Skip to content

Commit

Permalink
chore: bump up Trivy to v0.58.0 (#2350)
Browse files Browse the repository at this point in the history
* chore: bump up Trivy to v0.58.0

* chore: bumps up dependencies for Trivy v0.58.0

* chore(deps): bump golang.org/x/crypto to 0.31.0 in Trivy
  • Loading branch information
afdesk authored Dec 17, 2024
1 parent 0af96c6 commit a137825
Show file tree
Hide file tree
Showing 5 changed files with 289 additions and 252 deletions.
2 changes: 1 addition & 1 deletion deploy/helm/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -145,7 +145,7 @@ Keeps security report resources updated
| trivy.image.pullPolicy | string | `"IfNotPresent"` | pullPolicy is the imge pull policy used for trivy image , valid values are (Always, Never, IfNotPresent) |
| trivy.image.registry | string | `"mirror.gcr.io"` | registry of the Trivy image |
| trivy.image.repository | string | `"aquasec/trivy"` | repository of the Trivy image |
| trivy.image.tag | string | `"0.57.1"` | tag version of the Trivy image |
| trivy.image.tag | string | `"0.58.0"` | tag version of the Trivy image |
| trivy.imageScanCacheDir | string | `"/tmp/trivy/.cache"` | imageScanCacheDir the flag to set custom path for trivy image scan `cache-dir` parameter. Only applicable in image scan mode. |
| trivy.includeDevDeps | bool | `false` | includeDevDeps include development dependencies in the report (supported: npm, yarn) (default: false) note: this flag is only applicable when trivy.command is set to filesystem |
| trivy.insecureRegistries | object | `{}` | The registry to which insecure connections are allowed. There can be multiple registries with different keys. |
Expand Down
2 changes: 1 addition & 1 deletion deploy/helm/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -340,7 +340,7 @@ trivy:
# -- repository of the Trivy image
repository: aquasec/trivy
# -- tag version of the Trivy image
tag: 0.57.1
tag: 0.58.0
# -- imagePullSecret is the secret name to be used when pulling trivy image from private registries example : reg-secret
# It is the user responsibility to create the secret for the private registry in `trivy-operator` namespace
imagePullSecret: ~
Expand Down
2 changes: 1 addition & 1 deletion deploy/static/trivy-operator.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3045,7 +3045,7 @@ metadata:
app.kubernetes.io/managed-by: kubectl
data:
trivy.repository: "mirror.gcr.io/aquasec/trivy"
trivy.tag: "0.57.1"
trivy.tag: "0.58.0"
trivy.imagePullPolicy: "IfNotPresent"
trivy.additionalVulnerabilityReportFields: ""
trivy.severity: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL"
Expand Down
Loading

0 comments on commit a137825

Please sign in to comment.