1\nkind: Job\nmetadata:\n  name: scan-vulnerabilityreport-<workload hash>\n  namespace: trivy-system\nspec:\n  template:\n    spec:\n      containers:\n      - name: nginx\n        image: aquasec/trivy:0.21.3\n        command: [\"trivy\",  \"image\", \"nginx:1.16\"]\n      restartPolicy: Never\n  backoffLimit: 1",
+      "text": "apiVersion: batch/v1\nkind: Job\nmetadata:\n  name: scan-vulnerabilityreport-<workload hash>\n  namespace: trivy-system\nspec:\n  template:\n    spec:\n      containers:\n      - name: nginx\n        image: aquasec/trivy:0.22.0\n        command: [\"trivy\",  \"image\", \"nginx:1.16\"]\n      restartPolicy: Never\n  backoffLimit: 1",
       "fontSize": 20,
       "fontFamily": 3,
       "textAlign": "left",
@@ -11895,7 +11895,7 @@
       "boundElementIds": [],
       "fontSize": 20,
       "fontFamily": 3,
-      "text": "apiVersion: v1\nkind: Pod\nmetadata:\n  name: scan-vulnerabilityreport-<workload hash>-<pod-hash>\n  namespace: trivy-system\nspec:\n  containers:\n    - name: nginx\n      image: aquasec/trivy:0.21.3\n      command: [\"trivy\",  \"image\", \"nginx:1.16\"]\n",
+      "text": "apiVersion: v1\nkind: Pod\nmetadata:\n  name: scan-vulnerabilityreport-<workload hash>-<pod-hash>\n  namespace: trivy-system\nspec:\n  containers:\n    - name: nginx\n      image: aquasec/trivy:0.22.0\n      command: [\"trivy\",  \"image\", \"nginx:1.16\"]\n",
       "baseline": 259,
       "textAlign": "left",
       "verticalAlign": "top"

diff --git a/docs/docs/design/design_trivy_file_system_scanner.md b/docs/docs/design/design_trivy_file_system_scanner.md
@@ -117,10 +117,10 @@ spec:
           emptyDir: { }
       initContainers:
         # The trivy-get-binary init container is used to copy out the trivy executable
-        # binary from the upstream Trivy container image, i.e. aquasec/trivy:0.21.3,
+        # binary from the upstream Trivy container image, i.e. aquasec/trivy:0.22.0,
         # to a shared emptyDir volume.
         - name: trivy-get-binary
-          image: aquasec/trivy:0.21.3
+          image: aquasec/trivy:0.22.0
           command:
             - cp
             - -v
@@ -135,7 +135,7 @@ spec:
         # This won't be required once Trivy supports ClientServer mode
         # for the fs subcommand.
         - name: trivy-download-db
-          image: aquasec/trivy:0.21.3
+          image: aquasec/trivy:0.22.0
           command:
             - /var/trivy-operator/trivy
             - --download-db-only