chore: bump trivy-0.50.4 (#2041)

Signed-off-by: chenk <[email protected]>
aquasecurity · Apr 24, 2024 · dca19ab · dca19ab
1 parent 1cbf7bd
commit dca19ab
Show file tree

Hide file tree

Showing 15 changed files with 16 additions and 16 deletions.
diff --git a/deploy/helm/README.md b/deploy/helm/README.md
@@ -138,7 +138,7 @@ Keeps security report resources updated
 | trivy.image.pullPolicy | string | `"IfNotPresent"` | pullPolicy is the imge pull policy used for trivy image , valid values are (Always, Never, IfNotPresent) |
 | trivy.image.registry | string | `"ghcr.io"` | registry of the Trivy image |
 | trivy.image.repository | string | `"aquasecurity/trivy"` | repository of the Trivy image |
-| trivy.image.tag | string | `"0.50.2"` | tag version of the Trivy image |
+| trivy.image.tag | string | `"0.50.4"` | tag version of the Trivy image |
 | trivy.imageScanCacheDir | string | `"/tmp/trivy/.cache"` | imageScanCacheDir the flag to set custom path for trivy image scan `cache-dir` parameter. Only applicable in image scan mode. |
 | trivy.includeDevDeps | bool | `false` | includeDevDeps include development dependencies in the report (supported: npm, yarn) (default: false) note: this flag is only applicable when trivy.command is set to filesystem |
 | trivy.insecureRegistries | object | `{}` | The registry to which insecure connections are allowed. There can be multiple registries with different keys. |

diff --git a/deploy/helm/values.yaml b/deploy/helm/values.yaml
@@ -323,7 +323,7 @@ trivy:
     # -- repository of the Trivy image
     repository: aquasecurity/trivy
     # -- tag version of the Trivy image
-    tag: 0.50.2
+    tag: 0.50.4
     # -- imagePullSecret is the secret name to be used when pulling trivy image from private registries example : reg-secret
     # It is the user responsibility to create the secret for the private registry in `trivy-operator` namespace
     imagePullSecret: ~

diff --git a/deploy/static/trivy-operator.yaml b/deploy/static/trivy-operator.yaml
@@ -3024,7 +3024,7 @@ metadata:
     app.kubernetes.io/managed-by: kubectl
 data:
   trivy.repository: "ghcr.io/aquasecurity/trivy"
-  trivy.tag: "0.50.2"
+  trivy.tag: "0.50.4"
   trivy.imagePullPolicy: "IfNotPresent"
   trivy.additionalVulnerabilityReportFields: ""
   trivy.severity: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL"

diff --git a/docs/docs/crds/clustervulnerability-report.md b/docs/docs/crds/clustervulnerability-report.md
@@ -44,7 +44,7 @@ report:
   scanner:
     name: Trivy
     vendor: Aqua Security
-    version: 0.50.2
+    version: 0.50.4
   summary:
     criticalCount: 0
     highCount: 4

diff --git a/docs/docs/crds/sbom-report.md b/docs/docs/crds/sbom-report.md
@@ -162,7 +162,7 @@ report:
   scanner:
     name: Trivy
     vendor: Aqua Security
-    version: 0.50.2
+    version: 0.50.4
   summary:
     componentsCount: 5
     dependenciesCount: 5

diff --git a/go.mod b/go.mod
@@ -4,7 +4,7 @@ go 1.22.0
 
 require (
 	github.com/CycloneDX/cyclonedx-go v0.8.0
-	github.com/aquasecurity/trivy v0.50.2
+	github.com/aquasecurity/trivy v0.50.4
 	github.com/aquasecurity/trivy-kubernetes v0.6.6-0.20240403110607-a34923270723
 	github.com/bluele/gcache v0.0.2
 	github.com/caarlos0/env/v6 v6.10.1

diff --git a/go.sum b/go.sum
@@ -300,8 +300,8 @@ github.com/aquasecurity/testdocker v0.0.0-20230111101738-e741bda259da h1:pj/adfN
 github.com/aquasecurity/testdocker v0.0.0-20230111101738-e741bda259da/go.mod h1:852lbQLpK2nCwlR4ZLYIccxYCfoQao6q9Nl6tjz54v8=
 github.com/aquasecurity/tml v0.6.1 h1:y2ZlGSfrhnn7t4ZJ/0rotuH+v5Jgv6BDDO5jB6A9gwo=
 github.com/aquasecurity/tml v0.6.1/go.mod h1:OnYMWY5lvI9ejU7yH9LCberWaaTBW7hBFsITiIMY2yY=
-github.com/aquasecurity/trivy v0.50.2 h1:FAAH/YcF5yiprSFdMhZF3XHbhVSIpS8EF+NnllQIYBk=
-github.com/aquasecurity/trivy v0.50.2/go.mod h1:XfQq9o0sQF25HHzgRFZT2fImCAOt+VCqE8m1d+jxt9U=
+github.com/aquasecurity/trivy v0.50.4 h1:6+r30EnhodXLdzQimGwsU1iDZmrU+8xuTM6zjQ5ZUmM=
+github.com/aquasecurity/trivy v0.50.4/go.mod h1:XfQq9o0sQF25HHzgRFZT2fImCAOt+VCqE8m1d+jxt9U=
 github.com/aquasecurity/trivy-db v0.0.0-20231020043206-3770774790ce h1:53T1cV67meZOWb/AepAHRGrUH7ZwhulLIXravz0lFp4=
 github.com/aquasecurity/trivy-db v0.0.0-20231020043206-3770774790ce/go.mod h1:cj9/QmD9N3OZnKQMp+/DvdV+ym3HyIkd4e+F0ZM3ZGs=
 github.com/aquasecurity/trivy-java-db v0.0.0-20240109071736-184bd7481d48 h1:JVgBIuIYbwG+ekC5lUHUpGJboPYiCcxiz06RCtz8neI=

diff --git a/pkg/plugins/trivy/config_test.go b/pkg/plugins/trivy/config_test.go
@@ -725,7 +725,7 @@ func TestPlugin_Init(t *testing.T) {
 			},
 			Data: map[string]string{
 				"trivy.repository":                DefaultImageRepository,
-				"trivy.tag":                       "0.50.2",
+				"trivy.tag":                       "0.50.4",
 				"trivy.severity":                  DefaultSeverity,
 				"trivy.slow":                      "true",
 				"trivy.mode":                      string(Standalone),

diff --git a/pkg/plugins/trivy/jobspec_test.go b/pkg/plugins/trivy/jobspec_test.go
diff --git a/pkg/plugins/trivy/plugin.go b/pkg/plugins/trivy/plugin.go
@@ -80,7 +80,7 @@ func (p *plugin) Init(ctx trivyoperator.PluginContext) error {
 	return ctx.EnsureConfig(trivyoperator.PluginConfig{
 		Data: map[string]string{
 			keyTrivyImageRepository:           DefaultImageRepository,
-			keyTrivyImageTag:                  "0.50.2",
+			keyTrivyImageTag:                  "0.50.4",
 			KeyTrivySeverity:                  DefaultSeverity,
 			keyTrivySlow:                      "true",
 			keyTrivyMode:                      string(Standalone),

diff --git a/pkg/plugins/trivy/testdata/fixture/alpine_sbom.json b/pkg/plugins/trivy/testdata/fixture/alpine_sbom.json
@@ -12,7 +12,7 @@
                     "type": "application",
                     "group": "aquasecurity",
                     "name": "trivy",
-                    "version": "0.50.2"
+                    "version": "0.50.4"
                 }
             ]
         },

diff --git a/pkg/vulnerabilityreport/controller/testdata/sbom.json b/pkg/vulnerabilityreport/controller/testdata/sbom.json
@@ -246,7 +246,7 @@
         "scanner": {
             "name": "Trivy",
             "vendor": "Aqua Security",
-            "version": "0.50.2"
+            "version": "0.50.4"
         },
         "summary": {
             "componentsCount": 5,

diff --git a/tests/e2e/sbom-client-server/workload/00-sbom-pod.yaml b/tests/e2e/sbom-client-server/workload/00-sbom-pod.yaml
@@ -3526,7 +3526,7 @@ report:
   scanner:
     name: Trivy
     vendor: Aqua Security
-    version: 0.50.2
+    version: 0.50.4
   summary:
     componentsCount: 110
     dependenciesCount: 110

diff --git a/tests/e2e/sbom-fs/workload/00-sbom-pod.yaml b/tests/e2e/sbom-fs/workload/00-sbom-pod.yaml
@@ -3526,7 +3526,7 @@ report:
   scanner:
     name: Trivy
     vendor: Aqua Security
-    version: 0.50.2
+    version: 0.50.4
   summary:
     componentsCount: 110
     dependenciesCount: 110

diff --git a/tests/e2e/sbom-standalone/workload/00-sbom-pod.yaml b/tests/e2e/sbom-standalone/workload/00-sbom-pod.yaml
@@ -3526,7 +3526,7 @@ report:
   scanner:
     name: Trivy
     vendor: Aqua Security
-    version: 0.50.2
+    version: 0.50.4
   summary:
     componentsCount: 110
     dependenciesCount: 110