Skip to content

release: prepare v0.27.0 #2596

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
simar7 merged 2 commits into from
Jun 9, 2025
Merged

release: prepare v0.27.0 #2596

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
425193c
release: prepare v0.27.0
simar7 Jun 7, 2025
77373f2
deps: bump up trivy image
simar7 Jun 9, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 5 additions & 5 deletions RELEASING.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,17 +46,17 @@
5. Create an annotated git tag and push it to the `upstream`. This will trigger the [`.github/workflows/release.yaml`] workflow

```sh
git tag -v0.26.1 -m 'Release v0.26.1'
git push upstream v0.26.1
git tag -v0.27.0 -m 'Release v0.27.0'
git push upstream v0.27.0
```

6. Verify that the `release` workflow has built and published the following artifacts
1. Trivy-operator container images published to DockerHub
`docker.io/aquasec/trivy-operator:0.26.1`
`docker.io/aquasec/trivy-operator:0.27.0`
2. Trivy-operator container images published to Amazon ECR Public Gallery
`public.ecr.aws/aquasecurity/trivy-operator:0.26.1`
`public.ecr.aws/aquasecurity/trivy-operator:0.27.0`
3. Trivy-operator container images published to GitHub Container Registry
`ghcr.io/aquasecurity/trivy-operator:0.26.1`
`ghcr.io/aquasecurity/trivy-operator:0.27.0`

7. Submit trivy-operator Operator to OperatorHub and ArtifactHUB by opening the PR to the <https://github.com/k8s-operatorhub/community-operators> repository.

Expand Down
2 changes: 1 addition & 1 deletion deploy/helm/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ version: 0.28.1
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
appVersion: 0.26.1
appVersion: 0.27.0

# kubeVersion: A SemVer range of compatible Kubernetes versions (optional)

Expand Down
4 changes: 2 additions & 2 deletions deploy/helm/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# trivy-operator

![Version: 0.28.1](https://img.shields.io/badge/Version-0.28.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.26.1](https://img.shields.io/badge/AppVersion-0.26.1-informational?style=flat-square)
![Version: 0.28.1](https://img.shields.io/badge/Version-0.28.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.27.0](https://img.shields.io/badge/AppVersion-0.27.0-informational?style=flat-square)

Keeps security report resources updated

Expand Down Expand Up @@ -150,7 +150,7 @@ Keeps security report resources updated
| trivy.image.pullPolicy | string | `"IfNotPresent"` | pullPolicy is the imge pull policy used for trivy image , valid values are (Always, Never, IfNotPresent) |
| trivy.image.registry | string | `"mirror.gcr.io"` | registry of the Trivy image |
| trivy.image.repository | string | `"aquasec/trivy"` | repository of the Trivy image |
| trivy.image.tag | string | `"0.62.1"` | tag version of the Trivy image |
| trivy.image.tag | string | `"0.63.0"` | tag version of the Trivy image |
| trivy.imageScanCacheDir | string | `"/tmp/trivy/.cache"` | imageScanCacheDir the flag to set custom path for trivy image scan `cache-dir` parameter. Only applicable in image scan mode. |
| trivy.includeDevDeps | bool | `false` | includeDevDeps include development dependencies in the report (supported: npm, yarn) (default: false) note: this flag is only applicable when trivy.command is set to filesystem |
| trivy.insecureRegistries | object | `{}` | The registry to which insecure connections are allowed. There can be multiple registries with different keys. |
Expand Down
2 changes: 1 addition & 1 deletion deploy/helm/templates/specs/eks-cis-1.4.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: 0.26.1
app.kubernetes.io/version: 0.27.0
app.kubernetes.io/managed-by: kubectl
spec:
cron: {{ .Values.compliance.cron | quote }}
Expand Down
2 changes: 1 addition & 1 deletion deploy/helm/templates/specs/k8s-cis-1.23.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: 0.26.1
app.kubernetes.io/version: 0.27.0
app.kubernetes.io/managed-by: kubectl
spec:
cron: {{ .Values.compliance.cron | quote }}
Expand Down
2 changes: 1 addition & 1 deletion deploy/helm/templates/specs/k8s-nsa-1.0.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: 0.26.1
app.kubernetes.io/version: 0.27.0
app.kubernetes.io/managed-by: kubectl
spec:
cron: {{ .Values.compliance.cron | quote}}
Expand Down
2 changes: 1 addition & 1 deletion deploy/helm/templates/specs/k8s-pss-baseline-0.1.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: 0.26.1
app.kubernetes.io/version: 0.27.0
app.kubernetes.io/managed-by: kubectl
spec:
cron: {{ .Values.compliance.cron | quote}}
Expand Down
2 changes: 1 addition & 1 deletion deploy/helm/templates/specs/k8s-pss-restricted-0.1.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: 0.26.1
app.kubernetes.io/version: 0.27.0
app.kubernetes.io/managed-by: kubectl
spec:
cron: {{ .Values.compliance.cron | quote}}
Expand Down
2 changes: 1 addition & 1 deletion deploy/helm/templates/specs/rke2-cis-1.24.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: 0.26.1
app.kubernetes.io/version: 0.27.0
app.kubernetes.io/managed-by: kubectl
spec:
cron: {{ .Values.compliance.cron | quote}}
Expand Down
2 changes: 1 addition & 1 deletion deploy/helm/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -357,7 +357,7 @@ trivy:
# -- repository of the Trivy image
repository: aquasec/trivy
# -- tag version of the Trivy image
tag: 0.62.1
tag: 0.63.0
# -- imagePullSecret is the secret name to be used when pulling trivy image from private registries example : reg-secret
# It is the user responsibility to create the secret for the private registry in `trivy-operator` namespace
imagePullSecret: ~
Expand Down
2 changes: 1 addition & 1 deletion deploy/static/namespace.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,5 +6,5 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.26.1"
app.kubernetes.io/version: "0.27.0"
app.kubernetes.io/managed-by: kubectl
38 changes: 19 additions & 19 deletions deploy/static/trivy-operator.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2949,7 +2949,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.26.1"
app.kubernetes.io/version: "0.27.0"
app.kubernetes.io/managed-by: kubectl
---
# Source: trivy-operator/templates/configmaps/operator.yaml
Expand All @@ -2961,7 +2961,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.26.1"
app.kubernetes.io/version: "0.27.0"
app.kubernetes.io/managed-by: kubectl
data:
nodeCollector.volumes: "[{\"hostPath\":{\"path\":\"/var/lib/etcd\"},\"name\":\"var-lib-etcd\"},{\"hostPath\":{\"path\":\"/var/lib/kubelet\"},\"name\":\"var-lib-kubelet\"},{\"hostPath\":{\"path\":\"/var/lib/kube-scheduler\"},\"name\":\"var-lib-kube-scheduler\"},{\"hostPath\":{\"path\":\"/var/lib/kube-controller-manager\"},\"name\":\"var-lib-kube-controller-manager\"},{\"hostPath\":{\"path\":\"/etc/systemd\"},\"name\":\"etc-systemd\"},{\"hostPath\":{\"path\":\"/lib/systemd\"},\"name\":\"lib-systemd\"},{\"hostPath\":{\"path\":\"/etc/kubernetes\"},\"name\":\"etc-kubernetes\"},{\"hostPath\":{\"path\":\"/etc/cni/net.d/\"},\"name\":\"etc-cni-netd\"}]"
Expand Down Expand Up @@ -2989,7 +2989,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.26.1"
app.kubernetes.io/version: "0.27.0"
app.kubernetes.io/managed-by: kubectl
data:
OPERATOR_LOG_DEV_MODE: "false"
Expand Down Expand Up @@ -3042,11 +3042,11 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.26.1"
app.kubernetes.io/version: "0.27.0"
app.kubernetes.io/managed-by: kubectl
data:
trivy.repository: "mirror.gcr.io/aquasec/trivy"
trivy.tag: "0.62.1"
trivy.tag: "0.63.0"
trivy.imagePullPolicy: "IfNotPresent"
trivy.additionalVulnerabilityReportFields: ""
trivy.severity: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL"
Expand Down Expand Up @@ -3079,7 +3079,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.26.1"
app.kubernetes.io/version: "0.27.0"
app.kubernetes.io/managed-by: kubectl
data:
---
Expand All @@ -3092,7 +3092,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.26.1"
app.kubernetes.io/version: "0.27.0"
app.kubernetes.io/managed-by: kubectl
data:
---
Expand All @@ -3105,7 +3105,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.26.1"
app.kubernetes.io/version: "0.27.0"
app.kubernetes.io/managed-by: kubectl
spec:
replicas: 1
Expand All @@ -3125,7 +3125,7 @@ spec:
automountServiceAccountToken: true
containers:
- name: "trivy-operator"
image: "mirror.gcr.io/aquasec/trivy-operator:0.26.1"
image: "mirror.gcr.io/aquasec/trivy-operator:0.27.0"
imagePullPolicy: IfNotPresent
env:
- name: OPERATOR_NAMESPACE
Expand Down Expand Up @@ -3186,7 +3186,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.26.1"
app.kubernetes.io/version: "0.27.0"
app.kubernetes.io/managed-by: kubectl
spec:
clusterIP: None
Expand Down Expand Up @@ -3577,7 +3577,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.26.1"
app.kubernetes.io/version: "0.27.0"
app.kubernetes.io/managed-by: kubectl
roleRef:
apiGroup: rbac.authorization.k8s.io
Expand All @@ -3598,7 +3598,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.26.1"
app.kubernetes.io/version: "0.27.0"
app.kubernetes.io/managed-by: kubectl
rules:
- apiGroups:
Expand All @@ -3625,7 +3625,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.26.1"
app.kubernetes.io/version: "0.27.0"
app.kubernetes.io/managed-by: kubectl
roleRef:
apiGroup: rbac.authorization.k8s.io
Expand All @@ -3645,7 +3645,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.26.1"
app.kubernetes.io/version: "0.27.0"
app.kubernetes.io/managed-by: kubectl
rules:
- apiGroups:
Expand Down Expand Up @@ -3675,7 +3675,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.26.1"
app.kubernetes.io/version: "0.27.0"
app.kubernetes.io/managed-by: kubectl
roleRef:
apiGroup: rbac.authorization.k8s.io
Expand All @@ -3695,7 +3695,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.26.1"
app.kubernetes.io/version: "0.27.0"
app.kubernetes.io/managed-by: kubectl
rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
Expand All @@ -3720,7 +3720,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.26.1"
app.kubernetes.io/version: "0.27.0"
app.kubernetes.io/managed-by: kubectl
rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
Expand All @@ -3745,7 +3745,7 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.26.1"
app.kubernetes.io/version: "0.27.0"
app.kubernetes.io/managed-by: kubectl
rbac.authorization.k8s.io/aggregate-to-view: "true"
rbac.authorization.k8s.io/aggregate-to-edit: "true"
Expand All @@ -3770,5 +3770,5 @@ metadata:
labels:
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/version: "0.26.1"
app.kubernetes.io/version: "0.27.0"
app.kubernetes.io/managed-by: kubectl
6 changes: 3 additions & 3 deletions docs/docs/crds/clustercompliance-report.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ metadata:
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/managed-by: kubectl
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/version: 0.26.1
app.kubernetes.io/version: 0.27.0
name: nsa
resourceVersion: "69736"
uid: d9991808-fb2f-4756-842f-8e9205e85b71
Expand Down Expand Up @@ -346,7 +346,7 @@ metadata:
app.kubernetes.io/instance: trivy-operator
app.kubernetes.io/managed-by: kubectl
app.kubernetes.io/name: trivy-operator
app.kubernetes.io/version: 0.26.1
app.kubernetes.io/version: 0.27.0
name: nsa
resourceVersion: "50896"
uid: d9991808-fb2f-4756-842f-8e9205e85b71
Expand Down Expand Up @@ -1346,7 +1346,7 @@ status:
"app.kubernetes.io/instance": "trivy-operator",
"app.kubernetes.io/managed-by": "kubectl",
"app.kubernetes.io/name": "trivy-operator",
"app.kubernetes.io/version": "0.26.1"
"app.kubernetes.io/version": "0.27.0"
},
"name": "cis",
"resourceVersion": "8985",
Expand Down
2 changes: 1 addition & 1 deletion docs/docs/crds/clustervulnerability-report.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ report:
scanner:
name: Trivy
vendor: Aqua Security
version: 0.62.1
version: 0.63.0
summary:
criticalCount: 0
highCount: 4
Expand Down
2 changes: 1 addition & 1 deletion docs/docs/crds/configaudit-report.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ report:
scanner:
name: Trivy
vendor: Aqua Security
version: '0.62.1'
version: '0.63.0'
summary:
criticalCount: 2
highCount: 0
Expand Down
2 changes: 1 addition & 1 deletion docs/docs/crds/exposedsecret-report.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ report:
scanner:
name: Trivy
vendor: Aqua Security
version: 0.62.1
version: 0.63.0
secrets:
- category: Stripe
match: 'publishable_key: *****'
Expand Down
2 changes: 1 addition & 1 deletion docs/docs/crds/infraassessment-report.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -404,7 +404,7 @@ report:
scanner:
name: Trivy
vendor: Aqua Security
version: '0.62.1'
version: '0.63.0'
summary:
criticalCount: 0
highCount: 0
Expand Down
2 changes: 1 addition & 1 deletion docs/docs/crds/rbacassessment-report.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -176,7 +176,7 @@ report:
scanner:
name: Trivy
vendor: Aqua Security
version: '0.62.1'
version: '0.63.0'
summary:
criticalCount: 1
highCount: 0
Expand Down
2 changes: 1 addition & 1 deletion docs/docs/crds/sbom-report.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -162,7 +162,7 @@ report:
scanner:
name: Trivy
vendor: Aqua Security
version: 0.62.1
version: 0.63.0
summary:
componentsCount: 5
dependenciesCount: 5
Expand Down
2 changes: 1 addition & 1 deletion docs/docs/crds/vulnerability-report.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ report:
scanner:
name: Trivy
vendor: Aqua Security
version: 0.62.1
version: 0.63.0
summary:
criticalCount: 2
highCount: 0
Expand Down
4 changes: 2 additions & 2 deletions docs/docs/design/caching_scan_results_by_repo_digest.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -129,5 +129,5 @@ We can't use something like ownerReference since it would delete all vulnerabili
a gate.
* Both Trivy-Operator CLI and Trivy-Operator Operator can read and leverage ClusterVulnerabilityReports.

[Standalone]: https://aquasecurity.github.io/trivy-operator/v0.26.1/integrations/vulnerability-scanners/trivy/#standalone
[ClientServer]: https://aquasecurity.github.io/trivy-operator/v0.26.1/integrations/vulnerability-scanners/trivy/#clientserver
[Standalone]: https://aquasecurity.github.io/trivy-operator/v0.27.0/integrations/vulnerability-scanners/trivy/#standalone
[ClientServer]: https://aquasecurity.github.io/trivy-operator/v0.27.0/integrations/vulnerability-scanners/trivy/#clientserver
4 changes: 2 additions & 2 deletions docs/docs/design/design_compliance_report.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -542,7 +542,7 @@ metadata:
name: clustercompliancereports.aquasecurity.github.io
labels:
app.kubernetes.io/managed-by: trivy-operator
app.kubernetes.io/version: "0.26.1"
app.kubernetes.io/version: "0.27.0"
spec:
group: aquasecurity.github.io
scope: Cluster
Expand Down Expand Up @@ -678,7 +678,7 @@ metadata:
name: clustercompliancedetailreports.aquasecurity.github.io
labels:
app.kubernetes.io/managed-by: trivy-operator
app.kubernetes.io/version: "0.26.1"
app.kubernetes.io/version: "0.27.0"
spec:
group: aquasecurity.github.io
versions:
Expand Down
Loading
Loading