chore: bump trivy v0.49.1 (#1842)

Signed-off-by: chenk <[email protected]>
aquasecurity · Feb 8, 2024 · 82433ce · 82433ce
1 parent ddca9a2
commit 82433ce
Show file tree

Hide file tree

Showing 13 changed files with 13 additions and 13 deletions.
diff --git a/deploy/helm/README.md b/deploy/helm/README.md
@@ -121,7 +121,7 @@ Keeps security report resources updated
 | trivy.image.pullPolicy | string | `"IfNotPresent"` | pullPolicy is the imge pull policy used for trivy image , valid values are (Always, Never, IfNotPresent) |
 | trivy.image.registry | string | `"ghcr.io"` | registry of the Trivy image |
 | trivy.image.repository | string | `"aquasecurity/trivy"` | repository of the Trivy image |
-| trivy.image.tag | string | `"0.48.2"` | tag version of the Trivy image |
+| trivy.image.tag | string | `"0.49.1"` | tag version of the Trivy image |
 | trivy.imageScanCacheDir | string | `"/tmp/trivy/.cache"` | imageScanCacheDir the flag to set custom path for trivy image scan `cache-dir` parameter. Only applicable in image scan mode. |
 | trivy.includeDevDeps | bool | `false` | includeDevDeps include development dependencies in the report (supported: npm, yarn) (default: false) note: this flag is only applicable when trivy.command is set to filesystem |
 | trivy.insecureRegistries | object | `{}` | The registry to which insecure connections are allowed. There can be multiple registries with different keys. |

diff --git a/deploy/helm/values.yaml b/deploy/helm/values.yaml
@@ -286,7 +286,7 @@ trivy:
     # -- repository of the Trivy image
     repository: aquasecurity/trivy
     # -- tag version of the Trivy image
-    tag: 0.48.2
+    tag: 0.49.1
     # -- imagePullSecret is the secret name to be used when pulling trivy image from private registries example : reg-secret
     # It is the user responsibility to create the secret for the private registry in `trivy-operator` namespace
     imagePullSecret: ~

diff --git a/deploy/static/trivy-operator.yaml b/deploy/static/trivy-operator.yaml
@@ -2790,7 +2790,7 @@ metadata:
     app.kubernetes.io/managed-by: kubectl
 data:
   trivy.repository: "ghcr.io/aquasecurity/trivy"
-  trivy.tag: "0.48.2"
+  trivy.tag: "0.49.1"
   trivy.imagePullPolicy: "IfNotPresent"
   trivy.additionalVulnerabilityReportFields: ""
   trivy.severity: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL"

diff --git a/docs/docs/crds/clustervulnerability-report.md b/docs/docs/crds/clustervulnerability-report.md
@@ -43,7 +43,7 @@ report:
   scanner:
     name: Trivy
     vendor: Aqua Security
-    version: 0.48.2
+    version: 0.49.1
   summary:
     criticalCount: 0
     highCount: 4

diff --git a/docs/docs/crds/sbom-report.md b/docs/docs/crds/sbom-report.md
@@ -162,7 +162,7 @@ report:
   scanner:
     name: Trivy
     vendor: Aqua Security
-    version: 0.48.2
+    version: 0.49.1
   summary:
     componentsCount: 5
     dependenciesCount: 5

diff --git a/pkg/plugins/trivy/config_test.go b/pkg/plugins/trivy/config_test.go
@@ -725,7 +725,7 @@ func TestPlugin_Init(t *testing.T) {
 			},
 			Data: map[string]string{
 				"trivy.repository":                DefaultImageRepository,
-				"trivy.tag":                       "0.48.2",
+				"trivy.tag":                       "0.49.1",
 				"trivy.severity":                  DefaultSeverity,
 				"trivy.slow":                      "true",
 				"trivy.mode":                      string(Standalone),

diff --git a/pkg/plugins/trivy/jobspec_test.go b/pkg/plugins/trivy/jobspec_test.go
diff --git a/pkg/plugins/trivy/plugin.go b/pkg/plugins/trivy/plugin.go
@@ -80,7 +80,7 @@ func (p *plugin) Init(ctx trivyoperator.PluginContext) error {
 	return ctx.EnsureConfig(trivyoperator.PluginConfig{
 		Data: map[string]string{
 			keyTrivyImageRepository:           DefaultImageRepository,
-			keyTrivyImageTag:                  "0.48.2",
+			keyTrivyImageTag:                  "0.49.1",
 			KeyTrivySeverity:                  DefaultSeverity,
 			keyTrivySlow:                      "true",
 			keyTrivyMode:                      string(Standalone),

diff --git a/pkg/plugins/trivy/testdata/fixture/alpine_sbom.json b/pkg/plugins/trivy/testdata/fixture/alpine_sbom.json
@@ -10,7 +10,7 @@
             {
                 "vendor": "aquasecurity",
                 "name": "trivy",
-                "version": "0.48.2"
+                "version": "0.49.1"
             }
         ],
         "component": {

diff --git a/pkg/vulnerabilityreport/controller/testdata/sbom.json b/pkg/vulnerabilityreport/controller/testdata/sbom.json
@@ -243,7 +243,7 @@
         "scanner": {
             "name": "Trivy",
             "vendor": "Aqua Security",
-            "version": "0.48.2"
+            "version": "0.49.1"
         },
         "summary": {
             "componentsCount": 5,

diff --git a/tests/e2e/sbom-client-server/workload/00-sbom-pod.yaml b/tests/e2e/sbom-client-server/workload/00-sbom-pod.yaml
@@ -3524,7 +3524,7 @@ report:
   scanner:
     name: Trivy
     vendor: Aqua Security
-    version: 0.48.2
+    version: 0.49.1
   summary:
     componentsCount: 110
     dependenciesCount: 110

diff --git a/tests/e2e/sbom-fs/workload/00-sbom-pod.yaml b/tests/e2e/sbom-fs/workload/00-sbom-pod.yaml
@@ -3524,7 +3524,7 @@ report:
   scanner:
     name: Trivy
     vendor: Aqua Security
-    version: 0.48.2
+    version: 0.49.1
   summary:
     componentsCount: 110
     dependenciesCount: 110

diff --git a/tests/e2e/sbom-standalone/workload/00-sbom-pod.yaml b/tests/e2e/sbom-standalone/workload/00-sbom-pod.yaml
@@ -3524,7 +3524,7 @@ report:
   scanner:
     name: Trivy
     vendor: Aqua Security
-    version: 0.48.2
+    version: 0.49.1
   summary:
     componentsCount: 110
     dependenciesCount: 110