From d04021022c4bc8bd90f8372f39a87c5ac039fa16 Mon Sep 17 00:00:00 2001 From: secureCodeBoxBot Date: Thu, 18 Nov 2021 09:34:33 +0000 Subject: [PATCH 1/3] Upgrading kubeaudit from v0.14.2 to v0.15.0 Signed-off-by: secureCodeBoxBot ## Release changes : ## Summary CODE_OF_CONDUCT.md CONTRIBUTING.md CONTRIBUTORS.md DCO LICENSE LICENSES Makefile README.md SECURITY.md UPGRADING.md Vagrantfile auto-discovery bin common.mk demo-targets docs hook-sdk hooks hooks.mk lurker operator package-lock.json package-lock.json.license package.json package.json.license parser-sdk scanners scanners.mk sdk.mk tests Adds support for `Job` resources - thank you @superbrothers for this contribution! CODE_OF_CONDUCT.md CONTRIBUTING.md CONTRIBUTORS.md DCO LICENSE LICENSES Makefile README.md SECURITY.md UPGRADING.md Vagrantfile auto-discovery bin common.mk demo-targets docs hook-sdk hooks hooks.mk lurker operator package-lock.json package-lock.json.license package.json package.json.license parser-sdk scanners scanners.mk sdk.mk tests Adds option to disable colour output when using `pretty` formatting (package only) CODE_OF_CONDUCT.md CONTRIBUTING.md CONTRIBUTORS.md DCO LICENSE LICENSES Makefile README.md SECURITY.md UPGRADING.md Vagrantfile auto-discovery bin common.mk demo-targets docs hook-sdk hooks hooks.mk lurker operator package-lock.json package-lock.json.license package.json package.json.license parser-sdk scanners scanners.mk sdk.mk tests Enabled Dependabot and updates dependencies ## Changelog b68cabd Update version to 0.15.0 (#372) 7f54326 Bump github.com/jetstack/cert-manager from 1.6.0 to 1.6.1 (#371) 9cdecb3 Bump k8s.io/apiextensions-apiserver from 0.22.2 to 0.22.3 (#368) 6cc7a75 Add support for kind Job (#370) 0ef3005 Bump github.com/jetstack/cert-manager from 1.5.4 to 1.6.0 (#365) e5c797a Bump k8s.io/apimachinery from 0.22.2 to 0.22.3 (#369) d597928 Bump k8s.io/apiextensions-apiserver from 0.21.3 to 0.22.2 (#362) 79cce8c Remove wip probot (#364) 700c39f Bump github.com/jetstack/cert-manager from 1.4.1 to 1.5.4 (#363) fe44171 Fix dependabot (#358) 374a428 Support parsing for server specs (#356) 50c618b Add Support for Services (#353) 7b57f85 Update dependencies and add dependabot (#354) 2d8282c Make k8s and override packages public (#351) 47c31d5 Add option to disable printing results in color (#350) ca64457 Remove deprecated mountds auditor (#349) 863e367 Remove example dependency on internal packages (#348) ## Docker images - `docker pull shopify/kubeaudit:latest` - `docker pull shopify/kubeaudit:0.15.0` - `docker pull shopify/kubeaudit:v0.15` --- scanners/kubeaudit/Chart.yaml | 5 +---- scanners/kubeaudit/README.md | 2 +- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/scanners/kubeaudit/Chart.yaml b/scanners/kubeaudit/Chart.yaml index d8d7687b4c..fac699a86a 100644 --- a/scanners/kubeaudit/Chart.yaml +++ b/scanners/kubeaudit/Chart.yaml @@ -5,15 +5,12 @@ apiVersion: v2 name: kubeaudit description: A Helm chart for the kubeaudit security scanner that integrates with the secureCodeBox. - type: application version: v3.1.0-alpha1 -appVersion: "v0.14.2" +appVersion: "v0.15.0" kubeVersion: ">=v1.11.0-0" - annotations: versionApi: https://api.github.com/repos/Shopify/kubeaudit/releases/latest - keywords: - security - kubeaudit diff --git a/scanners/kubeaudit/README.md b/scanners/kubeaudit/README.md index 8f2da2bdc6..c091b5ebd8 100644 --- a/scanners/kubeaudit/README.md +++ b/scanners/kubeaudit/README.md @@ -3,7 +3,7 @@ title: "Kubeaudit" category: "scanner" type: "Kubernetes" state: "released" -appVersion: "v0.14.2" +appVersion: "v0.15.0" usecase: "Kubernetes Configuration Scanner" --- From 341ccd031dbffe91425dfd509e09b20088ac9f58 Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Thu, 18 Nov 2021 12:46:36 +0100 Subject: [PATCH 2/3] try removing the v from kubeaudit release Signed-off-by: Jannik Hollenbach --- scanners/kubeaudit/Chart.yaml | 2 +- scanners/kubeaudit/README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/scanners/kubeaudit/Chart.yaml b/scanners/kubeaudit/Chart.yaml index fac699a86a..7cd305abe7 100644 --- a/scanners/kubeaudit/Chart.yaml +++ b/scanners/kubeaudit/Chart.yaml @@ -7,7 +7,7 @@ name: kubeaudit description: A Helm chart for the kubeaudit security scanner that integrates with the secureCodeBox. type: application version: v3.1.0-alpha1 -appVersion: "v0.15.0" +appVersion: "0.15.0" kubeVersion: ">=v1.11.0-0" annotations: versionApi: https://api.github.com/repos/Shopify/kubeaudit/releases/latest diff --git a/scanners/kubeaudit/README.md b/scanners/kubeaudit/README.md index c091b5ebd8..a44dd9b310 100644 --- a/scanners/kubeaudit/README.md +++ b/scanners/kubeaudit/README.md @@ -3,7 +3,7 @@ title: "Kubeaudit" category: "scanner" type: "Kubernetes" state: "released" -appVersion: "v0.15.0" +appVersion: "0.15.0" usecase: "Kubernetes Configuration Scanner" --- From b3d51071f19006a1e9241ac829db9fe42867ed1c Mon Sep 17 00:00:00 2001 From: Jannik Hollenbach Date: Thu, 18 Nov 2021 13:31:48 +0100 Subject: [PATCH 3/3] fix missing template substitution where the kubeaudit image and tag was always hardwired Signed-off-by: Jannik Hollenbach --- scanners/kubeaudit/templates/kubeaudit-scan-type.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scanners/kubeaudit/templates/kubeaudit-scan-type.yaml b/scanners/kubeaudit/templates/kubeaudit-scan-type.yaml index ab2a34403d..233d7fd98c 100644 --- a/scanners/kubeaudit/templates/kubeaudit-scan-type.yaml +++ b/scanners/kubeaudit/templates/kubeaudit-scan-type.yaml @@ -24,7 +24,7 @@ spec: restartPolicy: OnFailure containers: - name: kubeaudit - image: "securecodebox/scanner-kubeaudit:{{ .Chart.AppVersion }}" + image: "{{ .Values.scanner.image.repository }}:{{ .Values.scanner.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.scanner.image.pullPolicy }} command: - "sh"