release: prepare v0.16.4 (#1600)

* release: prepare v0.16.4 Signed-off-by: chenk <hen.keinan@gmail.com> * release: prepare v0.16.4 Signed-off-by: chenk <hen.keinan@gmail.com> --------- Signed-off-by: chenk <hen.keinan@gmail.com>
aquasecurity · Oct 29, 2023 · c2f0e0f · c2f0e0f
1 parent 289c808
commit c2f0e0f
Show file tree

Hide file tree

Showing 23 changed files with 53 additions and 53 deletions.
diff --git a/RELEASING.md b/RELEASING.md
@@ -46,17 +46,17 @@
 5. Create an annotated git tag and push it to the `upstream`. This will trigger the [`.github/workflows/release.yaml`] workflow
 
    ```sh
-   git tag -v0.16.3 -m 'Release v0.16.3'
-   git push upstream v0.16.3
+   git tag -v0.16.4 -m 'Release v0.16.4'
+   git push upstream v0.16.4
    ```
 
 6. Verify that the `release` workflow has built and published the following artifacts
    1. Trivy-operator container images published to DockerHub
-       `docker.io/aquasec/trivy-operator:0.16.3`
+       `docker.io/aquasec/trivy-operator:0.16.4`
    2. Trivy-operator container images published to Amazon ECR Public Gallery
-       `public.ecr.aws/aquasecurity/trivy-operator:0.16.3`
+       `public.ecr.aws/aquasecurity/trivy-operator:0.16.4`
    3. Trivy-operator container images published to GitHub Container Registry
-       `ghcr.io/aquasecurity/trivy-operator:0.16.3`
+       `ghcr.io/aquasecurity/trivy-operator:0.16.4`
 
 7. Submit trivy-operator Operator to OperatorHub and ArtifactHUB by opening the PR to the <https://github.com/k8s-operatorhub/community-operators> repository.
 

diff --git a/deploy/helm/Chart.yaml b/deploy/helm/Chart.yaml
@@ -6,12 +6,12 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.18.3
+version: 0.18.4
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
-appVersion: 0.16.3
+appVersion: 0.16.4
 
 # kubeVersion: A SemVer range of compatible Kubernetes versions (optional)
 

diff --git a/deploy/helm/README.md b/deploy/helm/README.md
@@ -1,6 +1,6 @@
 # trivy-operator
 
-![Version: 0.18.3](https://img.shields.io/badge/Version-0.18.3-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.16.3](https://img.shields.io/badge/AppVersion-0.16.3-informational?style=flat-square)
+![Version: 0.18.4](https://img.shields.io/badge/Version-0.18.4-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.16.4](https://img.shields.io/badge/AppVersion-0.16.4-informational?style=flat-square)
 
 Keeps security report resources updated
 

diff --git a/deploy/helm/templates/specs/cis-1.23.yaml b/deploy/helm/templates/specs/cis-1.23.yaml
@@ -5,7 +5,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: 0.16.3
+    app.kubernetes.io/version: 0.16.4
     app.kubernetes.io/managed-by: kubectl
 spec:
   cron: {{ .Values.compliance.cron | quote}}

diff --git a/deploy/helm/templates/specs/nsa-1.0.yaml b/deploy/helm/templates/specs/nsa-1.0.yaml
@@ -5,7 +5,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.16.3"
+    app.kubernetes.io/version: "0.16.4"
     app.kubernetes.io/managed-by: kubectl
 spec:
   cron: {{ .Values.compliance.cron | quote }}

diff --git a/deploy/helm/templates/specs/pss-baseline.yaml b/deploy/helm/templates/specs/pss-baseline.yaml
@@ -5,7 +5,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: 0.16.3
+    app.kubernetes.io/version: 0.16.4
     app.kubernetes.io/managed-by: kubectl
 spec:
   cron: {{ .Values.compliance.cron | quote }}

diff --git a/deploy/helm/templates/specs/pss-restricted.yaml b/deploy/helm/templates/specs/pss-restricted.yaml
@@ -5,7 +5,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: 0.16.3
+    app.kubernetes.io/version: 0.16.4
     app.kubernetes.io/managed-by: kubectl
 spec:
   cron: {{ .Values.compliance.cron | quote }}

diff --git a/deploy/static/namespace.yaml b/deploy/static/namespace.yaml
@@ -6,5 +6,5 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.16.3"
+    app.kubernetes.io/version: "0.16.4"
     app.kubernetes.io/managed-by: kubectl
diff --git a/deploy/static/trivy-operator.yaml b/deploy/static/trivy-operator.yaml
@@ -2104,7 +2104,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.16.3"
+    app.kubernetes.io/version: "0.16.4"
     app.kubernetes.io/managed-by: kubectl
 ---
 # Source: trivy-operator/templates/configmaps/operator.yaml
@@ -2116,7 +2116,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.16.3"
+    app.kubernetes.io/version: "0.16.4"
     app.kubernetes.io/managed-by: kubectl
 data:
   nodeCollector.volumes: "[{\"hostPath\":{\"path\":\"/var/lib/etcd\"},\"name\":\"var-lib-etcd\"},{\"hostPath\":{\"path\":\"/var/lib/kubelet\"},\"name\":\"var-lib-kubelet\"},{\"hostPath\":{\"path\":\"/var/lib/kube-scheduler\"},\"name\":\"var-lib-kube-scheduler\"},{\"hostPath\":{\"path\":\"/var/lib/kube-controller-manager\"},\"name\":\"var-lib-kube-controller-manager\"},{\"hostPath\":{\"path\":\"/etc/systemd\"},\"name\":\"etc-systemd\"},{\"hostPath\":{\"path\":\"/lib/systemd\"},\"name\":\"lib-systemd\"},{\"hostPath\":{\"path\":\"/etc/kubernetes\"},\"name\":\"etc-kubernetes\"},{\"hostPath\":{\"path\":\"/etc/cni/net.d/\"},\"name\":\"etc-cni-netd\"}]"
@@ -2138,7 +2138,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.16.3"
+    app.kubernetes.io/version: "0.16.4"
     app.kubernetes.io/managed-by: kubectl
 data:
 ---
@@ -2151,7 +2151,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.16.3"
+    app.kubernetes.io/version: "0.16.4"
     app.kubernetes.io/managed-by: kubectl
 data:
   trivy.repository: "ghcr.io/aquasecurity/trivy"
@@ -2183,7 +2183,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.16.3"
+    app.kubernetes.io/version: "0.16.4"
     app.kubernetes.io/managed-by: kubectl
 ---
 # Source: trivy-operator/templates/secrets/trivy.yaml
@@ -2195,7 +2195,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.16.3"
+    app.kubernetes.io/version: "0.16.4"
     app.kubernetes.io/managed-by: kubectl
 data:
 ---
@@ -2208,7 +2208,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.16.3"
+    app.kubernetes.io/version: "0.16.4"
     app.kubernetes.io/managed-by: kubectl
 spec:
   replicas: 1
@@ -2228,7 +2228,7 @@ spec:
       automountServiceAccountToken: true
       containers:
         - name: "trivy-operator"
-          image: "ghcr.io/aquasecurity/trivy-operator:0.16.3"
+          image: "ghcr.io/aquasecurity/trivy-operator:0.16.4"
           imagePullPolicy: IfNotPresent
           env:
             - name: OPERATOR_NAMESPACE
@@ -2349,7 +2349,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.16.3"
+    app.kubernetes.io/version: "0.16.4"
     app.kubernetes.io/managed-by: kubectl
 spec:
 
@@ -2711,7 +2711,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.16.3"
+    app.kubernetes.io/version: "0.16.4"
     app.kubernetes.io/managed-by: kubectl
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -2732,7 +2732,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.16.3"
+    app.kubernetes.io/version: "0.16.4"
     app.kubernetes.io/managed-by: kubectl
 rules:
   - apiGroups:
@@ -2759,7 +2759,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.16.3"
+    app.kubernetes.io/version: "0.16.4"
     app.kubernetes.io/managed-by: kubectl
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -2779,7 +2779,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.16.3"
+    app.kubernetes.io/version: "0.16.4"
     app.kubernetes.io/managed-by: kubectl
 rules:
   - apiGroups:
@@ -2809,7 +2809,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.16.3"
+    app.kubernetes.io/version: "0.16.4"
     app.kubernetes.io/managed-by: kubectl
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -2829,7 +2829,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.16.3"
+    app.kubernetes.io/version: "0.16.4"
     app.kubernetes.io/managed-by: kubectl
     rbac.authorization.k8s.io/aggregate-to-view: "true"
     rbac.authorization.k8s.io/aggregate-to-edit: "true"
@@ -2854,7 +2854,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.16.3"
+    app.kubernetes.io/version: "0.16.4"
     app.kubernetes.io/managed-by: kubectl
     rbac.authorization.k8s.io/aggregate-to-view: "true"
     rbac.authorization.k8s.io/aggregate-to-edit: "true"
@@ -2879,7 +2879,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.16.3"
+    app.kubernetes.io/version: "0.16.4"
     app.kubernetes.io/managed-by: kubectl
     rbac.authorization.k8s.io/aggregate-to-view: "true"
     rbac.authorization.k8s.io/aggregate-to-edit: "true"
@@ -2904,5 +2904,5 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.16.3"
+    app.kubernetes.io/version: "0.16.4"
     app.kubernetes.io/managed-by: kubectl
diff --git a/docs/docs/crds/clustercompliance-report.md b/docs/docs/crds/clustercompliance-report.md
@@ -1346,7 +1346,7 @@ status:
             "app.kubernetes.io/instance": "trivy-operator",
             "app.kubernetes.io/managed-by": "kubectl",
             "app.kubernetes.io/name": "trivy-operator",
-            "app.kubernetes.io/version": "0.16.3"
+            "app.kubernetes.io/version": "0.16.4"
         },
         "name": "cis",
         "resourceVersion": "8985",

diff --git a/docs/docs/crds/configaudit-report.md b/docs/docs/crds/configaudit-report.md
@@ -36,7 +36,7 @@ report:
   scanner:
     name: Trivy 
     vendor: Aqua Security
-    version: '0.16.3'
+    version: '0.16.4'
   summary:
     criticalCount: 2
     highCount: 0

diff --git a/docs/docs/crds/exposedsecret-report.md b/docs/docs/crds/exposedsecret-report.md
@@ -34,7 +34,7 @@ metadata:
 report:
   artifact:
     repository: myimagewithsecret
-    tag: v0.16.3
+    tag: v0.16.4
   registry:
     server: index.docker.io
   scanner:

diff --git a/docs/docs/crds/rbacassessment-report.md b/docs/docs/crds/rbacassessment-report.md
@@ -177,7 +177,7 @@ report:
   scanner:
     name: Trivy
     vendor: Aqua Security
-    version: '0.16.3'
+    version: '0.16.4'
   summary:
     criticalCount: 1
     highCount: 0

diff --git a/docs/docs/design/caching_scan_results_by_repo_digest.md b/docs/docs/design/caching_scan_results_by_repo_digest.md
@@ -129,5 +129,5 @@ We can't use something like ownerReference since it would delete all vulnerabili
   a gate.
 * Both Trivy-Operator CLI and Trivy-Operator Operator can read and leverage ClusterVulnerabilityReports.
 
-[Standalone]: https://aquasecurity.github.io/trivy-operator/v0.16.3/integrations/vulnerability-scanners/trivy/#standalone
-[ClientServer]: https://aquasecurity.github.io/trivy-operator/v0.16.3/integrations/vulnerability-scanners/trivy/#clientserver
+[Standalone]: https://aquasecurity.github.io/trivy-operator/v0.16.4/integrations/vulnerability-scanners/trivy/#standalone
+[ClientServer]: https://aquasecurity.github.io/trivy-operator/v0.16.4/integrations/vulnerability-scanners/trivy/#clientserver
diff --git a/docs/docs/design/design_compliance_report.md b/docs/docs/design/design_compliance_report.md
@@ -542,7 +542,7 @@ metadata:
   name: clustercompliancereports.aquasecurity.github.io
   labels:
     app.kubernetes.io/managed-by: trivy-operator
-    app.kubernetes.io/version: "0.16.3"
+    app.kubernetes.io/version: "0.16.4"
 spec:
   group: aquasecurity.github.io
   scope: Cluster
@@ -678,7 +678,7 @@ metadata:
   name: clustercompliancedetailreports.aquasecurity.github.io
   labels:
     app.kubernetes.io/managed-by: trivy-operator
-    app.kubernetes.io/version: "0.16.3"
+    app.kubernetes.io/version: "0.16.4"
 spec:
   group: aquasecurity.github.io
   versions:

diff --git a/docs/docs/design/design_starboard_at_scale.excalidraw b/docs/docs/design/design_starboard_at_scale.excalidraw
@@ -11835,7 +11835,7 @@
       "versionNonce": 596868769,
       "isDeleted": false,
       "boundElementIds": null,
-      "text": "apiVersion: batch/v1\nkind: Job\nmetadata:\n  name: scan-vulnerabilityreport-<workload hash>\n  namespace: trivy-system\nspec:\n  template:\n    spec:\n      containers:\n      - name: nginx\n        image: aquasec/trivy:0.16.3\n        command: [\"trivy\",  \"image\", \"nginx:1.16\"]\n      restartPolicy: Never\n  backoffLimit: 1",
+      "text": "apiVersion: batch/v1\nkind: Job\nmetadata:\n  name: scan-vulnerabilityreport-<workload hash>\n  namespace: trivy-system\nspec:\n  template:\n    spec:\n      containers:\n      - name: nginx\n        image: aquasec/trivy:0.16.4\n        command: [\"trivy\",  \"image\", \"nginx:1.16\"]\n      restartPolicy: Never\n  backoffLimit: 1",
       "fontSize": 20,
       "fontFamily": 3,
       "textAlign": "left",
@@ -11895,7 +11895,7 @@
       "boundElementIds": [],
       "fontSize": 20,
       "fontFamily": 3,
-      "text": "apiVersion: v1\nkind: Pod\nmetadata:\n  name: scan-vulnerabilityreport-<workload hash>-<pod-hash>\n  namespace: trivy-system\nspec:\n  containers:\n    - name: nginx\n      image: aquasec/trivy:0.16.3\n      command: [\"trivy\",  \"image\", \"nginx:1.16\"]\n",
+      "text": "apiVersion: v1\nkind: Pod\nmetadata:\n  name: scan-vulnerabilityreport-<workload hash>-<pod-hash>\n  namespace: trivy-system\nspec:\n  containers:\n    - name: nginx\n      image: aquasec/trivy:0.16.4\n      command: [\"trivy\",  \"image\", \"nginx:1.16\"]\n",
       "baseline": 259,
       "textAlign": "left",
       "verticalAlign": "top"

diff --git a/docs/docs/design/design_vuln_scan_job_in_same_namespace_of_workload.md b/docs/docs/design/design_vuln_scan_job_in_same_namespace_of_workload.md
@@ -219,6 +219,6 @@ With this approach trivy operator will not have to worry about managing(create/d
     - As we will run scan job with service account of workload and if there are some very strict PSP defined in the cluster
     then scan job will be blocked due to the PSP.
 
-[ECR registry configuration]: https://aquasecurity.github.io/trivy-operator/v0.16.3/integrations/managed-registries/#amazon-elastic-container-registry-ecr
+[ECR registry configuration]: https://aquasecurity.github.io/trivy-operator/v0.16.4/integrations/managed-registries/#amazon-elastic-container-registry-ecr
 [IAM role to service account]: https://docs.aws.amazon.com/eks/latest/userguide/specify-service-account-role.html
 [Trivy fs command]: https://github.com/aquasecurity/trivy-operator/blob/main/docs/design/design_trivy_file_system_scanner.md
diff --git a/docs/docs/design/ttl_scans.md b/docs/docs/design/ttl_scans.md
@@ -44,7 +44,7 @@ metadata:
 report:
   artifact:
     repository: fluxcd/source-controller
-    tag: v0.16.3
+    tag: v0.16.4
   registry:
     server: ghcr.io
   scanner:

diff --git a/docs/docs/vulnerability-scanning/managed-registries.md b/docs/docs/vulnerability-scanning/managed-registries.md
@@ -40,7 +40,7 @@ metadata:
   labels:
     app.kubernetes.io/name: trivy-operator
     app.kubernetes.io/instance: trivy-operator
-    app.kubernetes.io/version: "0.16.3"
+    app.kubernetes.io/version: "0.16.4"
     app.kubernetes.io/managed-by: kubectl
     azure.workload.identity/use: "true"
   annotations:

diff --git a/docs/tutorials/grafana-dashboard.md b/docs/tutorials/grafana-dashboard.md
@@ -92,7 +92,7 @@ Next, we can install the operator with the following command:
 helm install trivy-operator aqua/trivy-operator \
   --namespace trivy-system \
   --create-namespace \
-  --version 0.16.3 \
+  --version 0.16.4 \
   --values trivy-values.yaml
 ```