diff --git a/deploy/helm/README.md b/deploy/helm/README.md index a3469e623..a7155efd8 100644 --- a/deploy/helm/README.md +++ b/deploy/helm/README.md @@ -31,7 +31,7 @@ Keeps security report resources updated | nodeCollector.imagePullSecret | string | `nil` | imagePullSecret is the secret name to be used when pulling node-collector image from private registries example : reg-secret It is the user responsibility to create the secret for the private registry in `trivy-operator` namespace | | nodeCollector.registry | string | `"ghcr.io"` | registry of the node-collector image | | nodeCollector.repository | string | `"aquasecurity/node-collector"` | repository of the node-collector image | -| nodeCollector.tag | string | `"0.0.8"` | tag version of the node-collector image | +| nodeCollector.tag | string | `"0.0.9"` | tag version of the node-collector image | | nodeCollector.volumeMounts | list | `[{"mountPath":"/var/lib/etcd","name":"var-lib-etcd","readOnly":true},{"mountPath":"/var/lib/kubelet","name":"var-lib-kubelet","readOnly":true},{"mountPath":"/var/lib/kube-scheduler","name":"var-lib-kube-scheduler","readOnly":true},{"mountPath":"/var/lib/kube-controller-manager","name":"var-lib-kube-controller-manager","readOnly":true},{"mountPath":"/etc/systemd","name":"etc-systemd","readOnly":true},{"mountPath":"/lib/systemd/","name":"lib-systemd","readOnly":true},{"mountPath":"/etc/kubernetes","name":"etc-kubernetes","readOnly":true},{"mountPath":"/etc/cni/net.d/","name":"etc-cni-netd","readOnly":true}]` | node-collector pod volume mounts definition for collecting config files information | | nodeCollector.volumes | list | `[{"hostPath":{"path":"/var/lib/etcd"},"name":"var-lib-etcd"},{"hostPath":{"path":"/var/lib/kubelet"},"name":"var-lib-kubelet"},{"hostPath":{"path":"/var/lib/kube-scheduler"},"name":"var-lib-kube-scheduler"},{"hostPath":{"path":"/var/lib/kube-controller-manager"},"name":"var-lib-kube-controller-manager"},{"hostPath":{"path":"/etc/systemd"},"name":"etc-systemd"},{"hostPath":{"path":"/lib/systemd"},"name":"lib-systemd"},{"hostPath":{"path":"/etc/kubernetes"},"name":"etc-kubernetes"},{"hostPath":{"path":"/etc/cni/net.d/"},"name":"etc-cni-netd"}]` | node-collector pod volumes definition for collecting config files information | | nodeSelector | object | `{}` | nodeSelector set the operator nodeSelector | diff --git a/deploy/helm/values.yaml b/deploy/helm/values.yaml index 8be3962d3..09e1e2016 100644 --- a/deploy/helm/values.yaml +++ b/deploy/helm/values.yaml @@ -558,7 +558,7 @@ nodeCollector: # -- repository of the node-collector image repository: aquasecurity/node-collector # -- tag version of the node-collector image - tag: 0.0.8 + tag: 0.0.9 # -- imagePullSecret is the secret name to be used when pulling node-collector image from private registries example : reg-secret # It is the user responsibility to create the secret for the private registry in `trivy-operator` namespace imagePullSecret: ~ diff --git a/deploy/static/trivy-operator.yaml b/deploy/static/trivy-operator.yaml index 82bfaacfe..8b8fe8f19 100644 --- a/deploy/static/trivy-operator.yaml +++ b/deploy/static/trivy-operator.yaml @@ -2454,7 +2454,7 @@ data: configAuditReports.scanner: "Trivy" compliance.failEntriesLimit: "10" report.recordFailedChecksOnly: "true" - node.collector.imageRef: "ghcr.io/aquasecurity/node-collector:0.0.8" + node.collector.imageRef: "ghcr.io/aquasecurity/node-collector:0.0.9" --- # Source: trivy-operator/templates/configmaps/policies.yaml apiVersion: v1 diff --git a/go.mod b/go.mod index 7f6cf725c..4036aa576 100644 --- a/go.mod +++ b/go.mod @@ -6,7 +6,7 @@ require ( github.com/CycloneDX/cyclonedx-go v0.7.2 github.com/aquasecurity/defsec v0.93.1 github.com/aquasecurity/trivy v0.47.0 - github.com/aquasecurity/trivy-kubernetes v0.5.9-0.20231019164303-dcdfdc50763f + github.com/aquasecurity/trivy-kubernetes v0.5.9-0.20231115100645-921512b4d163 github.com/bluele/gcache v0.0.2 github.com/caarlos0/env/v6 v6.10.1 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc diff --git a/go.sum b/go.sum index 1b962ba8e..19b604d99 100644 --- a/go.sum +++ b/go.sum @@ -722,8 +722,8 @@ github.com/aquasecurity/trivy-db v0.0.0-20231020043206-3770774790ce h1:53T1cV67m github.com/aquasecurity/trivy-db v0.0.0-20231020043206-3770774790ce/go.mod h1:cj9/QmD9N3OZnKQMp+/DvdV+ym3HyIkd4e+F0ZM3ZGs= github.com/aquasecurity/trivy-java-db v0.0.0-20230514115002-fb1b70d903ce h1:WzPuUf6V4S4jGcxf5d4o+HJjNne/xxBAQWJ46Z7eCTE= github.com/aquasecurity/trivy-java-db v0.0.0-20230514115002-fb1b70d903ce/go.mod h1:Ldya37FLi0e/5Cjq2T5Bty7cFkzUDwTcPeQua+2M8i8= -github.com/aquasecurity/trivy-kubernetes v0.5.9-0.20231019164303-dcdfdc50763f h1:HDWxGTNMAeX8LFUDQKME+JwE2sPkFEFLso1OicnoXgw= -github.com/aquasecurity/trivy-kubernetes v0.5.9-0.20231019164303-dcdfdc50763f/go.mod h1:k2Nf7s+Gx88BZE/yjBv7Kqdng/quv/hwaYI2bjSWFqY= +github.com/aquasecurity/trivy-kubernetes v0.5.9-0.20231115100645-921512b4d163 h1:6TsI0lQN7H/d3pM5vK1/taYbWMgnNYEOk+V2ydBdg0s= +github.com/aquasecurity/trivy-kubernetes v0.5.9-0.20231115100645-921512b4d163/go.mod h1:u+rEg3lTLpv3EJVSC7HOhWWlUwuuxlfczMncYPMqTPI= github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0 h1:jfIu9sQUG6Ig+0+Ap1h4unLjW6YQJpKZVmUzxsD4E/Q= github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0/go.mod h1:t2tdKJDJF9BV14lnkjHmOQgcvEKgtqs5a1N3LNdJhGE= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio=