Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump Trivy to v0.54.1 #2427

Merged
merged 9 commits into from
Aug 13, 2024
Merged

Bump Trivy to v0.54.1 #2427

merged 9 commits into from
Aug 13, 2024

Conversation

romulets
Copy link
Member

@romulets romulets commented Aug 13, 2024
edited
Loading

Summary of your changes

Bump trivy and fix breaking changes:

Tested on EC2 instance and #2426 actions

@romulets
Bump trivy to v0.49.1
83c00f9
@romulets
Bump trivy to v0.51.4
9f4ab54 
- Fix registry version aquasecurity/trivy#6219; \n- Fix replace zap with slog aquasecurity/trivy#6466; \n  - The fix with slog used a zap to slog bridge (official from zap, but exp). It didn't have a license file, so I hardcoded a commit version that had; \n- Adopt opts.Align() to validate options object;
@romulets
Bump trivy to v0.52.2
872af2d
@romulets
Temp change the workflow trigger to test changes
4fb63b4
@romulets
Free up space on runner
9d4c40f
@romulets
Bump trivy to v0.53.0
f191bb0 
- Fix go clear cache aquasecurity/trivy#7010
@romulets
Bump trivy to v0.54.1
76bb972 
- Fix --vuln-type flag renamed into --pkg-types aquasecurity/trivy#7104; \n- Adopt package relationships aquasecurity/trivy#7237
@romulets
Rollback CI run on target
676e11f
@romulets romulets requested a review from a team as a code owner August 13, 2024 12:46
kubasobon
kubasobon approved these changes Aug 13, 2024
View reviewed changes
Copy link
Member

@kubasobon kubasobon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good. Freeing disk space on GH jobs seems like a necessity these days.

@mergify Mergify
Copy link

mergify bot commented Aug 13, 2024

This pull request is now in conflicts. Could you fix it? 🙏
To fixup this pull request, you can check out it locally. See documentation: https://help.github.com/articles/checking-out-pull-requests-locally/

git fetch upstream
git checkout -b slow-bump-trivy upstream/slow-bump-trivy
git merge upstream/slow-bump-trivy
git push upstream slow-bump-trivy

@romulets romulets changed the base branch from slow-bump-trivy to main August 13, 2024 13:06
@romulets romulets enabled auto-merge (squash) August 13, 2024 13:07
@mergify Mergify
Copy link

mergify bot commented Aug 13, 2024

This pull request does not have a backport label. Could you fix it @romulets? 🙏
To fixup this pull request, you need to add the backport labels for the needed
branches, such as:

  • backport-v./d./d./d is the label to automatically backport to the 8./d branch. /d is the digit
    NOTE: backport-skip has been added to this pull request.

@romulets romulets disabled auto-merge August 13, 2024 13:13
@romulets romulets enabled auto-merge (squash) August 13, 2024 13:30
@romulets romulets merged commit c66d2f0 into elastic:main Aug 13, 2024
22 checks passed
@github-actions GitHub Actions
Copy link

📊 Allure Report - 💚 No failures were reported.

Result Count
🟥 Failed 0
🟩 Passed 331
⬜ Skipped 34

@romulets romulets deleted the slow-bump-trivy branch August 14, 2024 09:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kubasobon kubasobon kubasobon approved these changes

@moukoublen moukoublen moukoublen approved these changes

Assignees

@romulets romulets

Labels
backport-skip
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@romulets @moukoublen @kubasobon