Skip to content

Commit

Permalink
release: prepare v0.14.0-rc (#1249)
Browse files Browse the repository at this point in the history
Signed-off-by: chenk <hen.keinan@gmail.com>
  • Loading branch information
chen-keinan authored May 30, 2023
1 parent bc3f9f7 commit c5d7411
Show file tree
Hide file tree
Showing 16 changed files with 46 additions and 46 deletions.
10 changes: 5 additions & 5 deletions RELEASING.md
Original file line number Diff line number Diff line change
Expand Up @@ -46,17 +46,17 @@
5. Create an annotated git tag and push it to the `upstream`. This will trigger the [`.github/workflows/release.yaml`] workflow
```
git tag -v0.13.2 -m 'Release v0.13.2'
git push upstream v0.13.2
git tag -v0.14.0-rc -m 'Release v0.14.0-rc'
git push upstream v0.14.0-rc
```
6. Verify that the `release` workflow has built and published the following artifacts
1. Trivy-operator container images published to DockerHub
`docker.io/aquasec/trivy-operator:0.13.2`
`docker.io/aquasec/trivy-operator:0.14.0-rc`
2. Trivy-operator container images published to Amazon ECR Public Gallery
`public.ecr.aws/aquasecurity/trivy-operator:0.13.2`
`public.ecr.aws/aquasecurity/trivy-operator:0.14.0-rc`
2. Trivy-operator container images published to GitHub Container Registry
`ghcr.io/aquasecurity/trivy-operator:0.13.2`
`ghcr.io/aquasecurity/trivy-operator:0.14.0-rc`
7. Publish the Helm chart by manually triggering the [`.github/workflows/publish-helm-chart.yaml`] workflow
8. Publish docs on <https://aquasecurity.github.io/trivy-operator/> by manually triggering the [`.github/workflows/publish-docs.yaml`] workflow
9. Submit trivy-operator Operator to OperatorHub and ArtifactHUB by opening the PR to the <https://github.com/k8s-operatorhub/community-operators> repository.
Expand Down
4 changes: 2 additions & 2 deletions deploy/helm/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,12 +6,12 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.13.2
version: 0.14.0-rc

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
appVersion: 0.13.2
appVersion: 0.14.0-rc

# kubeVersion: A SemVer range of compatible Kubernetes versions (optional)

Expand Down
2 changes: 1 addition & 1 deletion deploy/helm/templates/specs/cis-1.23.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: 0.13.2
app.kubernetes.io/version: 0.14.0-rc
app.kubernetes.io/managed-by: kubectl
spec:
cron: {{ .Values.compliance.cron | quote}}
Expand Down
2 changes: 1 addition & 1 deletion deploy/helm/templates/specs/nsa-1.0.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.13.2"
app.kubernetes.io/version: "0.14.0-rc"
app.kubernetes.io/managed-by: kubectl
spec:
cron: {{ .Values.compliance.cron | quote }}
Expand Down
2 changes: 1 addition & 1 deletion deploy/helm/templates/specs/pss-baseline.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: 0.13.2
app.kubernetes.io/version: 0.14.0-rc
app.kubernetes.io/managed-by: kubectl
spec:
cron: {{ .Values.compliance.cron | quote }}
Expand Down
2 changes: 1 addition & 1 deletion deploy/helm/templates/specs/pss-restricted.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: 0.13.2
app.kubernetes.io/version: 0.14.0-rc
app.kubernetes.io/managed-by: kubectl
spec:
cron: {{ .Values.compliance.cron | quote }}
Expand Down
2 changes: 1 addition & 1 deletion deploy/static/namespace.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,5 +6,5 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.13.2"
app.kubernetes.io/version: "0.14.0-rc"
app.kubernetes.io/managed-by: kubectl
36 changes: 18 additions & 18 deletions deploy/static/trivy-operator.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -1764,7 +1764,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.13.2"
app.kubernetes.io/version: "0.14.0-rc"
app.kubernetes.io/managed-by: kubectl
---
# Source: trivy-operator/templates/config.yaml
Expand All @@ -1776,7 +1776,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.13.2"
app.kubernetes.io/version: "0.14.0-rc"
app.kubernetes.io/managed-by: kubectl
---
# Source: trivy-operator/templates/config.yaml
Expand All @@ -1788,7 +1788,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.13.2"
app.kubernetes.io/version: "0.14.0-rc"
app.kubernetes.io/managed-by: kubectl
data:
---
Expand All @@ -1801,7 +1801,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.13.2"
app.kubernetes.io/version: "0.14.0-rc"
app.kubernetes.io/managed-by: kubectl
data:
nodeCollector.volumes: "[{\"hostPath\":{\"path\":\"/var/lib/etcd\"},\"name\":\"var-lib-etcd\"},{\"hostPath\":{\"path\":\"/var/lib/kubelet\"},\"name\":\"var-lib-kubelet\"},{\"hostPath\":{\"path\":\"/var/lib/kube-scheduler\"},\"name\":\"var-lib-kube-scheduler\"},{\"hostPath\":{\"path\":\"/var/lib/kube-controller-manager\"},\"name\":\"var-lib-kube-controller-manager\"},{\"hostPath\":{\"path\":\"/etc/systemd\"},\"name\":\"etc-systemd\"},{\"hostPath\":{\"path\":\"/lib/systemd\"},\"name\":\"lib-systemd\"},{\"hostPath\":{\"path\":\"/etc/kubernetes\"},\"name\":\"etc-kubernetes\"},{\"hostPath\":{\"path\":\"/etc/cni/net.d/\"},\"name\":\"etc-cni-netd\"}]"
Expand All @@ -1823,7 +1823,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.13.2"
app.kubernetes.io/version: "0.14.0-rc"
app.kubernetes.io/managed-by: kubectl
data:
trivy.repository: "ghcr.io/aquasecurity/trivy"
Expand Down Expand Up @@ -1853,7 +1853,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.13.2"
app.kubernetes.io/version: "0.14.0-rc"
app.kubernetes.io/managed-by: kubectl
spec:
replicas: 1
Expand All @@ -1873,7 +1873,7 @@ spec:
automountServiceAccountToken: true
containers:
- name: "trivy-operator"
image: "ghcr.io/aquasecurity/trivy-operator:0.13.2"
image: "ghcr.io/aquasecurity/trivy-operator:0.14.0-rc"
imagePullPolicy: IfNotPresent
env:
- name: OPERATOR_NAMESPACE
Expand Down Expand Up @@ -1989,7 +1989,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.13.2"
app.kubernetes.io/version: "0.14.0-rc"
app.kubernetes.io/managed-by: kubectl
rules:
- apiGroups:
Expand All @@ -2016,7 +2016,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.13.2"
app.kubernetes.io/version: "0.14.0-rc"
app.kubernetes.io/managed-by: kubectl
roleRef:
apiGroup: rbac.authorization.k8s.io
Expand All @@ -2036,7 +2036,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.13.2"
app.kubernetes.io/version: "0.14.0-rc"
app.kubernetes.io/managed-by: kubectl
data:
# example
Expand Down Expand Up @@ -2086,7 +2086,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.13.2"
app.kubernetes.io/version: "0.14.0-rc"
app.kubernetes.io/managed-by: kubectl
---
# Source: trivy-operator/templates/rbac.yaml
Expand Down Expand Up @@ -2417,7 +2417,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.13.2"
app.kubernetes.io/version: "0.14.0-rc"
app.kubernetes.io/managed-by: kubectl
rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
Expand All @@ -2442,7 +2442,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.13.2"
app.kubernetes.io/version: "0.14.0-rc"
app.kubernetes.io/managed-by: kubectl
rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
Expand All @@ -2467,7 +2467,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.13.2"
app.kubernetes.io/version: "0.14.0-rc"
app.kubernetes.io/managed-by: kubectl
rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
Expand All @@ -2491,7 +2491,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.13.2"
app.kubernetes.io/version: "0.14.0-rc"
app.kubernetes.io/managed-by: kubectl
roleRef:
apiGroup: rbac.authorization.k8s.io
Expand All @@ -2511,7 +2511,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.13.2"
app.kubernetes.io/version: "0.14.0-rc"
app.kubernetes.io/managed-by: kubectl
rules:
- apiGroups:
Expand Down Expand Up @@ -2541,7 +2541,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.13.2"
app.kubernetes.io/version: "0.14.0-rc"
app.kubernetes.io/managed-by: kubectl
roleRef:
apiGroup: rbac.authorization.k8s.io
Expand All @@ -2561,7 +2561,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.13.2"
app.kubernetes.io/version: "0.14.0-rc"
app.kubernetes.io/managed-by: kubectl
spec:
clusterIP: None
Expand Down
2 changes: 1 addition & 1 deletion docs/docs/crds/clustercompliance-report.md
Original file line number Diff line number Diff line change
Expand Up @@ -1346,7 +1346,7 @@ status:
"app.kubernetes.io/instance": "trivy-operator",
"app.kubernetes.io/managed-by": "kubectl",
"app.kubernetes.io/name": "trivy-operator",
"app.kubernetes.io/version": "0.13.2"
"app.kubernetes.io/version": "0.14.0-rc"
},
"name": "cis",
"resourceVersion": "8985",
Expand Down
2 changes: 1 addition & 1 deletion docs/docs/crds/configaudit-report.md
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ report:
scanner:
name: Trivy
vendor: Aqua Security
version: '0.13.2'
version: '0.14.0-rc'
summary:
criticalCount: 2
highCount: 0
Expand Down
2 changes: 1 addition & 1 deletion docs/docs/crds/exposedsecret-report.md
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ metadata:
report:
artifact:
repository: myimagewithsecret
tag: v0.13.2
tag: v0.14.0-rc
registry:
server: index.docker.io
scanner:
Expand Down
2 changes: 1 addition & 1 deletion docs/docs/crds/rbacassessment-report.md
Original file line number Diff line number Diff line change
Expand Up @@ -177,7 +177,7 @@ report:
scanner:
name: Trivy
vendor: Aqua Security
version: '0.13.2'
version: '0.14.0-rc'
summary:
criticalCount: 1
highCount: 0
Expand Down
4 changes: 2 additions & 2 deletions docs/docs/design/caching_scan_results_by_repo_digest.md
Original file line number Diff line number Diff line change
Expand Up @@ -129,5 +129,5 @@ We can't use something like ownerReference since it would delete all vulnerabili
a gate.
* Both Trivy-Operator CLI and Trivy-Operator Operator can read and leverage ClusterVulnerabilityReports.

[Standalone]: https://aquasecurity.github.io/trivy-operator/v0.13.2/integrations/vulnerability-scanners/trivy/#standalone
[ClientServer]: https://aquasecurity.github.io/trivy-operator/v0.13.2/integrations/vulnerability-scanners/trivy/#clientserver
[Standalone]: https://aquasecurity.github.io/trivy-operator/v0.14.0-rc/integrations/vulnerability-scanners/trivy/#standalone
[ClientServer]: https://aquasecurity.github.io/trivy-operator/v0.14.0-rc/integrations/vulnerability-scanners/trivy/#clientserver
6 changes: 3 additions & 3 deletions docs/tutorials/grafana-dashboard.md
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,7 @@ Next, we can install the operator with the following command:
helm install trivy-operator aqua/trivy-operator \
--namespace trivy-system \
--create-namespace \
--version 0.13.2 \
--version 0.14.0-rc \
--values trivy-values.yaml
```

Expand Down Expand Up @@ -143,7 +143,7 @@ Run the following command to port-forward the Trivy Operator Service:
kubectl port-forward service/trivy-operator -n trivy-system 5000:80
```

Once you open the 'http://localhost:5000/metrics' you should see all the metrics gathered from the operator. However, this is obviously not the prettiest way of looking at them. Thus, the next sections will show you how to query metrics through Prometheus and visualise them in Grafana.
Once you open the '<http://localhost:5000/metrics>' you should see all the metrics gathered from the operator. However, this is obviously not the prettiest way of looking at them. Thus, the next sections will show you how to query metrics through Prometheus and visualise them in Grafana.

### Query Trivy Operator Metrics in Prometheus

Expand Down Expand Up @@ -176,7 +176,7 @@ sum(trivy_image_exposedsecrets)

Lastly, we want to visualise the security issues within our cluster in a Grafana Dashboard.

For this, navigate to the Grafana URL 'http://localhost:3000'.
For this, navigate to the Grafana URL '<http://localhost:3000>'.

Username: admin
Password: prom-operator
Expand Down
10 changes: 5 additions & 5 deletions docs/tutorials/private-registries.md
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ Lastly, we can deploy the operator inside our cluster with referencing our new `
helm upgrade --install trivy-operator aqua/trivy-operator \
--namespace trivy-system \
--create-namespace \
--version 0.13.2
--version 0.14.0-rc
--values ./values.yaml
```

Expand All @@ -57,7 +57,7 @@ Alternatively, it is possible to set the values directly through Helm instead of
helm upgrade --install trivy-operator aqua/trivy-operator \
--namespace trivy-system \
--create-namespace \
--version 0.13.2
--version 0.14.0-rc
--set="trivy.command=fs"
--set="trivyOperator.scanJobPodTemplateContainerSecurityContext.runAsUser=0"
```
Expand Down Expand Up @@ -230,7 +230,7 @@ Lastly, we can deploy the operator inside our cluster with referencing our new `
helm upgrade --install trivy-operator aqua/trivy-operator \
--namespace trivy-system \
--create-namespace \
--version 0.13.2
--version 0.14.0-rc
--values ./values.yaml
```

Expand All @@ -240,7 +240,7 @@ Alternatively, it is possible to set the values directly through Helm instead of
helm upgrade --install trivy-operator aqua/trivy-operator \
--namespace trivy-system \
--create-namespace \
--version 0.13.2
--version 0.14.0-rc
--set-json='operator.privateRegistryScanSecretsNames={"app":"dockerconfigjson-github-com"}'
```

Expand All @@ -262,4 +262,4 @@ trivy-operator 1/1 1 1 99s

The last way that you could give the Trivy operator access to your private container registry is through managed registries. In this case, the container registry and your Kubernetes cluster would have to be on the same cloud provider; then you can define access to your container namespace as part of the IAM account. Once defined, trivy will already have the permissions for the registry.

For additional information, please refer to the [documentation on managed registries.](https://aquasecurity.github.io/trivy-operator/v0.13.2/docs/vulnerability-scanning/managed-registries/)
For additional information, please refer to the [documentation on managed registries.](https://aquasecurity.github.io/trivy-operator/v0.14.0-rc/docs/vulnerability-scanning/managed-registries/)
4 changes: 2 additions & 2 deletions mkdocs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -86,8 +86,8 @@ extra:
method: mike
provider: mike
var:
prev_git_tag: "v0.13.1"
chart_version: "0.13.2"
prev_git_tag: "v0.13.2"
chart_version: "0.14.0-rc"

plugins:
- search
Expand Down

0 comments on commit c5d7411

Please sign in to comment.