v0.16.1

Changelog

• 4c17f19 Chore/fix magefile running test (#1492)
• 7e51e1f Fixed issues with json key in trivy operator (#1404)
• 0fc8320 build(deps): bump docker/login-action from 2.2.0 to 3.0.0 (#1523)
• 9051d8f build(deps): bump docker/setup-buildx-action from 2 to 3 (#1522)
• 9fe407b build(deps): bump docker/setup-qemu-action from 2 to 3 (#1520)
• a370cc5 build(deps): bump github.com/google/uuid from 1.3.0 to 1.3.1 (#1484)
• be3a0ed build(deps): bump github.com/onsi/ginkgo/v2 from 2.12.0 to 2.12.1 (#1529)
• a104c60 build(deps): bump golang.org/x/net from 0.14.0 to 0.15.0 (#1491)
• 4a19ee6 build(deps): bump golang.org/x/text from 0.12.0 to 0.13.0 (#1483)
• f60993c build(deps): bump goreleaser/goreleaser-action from 4 to 5 (#1521)
• 547d4ce build(deps): bump k8s.io/apimachinery from 0.28.1 to 0.28.2 (#1511)
• b55b392 build(deps): bump k8s.io/cli-runtime from 0.28.1 to 0.28.2 (#1512)
• 9ea923c build(deps): bump peter-evans/repository-dispatch from 1 to 2 (#1506)
• fd84765 build(deps): bump sigs.k8s.io/controller-runtime from 0.16.1 to 0.16.2 (#1507)
• c456031 build(deps): bump sigstore/cosign-installer from 3.1.1 to 3.1.2 (#1480)
• dd840d9 chore: action latest tag (#1489)
• 82345e5 chore: action latest tag (#1490)
• 146e696 chore: alpine vulnerabilities (#1500)
• 81d1c12 chore: bump chore/checkout-action v4 (#1495)
• 50e84a6 chore: bump controller-runtime-0.16.1 (#1505)
• 9a0112f chore: bump node collector 0.8.0 (#1502)
• 8573575 chore: bump trivy-0.45.0 (#1494)
• 4ebc3ae chore: clean cache (#1498)
• 2246081 chore: clean cache tools (#1496)
• 655ede7 chore: clean cache tools-revert (#1497)
• 9354a82 chore: clean release cache (#1499)
• 6b9a3b6 chore: magefile cleanup (#1493)
• 4a65d7c chore: remove cache release (#1526)
• 47a03a9 chore: remove cache release (#1530)
• 4f3a75a chore: split helm chart template files (#1515)
• d2f3538 feat: use TRIVY_SKIP_DB_UPDATE env variable (#1474)
• 8eaef68 fix: disable compressed logs break trivy command (#1516)

v0.16.0

Changelog

• 902c14d adding mage support (#1420)
• c94a8f2 chore: action latest tag (#1487)
• debb8e1 chore: mage namespaces support (#1478)
• cebf7f8 chore: trigger chart publish (#1477)
• a74dfdc Minor syntax fix to the custom values.yaml details in the helm docs (#1458)
• 77b44fe Skip java db update flag (#1444)
• ff61128 Typo Update index.md (#1442)
• d204543 Update helm.md (#1390)
• d8809d1 ability to opt-out persistent volume claim for trivy-server (#1457)
• 9140bcf adding information on cis benchmarks and config audit scans based on Slack question (#1445)
• aef6dcd build(deps): bump github.com/CycloneDX/cyclonedx-go (#1464)
• 37d454e build(deps): bump github.com/google/go-containerregistry (#1424)
• 10ecda6 build(deps): bump github.com/onsi/ginkgo/v2 from 2.11.0 to 2.12.0 (#1465)
• c1f6305 build(deps): bump go.uber.org/automaxprocs from 1.5.2 to 1.5.3 (#1411)
• a655c07 build(deps): bump golang.org/x/net from 0.12.0 to 0.14.0 (#1422)
• 3d8c89d build(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 (#1447)
• 9b6bd4f build(deps): bump k8s.io/api from 0.28.0 to 0.28.1 (#1461)
• e26b36a build(deps): bump k8s.io/apiextensions-apiserver from 0.27.3 to 0.27.4 (#1410)
• cafec10 build(deps): bump k8s.io/cli-runtime from 0.27.3 to 0.27.4 (#1412)
• 5265fa3 build(deps): bump k8s.io/cli-runtime from 0.28.0 to 0.28.1 (#1462)
• 478ec85 build(deps): bump sigs.k8s.io/controller-runtime from 0.15.0 to 0.15.1 (#1436)
• 1a204ba chore: add chart appVersion validation action (#1468)
• 1fbb0e7 chore: bump k8s components 0.28.0 (#1451)
• 4bc323c chore: bump trivy 0.43.1 (#1406)
• 6b23ef9 chore: bump trivy 0.43.1 lib (#1407)
• d92e690 chore: bump trivy 0.44.1 (#1453)
• a45e359 chore: declare missing properties in values.yaml (#1427)
• 49ecc26 chore: refactor workflow naming (#1470)
• 40977b1 chore: reformat chart templates (#1439)
• 0adc1f8 chore: reformat missed chart templates (#1459)
• 4862faf feat: Add optional annotations & endpointAdditionalProperties to ServiceMonitor in helm chart (#1452)
• acdcbb2 feat: Automatically build helm chart on PR merge (#1460)
• 9320ddf feat: add CVE published and updated date (#1433)
• 1ed616d feat: allow changing the default revisionHistoryLimit (#1415)
• d2825cd feat: exclude init containers (#1438)
• 35213ef feat: make trivy-server replicas configurable (#1473)
• f612674 feat: skip db update for clientserver mode (#1440)
• 953dbd7 feat: use serverServiceName as container name (#1472)
• ace1bd5 fix(chart): only create servicemonitor if API supports it (#1403)
• 2d3ad4d fix: add image digest to report (#1446)
• c944cbf fix: add insecure flag for scanning container (#1419)
• 60fbfa2 fix: configure controller cache sync timeout (#1395)
• ee4fcf5 fix: report ttl respect scanner flags (#1432)
• 7fe8c39 preserve unknown fields in vulnerabilityreport (#1455)

v0.16.0-rc

Changelog

• a74dfdc Minor syntax fix to the custom values.yaml details in the helm docs (#1458)
• 77b44fe Skip java db update flag (#1444)
• ff61128 Typo Update index.md (#1442)
• d204543 Update helm.md (#1390)
• d8809d1 ability to opt-out persistent volume claim for trivy-server (#1457)
• 9140bcf adding information on cis benchmarks and config audit scans based on Slack question (#1445)
• aef6dcd build(deps): bump github.com/CycloneDX/cyclonedx-go (#1464)
• 37d454e build(deps): bump github.com/google/go-containerregistry (#1424)
• 10ecda6 build(deps): bump github.com/onsi/ginkgo/v2 from 2.11.0 to 2.12.0 (#1465)
• c1f6305 build(deps): bump go.uber.org/automaxprocs from 1.5.2 to 1.5.3 (#1411)
• a655c07 build(deps): bump golang.org/x/net from 0.12.0 to 0.14.0 (#1422)
• 3d8c89d build(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 (#1447)
• 9b6bd4f build(deps): bump k8s.io/api from 0.28.0 to 0.28.1 (#1461)
• e26b36a build(deps): bump k8s.io/apiextensions-apiserver from 0.27.3 to 0.27.4 (#1410)
• cafec10 build(deps): bump k8s.io/cli-runtime from 0.27.3 to 0.27.4 (#1412)
• 5265fa3 build(deps): bump k8s.io/cli-runtime from 0.28.0 to 0.28.1 (#1462)
• 478ec85 build(deps): bump sigs.k8s.io/controller-runtime from 0.15.0 to 0.15.1 (#1436)
• 1a204ba chore: add chart appVersion validation action (#1468)
• 1fbb0e7 chore: bump k8s components 0.28.0 (#1451)
• 4bc323c chore: bump trivy 0.43.1 (#1406)
• 6b23ef9 chore: bump trivy 0.43.1 lib (#1407)
• d92e690 chore: bump trivy 0.44.1 (#1453)
• a45e359 chore: declare missing properties in values.yaml (#1427)
• 49ecc26 chore: refactor workflow naming (#1470)
• 40977b1 chore: reformat chart templates (#1439)
• 0adc1f8 chore: reformat missed chart templates (#1459)
• 4862faf feat: Add optional annotations & endpointAdditionalProperties to ServiceMonitor in helm chart (#1452)
• acdcbb2 feat: Automatically build helm chart on PR merge (#1460)
• 9320ddf feat: add CVE published and updated date (#1433)
• 1ed616d feat: allow changing the default revisionHistoryLimit (#1415)
• d2825cd feat: exclude init containers (#1438)
• 35213ef feat: make trivy-server replicas configurable (#1473)
• f612674 feat: skip db update for clientserver mode (#1440)
• 953dbd7 feat: use serverServiceName as container name (#1472)
• ace1bd5 fix(chart): only create servicemonitor if API supports it (#1403)
• 2d3ad4d fix: add image digest to report (#1446)
• c944cbf fix: add insecure flag for scanning container (#1419)
• 60fbfa2 fix: configure controller cache sync timeout (#1395)
• ee4fcf5 fix: report ttl respect scanner flags (#1432)
• 7fe8c39 preserve unknown fields in vulnerabilityreport (#1455)

v0.15.1

Changelog

• 2d16ef1 build(deps): bump actions/setup-python from 4.6.1 to 4.7.0 (#1367)
• ca7463f build(deps): bump github.com/onsi/gomega from 1.27.8 to 1.27.10 (#1375)
• 90c588e build(deps): bump helm/kind-action from 1.7.0 to 1.8.0 (#1368)
• 12af8d9 build(deps): bump k8s.io/apimachinery from 0.27.3 to 0.27.4 (#1374)
• 9b5ab94 build(deps): bump k8s.io/client-go from 0.27.3 to 0.27.4 (#1376)
• e616e7b feat: add automaxprocs to auto set GOMAXPROCS (#1363)
• 601d552 fix: helm sets wrong value for OPERATOR_SBOM_GENERATION_ENABLED (#1381) (#1382)
• f9f5390 fix: metrics info not showing (#1385)
• f66f713 fix: respect disabled exposed secrets (#1373)
• 17d2081 fix: sbomReport: wrong type of SpecVersion field (#1378)

v0.15.0

Changelog

• 78928ce fix: remove sbom ttl (#1358)
• ce828a8 Add detail configaudit info as prometheus metric (#1302)
• d3a1de1 Add detail rbacassessment,infraassessment info prometheus Metrics (#1331)
• b1caf82 Fix ClientServer scan (#1344)
• b234920 bugfix: rbac resource with capital letter name (#1322)
• f3717df build(deps): bump docker/login-action from 2.1.0 to 2.2.0 (#1290)
• d076496 build(deps): bump github.com/CycloneDX/cyclonedx-go from 0.7.0 to 0.7.1 (#1350)
• ed870f8 build(deps): bump github.com/aquasecurity/trivy from 0.42.0 to 0.42.1 (#1291)
• ad76ff2 build(deps): bump github.com/aquasecurity/trivy-kubernetes (#1292)
• 7244d21 build(deps): bump github.com/onsi/ginkgo/v2 from 2.10.0 to 2.11.0 (#1316)
• 8d935af build(deps): bump github.com/onsi/ginkgo/v2 from 2.9.7 to 2.10.0 (#1294)
• 8a92009 build(deps): bump github.com/onsi/gomega from 1.27.7 to 1.27.8 (#1293)
• 92ab9f2 build(deps): bump github.com/prometheus/client_golang (#1313)
• 50df668 build(deps): bump golang.org/x/net from 0.10.0 to 0.11.0 (#1314)
• 961e539 build(deps): bump golang.org/x/net from 0.11.0 to 0.12.0 (#1352)
• d14acfd build(deps): bump golang.org/x/text from 0.10.0 to 0.11.0 (#1351)
• d901d28 build(deps): bump golangci/golangci-lint-action from 3.5.0 to 3.6.0 (#1289)
• f2671ae build(deps): bump k8s.io/apiextensions-apiserver from 0.27.2 to 0.27.3 (#1328)
• 5f9a7a0 build(deps): bump k8s.io/cli-runtime from 0.27.2 to 0.27.3 (#1317)
• 24fc44c build(deps): bump sigstore/cosign-installer from 3.0.5 to 3.1.0 (#1327)
• a86c762 build(deps): bump sigstore/cosign-installer from 3.1.0 to 3.1.1 (#1338)
• 345e2c2 feat: Support scan latest revision for replicationController (#1324)
• 1b69d4a feat: add pkgPath to vulnerability report (#1285)
• 4c8f373 feat: create "trivy_vulerability_id" metric for each occurence (#1343)
• 7fe47f9 feat: enrich compliance report with rbac assessment checks data (#1309)
• 787f3f9 fix: config secret scan fs mode (#1301)
• b92f8b7 fix: link to documentation (#1304)
• b33bc6f fix: outdated-api applied last version support (#1347)
• cb0e940 fix: pkgPath name name update (#1340)
• 546dd9c fix: sbom generation enable by default (#1355)
• 4ff5d8a fix: sbom report support (#1346)

v0.15.0-rc

Changelog

• ce828a8 Add detail configaudit info as prometheus metric (#1302)
• d3a1de1 Add detail rbacassessment,infraassessment info prometheus Metrics (#1331)
• b1caf82 Fix ClientServer scan (#1344)
• b234920 bugfix: rbac resource with capital letter name (#1322)
• f3717df build(deps): bump docker/login-action from 2.1.0 to 2.2.0 (#1290)
• d076496 build(deps): bump github.com/CycloneDX/cyclonedx-go from 0.7.0 to 0.7.1 (#1350)
• ed870f8 build(deps): bump github.com/aquasecurity/trivy from 0.42.0 to 0.42.1 (#1291)
• ad76ff2 build(deps): bump github.com/aquasecurity/trivy-kubernetes (#1292)
• 7244d21 build(deps): bump github.com/onsi/ginkgo/v2 from 2.10.0 to 2.11.0 (#1316)
• 8d935af build(deps): bump github.com/onsi/ginkgo/v2 from 2.9.7 to 2.10.0 (#1294)
• 8a92009 build(deps): bump github.com/onsi/gomega from 1.27.7 to 1.27.8 (#1293)
• 92ab9f2 build(deps): bump github.com/prometheus/client_golang (#1313)
• 50df668 build(deps): bump golang.org/x/net from 0.10.0 to 0.11.0 (#1314)
• 961e539 build(deps): bump golang.org/x/net from 0.11.0 to 0.12.0 (#1352)
• d14acfd build(deps): bump golang.org/x/text from 0.10.0 to 0.11.0 (#1351)
• d901d28 build(deps): bump golangci/golangci-lint-action from 3.5.0 to 3.6.0 (#1289)
• f2671ae build(deps): bump k8s.io/apiextensions-apiserver from 0.27.2 to 0.27.3 (#1328)
• 5f9a7a0 build(deps): bump k8s.io/cli-runtime from 0.27.2 to 0.27.3 (#1317)
• 24fc44c build(deps): bump sigstore/cosign-installer from 3.0.5 to 3.1.0 (#1327)
• a86c762 build(deps): bump sigstore/cosign-installer from 3.1.0 to 3.1.1 (#1338)
• 345e2c2 feat: Support scan latest revision for replicationController (#1324)
• 1b69d4a feat: add pkgPath to vulnerability report (#1285)
• 4c8f373 feat: create "trivy_vulerability_id" metric for each occurence (#1343)
• 7fe47f9 feat: enrich compliance report with rbac assessment checks data (#1309)
• 787f3f9 fix: config secret scan fs mode (#1301)
• b92f8b7 fix: link to documentation (#1304)
• b33bc6f fix: outdated-api applied last version support (#1347)
• cb0e940 fix: pkgPath name name update (#1340)
• 546dd9c fix: sbom generation enable by default (#1355)
• 4ff5d8a fix: sbom report support (#1346)

v0.14.1

Changelog

• cb5472e chore: auto generate helm docs (#1278)
• 374c74a chore: configure server security context (#1275)
• dd02f4d chore: fix CVE-2023-2650 (#1280)
• c5f72b2 chore: workload identity settings (#1282)
• 63b6dd9 feat: azure workload identity support (#1267)
• 3fac57d feat: node collector annotation support (#1272)
• 97ffcb5 fix: ignore policy regex not working (#1271)
• 870be2c fix: specify confirmation in cosign invocation (#1277)
• c86f7e1 pointing out Helm Chart customisation (#1276)

v0.14.1-rc

Changelog

• 30bdb98 build(deps): bump sigstore/cosign-installer from 2.8.1 to 3.0.5 (#1230)
• cb5472e chore: auto generate helm docs (#1278)
• 374c74a chore: configure server security context (#1275)
• dd02f4d chore: fix CVE-2023-2650 (#1280)
• 8e8cac1 chore: verify helm docs (#1283)
• c5f72b2 chore: workload identity settings (#1282)
• 63b6dd9 feat: azure workload identity support (#1267)
• 3fac57d feat: node collector annotation support (#1272)
• 97ffcb5 fix: ignore policy regex not working (#1271)
• 870be2c fix: specify confirmation in cosign invocation (#1277)
• c86f7e1 pointing out Helm Chart customisation (#1276)

v0.14.0

Changelog

• 953023e build(deps): bump github.com/onsi/ginkgo/v2 from 2.9.5 to 2.9.7 (#1263)
• 5d27b6d build(deps): bump github.com/stretchr/testify from 1.8.3 to 1.8.4 (#1264)
• 34ff98a build(deps): bump golangci/golangci-lint-action from 3.4.0 to 3.5.0 (#1261)
• de4b63e chore: bump trivy v0.42.0 (#1265)
• e2362fa fix: honor ephemeralStorage,if set (#1259)
• 3e528c2 fix: vulnerabilities report not created after k8s v1.27.x (#1252)
• 773f8e3 Add support fo legacy dockercfg in scan jobs (#1183)
• 426c6e3 Add tolerations to trivy-server template (#1189)
• 8f297a8 Read object before compare to avoid wrong cached data (#1216)
• e866712 build(deps): bump actions/setup-python from 4.5.0 to 4.6.0 (#1186)
• 474ce56 build(deps): bump actions/setup-python from 4.6.0 to 4.6.1 (#1244)
• 6bb3728 build(deps): bump github.com/aquasecurity/trivy-kubernetes (#1221)
• cd598cf build(deps): bump github.com/aquasecurity/trivy-kubernetes (#1236)
• 176ac95 build(deps): bump github.com/aquasecurity/trivy-kubernetes (#1245)
• cc39b09 build(deps): bump github.com/google/go-containerregistry (#1214)
• db0a902 build(deps): bump github.com/google/go-containerregistry (#1246)
• 56cacf4 build(deps): bump github.com/onsi/ginkgo/v2 from 2.9.2 to 2.9.4 (#1213)
• 382b065 build(deps): bump github.com/onsi/ginkgo/v2 from 2.9.4 to 2.9.5 (#1219)
• b7ed779 build(deps): bump github.com/onsi/gomega from 1.27.6 to 1.27.7 (#1233)
• e5ba124 build(deps): bump github.com/prometheus/client_golang (#1215)
• 7e7f60a build(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (#1232)
• 0084e04 build(deps): bump golang.org/x/net from 0.9.0 to 0.10.0 (#1220)
• 672ae10 build(deps): bump helm/kind-action from 1.5.0 to 1.7.0 (#1231)
• f30fbe0 chore: add code owners (#1209)
• bc3f9f7 chore: bump defsec v0.89.0 (#1248)
• 15be234 chore: bump defsec-0.87.0 (#1199)
• 000c153 chore: bump k8s.io-api to v0.27.2 (#1242)
• bc57ecc chore: bump trivy 0.41.0 (#1200)
• 4c3ea53 chore: compliance crd output wide support (#1193)
• cfa87e5 chore: compliance cron quotes (#1229)
• 4e63f0c feat: certificate authority scan-job support (#1212)
• ce4ca43 feat: exclude node scanning by node labels (#1239)
• 6b29e21 feat: image config secret scanner support (#1218)
• b5d5905 feat: scanning filter by vuln-type (#1184)
• e909545 feat: skip dirs and files by resource annotation (#1227)
• 8098953 fix: check kubelet config (#1211)
• 56b96bb fix: pod spec hash issues when using image mirroring (#1205)
• bebbad4 fix: specify trivy-server persistentvolumeclaim for argocd sync (#1207)

v0.14.0-rc

Changelog

• 773f8e3 Add support fo legacy dockercfg in scan jobs (#1183)
• 426c6e3 Add tolerations to trivy-server template (#1189)
• 8f297a8 Read object before compare to avoid wrong cached data (#1216)
• e866712 build(deps): bump actions/setup-python from 4.5.0 to 4.6.0 (#1186)
• 474ce56 build(deps): bump actions/setup-python from 4.6.0 to 4.6.1 (#1244)
• 6bb3728 build(deps): bump github.com/aquasecurity/trivy-kubernetes (#1221)
• cd598cf build(deps): bump github.com/aquasecurity/trivy-kubernetes (#1236)
• 176ac95 build(deps): bump github.com/aquasecurity/trivy-kubernetes (#1245)
• cc39b09 build(deps): bump github.com/google/go-containerregistry (#1214)
• db0a902 build(deps): bump github.com/google/go-containerregistry (#1246)
• 56cacf4 build(deps): bump github.com/onsi/ginkgo/v2 from 2.9.2 to 2.9.4 (#1213)
• 382b065 build(deps): bump github.com/onsi/ginkgo/v2 from 2.9.4 to 2.9.5 (#1219)
• b7ed779 build(deps): bump github.com/onsi/gomega from 1.27.6 to 1.27.7 (#1233)
• e5ba124 build(deps): bump github.com/prometheus/client_golang (#1215)
• 7e7f60a build(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (#1232)
• 0084e04 build(deps): bump golang.org/x/net from 0.9.0 to 0.10.0 (#1220)
• 672ae10 build(deps): bump helm/kind-action from 1.5.0 to 1.7.0 (#1231)
• f30fbe0 chore: add code owners (#1209)
• bc3f9f7 chore: bump defsec v0.89.0 (#1248)
• 15be234 chore: bump defsec-0.87.0 (#1199)
• 000c153 chore: bump k8s.io-api to v0.27.2 (#1242)
• bc57ecc chore: bump trivy 0.41.0 (#1200)
• 4c3ea53 chore: compliance crd output wide support (#1193)
• cfa87e5 chore: compliance cron quotes (#1229)
• 4e63f0c feat: certificate authority scan-job support (#1212)
• ce4ca43 feat: exclude node scanning by node labels (#1239)
• 6b29e21 feat: image config secret scanner support (#1218)
• b5d5905 feat: scanning filter by vuln-type (#1184)
• e909545 feat: skip dirs and files by resource annotation (#1227)
• 8098953 fix: check kubelet config (#1211)
• 56b96bb fix: pod spec hash issues when using image mirroring (#1205)
• bebbad4 fix: specify trivy-server persistentvolumeclaim for argocd sync (#1207)