update Go dependencies

Signed-off-by: Frank Jogeleit <frank.jogeleit@lovoo.com>

Dockerfile

@@ -1,4 +1,4 @@
-FROM golang:1.18 as builder
+FROM golang:1.19 as builder
 
 ARG LD_FLAGS
 ARG TARGETPLATFORM

Makefile

@@ -1,7 +1,7 @@
 GO ?= go
 BUILD ?= build
 REPO ?= ghcr.io/fjogeleit/trivy-operator-polr-adapter
-IMAGE_TAG ?= 0.1.4
+IMAGE_TAG ?= 0.1.5
 LD_FLAGS="-s -w"
 PLATFORMS ?= linux/arm64,linux/amd64
 

charts/trivy-operator-polr-adapter/Chart.yaml

@@ -3,5 +3,5 @@ name: trivy-operator-polr-adapter
 description: Helm Chart to install the trivy-operator PolicyReport adapter
 
 type: application
-version: "0.1.4"
-appVersion: "0.1.4"
+version: "0.1.5"
+appVersion: "0.1.5"

charts/trivy-operator-polr-adapter/values.yaml

@@ -4,7 +4,7 @@ image:
   registry: ghcr.io
   repository: fjogeleit/trivy-operator-polr-adapter
   pullPolicy: IfNotPresent
-  tag: 0.1.4
+  tag: 0.1.5
 
 imagePullSecrets: []
 nameOverride: ""

go.mod

@@ -4,7 +4,7 @@ go 1.18
 
 require (
 	github.com/aquasecurity/starboard v0.15.11
-	github.com/aquasecurity/trivy-operator v0.6.0
+	github.com/aquasecurity/trivy-operator v0.7.1
 	github.com/kyverno/kyverno v1.8.2
 	github.com/spf13/cobra v1.6.1
 	github.com/spf13/viper v1.14.0
@@ -133,7 +133,7 @@ require (
 	github.com/google/certificate-transparency-go v1.1.3 // indirect
 	github.com/google/gnostic v0.6.9 // indirect
 	github.com/google/go-cmp v0.5.9 // indirect
-	github.com/google/go-containerregistry v0.12.0 // indirect
+	github.com/google/go-containerregistry v0.12.1 // indirect
 	github.com/google/go-github/v45 v45.2.0 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
@@ -249,7 +249,7 @@ require (
 	go.etcd.io/etcd/server/v3 v3.6.0-alpha.0 // indirect
 	go.etcd.io/etcd/tests/v3 v3.6.0-alpha.0 // indirect
 	go.etcd.io/etcd/v3 v3.6.0-alpha.0 // indirect
-	go.mongodb.org/mongo-driver v1.10.0 // indirect
+	go.mongodb.org/mongo-driver v1.11.0 // indirect
 	go.opencensus.io v0.23.0 // indirect
 	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.28.0 // indirect
 	go.opentelemetry.io/otel v1.7.0 // indirect
@@ -264,7 +264,7 @@ require (
 	go.uber.org/multierr v1.8.0 // indirect
 	go.uber.org/zap v1.23.0 // indirect
 	golang.org/x/crypto v0.1.0 // indirect
-	golang.org/x/exp v0.0.0-20221012211006-4de253d81b95 // indirect
+	golang.org/x/exp v0.0.0-20221109205753-fc8884afc316 // indirect
 	golang.org/x/mod v0.6.0 // indirect
 	golang.org/x/oauth2 v0.1.0 // indirect
 	golang.org/x/sync v0.1.0 // indirect

go.sum

@@ -301,8 +301,8 @@ github.com/aquasecurity/starboard v0.15.11 h1:LUUSOSfAqsYa0wbA66kMTD9dNwyIYZ/VG8
 github.com/aquasecurity/starboard v0.15.11/go.mod h1:indT3eLm8IMgDeLd2/LSyS5Jgr760Ov4rit/rS1iew0=
 github.com/aquasecurity/trivy-db v0.0.0-20220904090734-9dd4c7776a52 h1:mAMQbKPIPWG3YIzwFq2UgfnnZ5miBJEFJBR6x3FAjZ4=
 github.com/aquasecurity/trivy-db v0.0.0-20220904090734-9dd4c7776a52/go.mod h1:/nULgnDeq/JMPMVwE1dmf4kWlYn++7VrM3O2naj4BHA=
-github.com/aquasecurity/trivy-operator v0.6.0 h1:81VvgvOVoV36oRX+TMjIK+6UEy2jGYtdyGxBtFMKpos=
-github.com/aquasecurity/trivy-operator v0.6.0/go.mod h1:8LrvgA3BpNYiD+0bmZG11XlJOTAaothorWHmFohtPYE=
+github.com/aquasecurity/trivy-operator v0.7.1 h1:pI1yxMAseExksev/0Kajk29iNHM58Bxnj97GOpnCFEk=
+github.com/aquasecurity/trivy-operator v0.7.1/go.mod h1:Ropd6wO/uV+offfx0F2nOpfl5tg5M8AqKtDzV4CBcVc=
 github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0 h1:jfIu9sQUG6Ig+0+Ap1h4unLjW6YQJpKZVmUzxsD4E/Q=
 github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0/go.mod h1:t2tdKJDJF9BV14lnkjHmOQgcvEKgtqs5a1N3LNdJhGE=
 github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o=
@@ -1016,8 +1016,8 @@ github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
 github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/go-containerregistry v0.4.1-0.20210128200529-19c2b639fab1/go.mod h1:GU9FUA/X9rd2cV3ZoUNaWihp27tki6/38EsVzL2Dyzc=
 github.com/google/go-containerregistry v0.5.1/go.mod h1:Ct15B4yir3PLOP5jsy0GNeYVaIZs/MK/Jz5any1wFW0=
-github.com/google/go-containerregistry v0.12.0 h1:nidOEtFYlgPCRqxCKj/4c/js940HVWplCWc5ftdfdUA=
-github.com/google/go-containerregistry v0.12.0/go.mod h1:sdIK+oHQO7B93xI8UweYdl887YhuIwg9vz8BSLH3+8k=
+github.com/google/go-containerregistry v0.12.1 h1:W1mzdNUTx4Zla4JaixCRLhORcR7G6KxE5hHl5fkPsp8=
+github.com/google/go-containerregistry v0.12.1/go.mod h1:sdIK+oHQO7B93xI8UweYdl887YhuIwg9vz8BSLH3+8k=
 github.com/google/go-containerregistry/pkg/authn/k8schain v0.0.0-20210129212729-5c4818de4025/go.mod h1:n9wRxRfKkHy6ZFyj0jJQHw11P+mGLnED4sqegwrXxDk=
 github.com/google/go-containerregistry/pkg/authn/k8schain v0.0.0-20210216200643-d81088d9983e/go.mod h1:n9wRxRfKkHy6ZFyj0jJQHw11P+mGLnED4sqegwrXxDk=
 github.com/google/go-github/v27 v27.0.6/go.mod h1:/0Gr8pJ55COkmv+S/yPKCczSkUPIM/LnFyubufRNIS0=
@@ -1570,7 +1570,7 @@ github.com/onsi/gomega v1.10.5/go.mod h1:gza4q3jKQJijlu05nKWRCW/GavJumGt8aNRxWg7
 github.com/onsi/gomega v1.11.0/go.mod h1:azGKhqFUon9Vuj0YmTfLSmx0FUwqXYSTl5re8lQLTUg=
 github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY=
 github.com/onsi/gomega v1.19.0/go.mod h1:LY+I3pBVzYsTBU1AnDwOSxaYi9WoWiqgwooUqq9yPro=
-github.com/onsi/gomega v1.24.0 h1:+0glovB9Jd6z3VR+ScSwQqXVTIfJcGA9UBM8yzQxhqg=
+github.com/onsi/gomega v1.24.1 h1:KORJXNNTzJXzu4ScJWssJfJMnJ+2QJqhoQSRwNlze9E=
 github.com/op/go-logging v0.0.0-20160315200505-970db520ece7/go.mod h1:HzydrMdWErDVzsI23lYNej1Htcns9BCg93Dk0bBINWk=
 github.com/open-policy-agent/cert-controller v0.2.0/go.mod h1:SWS7Ame8oKHF11cDsQCFlULrrOMV5Z59FIGEAF/M6YI=
 github.com/open-policy-agent/frameworks/constraint v0.0.0-20210701194838-1dbe2618668d/go.mod h1:y8wOVfZ6+bEmbhBMnLnFlQrJB9eQpVk+dIDa7YrtocI=
@@ -2108,8 +2108,9 @@ go.mongodb.org/mongo-driver v1.6.0/go.mod h1:Q4oFMbo1+MSNqICAdYMlC/zSTrwCogR4R8N
 go.mongodb.org/mongo-driver v1.7.3/go.mod h1:NqaYOwnXWr5Pm7AOpO5QFxKJ503nbMse/R79oO62zWg=
 go.mongodb.org/mongo-driver v1.7.5/go.mod h1:VXEWRZ6URJIkUq2SCAyapmhH0ZLRBP+FT4xhp5Zvxng=
 go.mongodb.org/mongo-driver v1.8.3/go.mod h1:0sQWfOeY63QTntERDJJ/0SuKK0T1uVSgKCuAROlKEPY=
-go.mongodb.org/mongo-driver v1.10.0 h1:UtV6N5k14upNp4LTduX0QCufG124fSu25Wz9tu94GLg=
 go.mongodb.org/mongo-driver v1.10.0/go.mod h1:wsihk0Kdgv8Kqu1Anit4sfK+22vSFbUrAVEYRhCXrA8=
+go.mongodb.org/mongo-driver v1.11.0 h1:FZKhBSTydeuffHj9CBjXlR8vQLee1cQyTWYPA6/tqiE=
+go.mongodb.org/mongo-driver v1.11.0/go.mod h1:s7p5vEtfbeR1gYi6pnj3c3/urpbLv2T5Sfd6Rp2HBB8=
 go.mozilla.org/mozlog v0.0.0-20170222151521-4bb13139d403/go.mod h1:jHoPAGnDrCy6kaI2tAze5Prf0Nr0w/oNkROt2lw3n3o=
 go.opencensus.io v0.15.0/go.mod h1:UffZAU+4sDEINUGP/B7UfBBkq4fqLu9zXAX7ke6CHW0=
 go.opencensus.io v0.20.1/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk=
@@ -2256,8 +2257,8 @@ golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u0
 golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM=
 golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU=
 golang.org/x/exp v0.0.0-20200331195152-e8c3332aa8e5/go.mod h1:4M0jN8W1tt0AVLNr8HDosyJCDCDuyL9N9+3m7wDWgKw=
-golang.org/x/exp v0.0.0-20221012211006-4de253d81b95 h1:sBdrWpxhGDdTAYNqbgBLAR+ULAPPhfgncLr1X0lyWtg=
-golang.org/x/exp v0.0.0-20221012211006-4de253d81b95/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE=
+golang.org/x/exp v0.0.0-20221109205753-fc8884afc316 h1:FedCSp0+vayF11p3wAQndIgu+JTcW2nLp5M+HSefjlM=
+golang.org/x/exp v0.0.0-20221109205753-fc8884afc316/go.mod h1:CxIveKay+FTh1D0yPZemJVgC/95VzuuOLq5Qi4xnoYc=
 golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
 golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
 golang.org/x/lint v0.0.0-20181023182221-1baf3a9d7d67/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=

pkg/adapters/auditr/mapper.go

@@ -116,9 +116,11 @@ func MapServerity(severity v1alpha1.Severity) v1alpha2.PolicySeverity {
 		return v1alpha2.SeverityMedium
 	} else if severity == v1alpha1.SeverityHigh {
 		return v1alpha2.SeverityHigh
+	} else if severity == v1alpha1.SeverityCritical {
+		return v1alpha2.SeverityCritical
 	}
 
-	return v1alpha2.SeverityHigh
+	return v1alpha2.SeverityInfo
 }
 
 func CreateObjectReference(report *v1alpha1.ConfigAuditReport) corev1.ObjectReference {

pkg/adapters/clusterrbac/mapper.go

@@ -103,9 +103,13 @@ func MapServerity(severity v1alpha1.Severity) v1alpha2.PolicySeverity {
 		return v1alpha2.SeverityLow
 	} else if severity == v1alpha1.SeverityMedium {
 		return v1alpha2.SeverityMedium
+	} else if severity == v1alpha1.SeverityHigh {
+		return v1alpha2.SeverityHigh
+	} else if severity == v1alpha1.SeverityCritical {
+		return v1alpha2.SeverityCritical
 	}
 
-	return v1alpha2.SeverityHigh
+	return v1alpha2.SeverityInfo
 }
 
 func CreateObjectReference(report *v1alpha1.ClusterRbacAssessmentReport) corev1.ObjectReference {

pkg/adapters/compliance/mapper.go

@@ -89,9 +89,13 @@ func MapServerity(severity v1alpha1.Severity) v1alpha2.PolicySeverity {
 		return v1alpha2.SeverityLow
 	} else if severity == v1alpha1.SeverityMedium {
 		return v1alpha2.SeverityMedium
+	} else if severity == v1alpha1.SeverityHigh {
+		return v1alpha2.SeverityHigh
+	} else if severity == v1alpha1.SeverityCritical {
+		return v1alpha2.SeverityCritical
 	}
 
-	return v1alpha2.SeverityHigh
+	return v1alpha2.SeverityInfo
 }
 
 func CreatePolicyReport(report *v1alpha1.ClusterComplianceDetailReport) *v1alpha2.ClusterPolicyReport {

pkg/adapters/exposedsecret/mapper.go

@@ -92,9 +92,13 @@ func MapServerity(severity v1alpha1.Severity) v1alpha2.PolicySeverity {
 		return v1alpha2.SeverityLow
 	} else if severity == v1alpha1.SeverityMedium {
 		return v1alpha2.SeverityMedium
+	} else if severity == v1alpha1.SeverityHigh {
+		return v1alpha2.SeverityHigh
+	} else if severity == v1alpha1.SeverityCritical {
+		return v1alpha2.SeverityCritical
 	}
 
-	return v1alpha2.SeverityHigh
+	return v1alpha2.SeverityInfo
 }
 
 func CreateObjectReference(report *v1alpha1.ExposedSecretReport) corev1.ObjectReference {

pkg/adapters/kubebench/mapper.go

@@ -99,9 +99,13 @@ func MapServerity(severity v1alpha1.Severity) v1alpha2.PolicySeverity {
 		return v1alpha2.SeverityLow
 	} else if severity == v1alpha1.SeverityMedium {
 		return v1alpha2.SeverityMedium
+	} else if severity == v1alpha1.SeverityHigh {
+		return v1alpha2.SeverityHigh
+	} else if severity == v1alpha1.SeverityCritical {
+		return v1alpha2.SeverityCritical
 	}
 
-	return v1alpha2.SeverityHigh
+	return v1alpha2.SeverityInfo
 }
 
 func CreatePolicyReport(report *v1alpha1.CISKubeBenchReport) *v1alpha2.ClusterPolicyReport {

pkg/adapters/rbac/mapper.go

@@ -110,9 +110,13 @@ func MapServerity(severity v1alpha1.Severity) v1alpha2.PolicySeverity {
 		return v1alpha2.SeverityLow
 	} else if severity == v1alpha1.SeverityMedium {
 		return v1alpha2.SeverityMedium
+	} else if severity == v1alpha1.SeverityHigh {
+		return v1alpha2.SeverityHigh
+	} else if severity == v1alpha1.SeverityCritical {
+		return v1alpha2.SeverityCritical
 	}
 
-	return v1alpha2.SeverityHigh
+	return v1alpha2.SeverityInfo
 }
 
 func CreateObjectReference(report *v1alpha1.RbacAssessmentReport) corev1.ObjectReference {

pkg/adapters/vulnr/mapper.go

@@ -125,9 +125,13 @@ func MapServerity(severity v1alpha1.Severity) v1alpha2.PolicySeverity {
 		return v1alpha2.SeverityLow
 	} else if severity == v1alpha1.SeverityMedium {
 		return v1alpha2.SeverityMedium
+	} else if severity == v1alpha1.SeverityHigh {
+		return v1alpha2.SeverityHigh
+	} else if severity == v1alpha1.SeverityCritical {
+		return v1alpha2.SeverityCritical
 	}
 
-	return v1alpha2.SeverityHigh
+	return v1alpha2.SeverityInfo
 }
 
 func CreateObjectReference(report *v1alpha1.VulnerabilityReport) corev1.ObjectReference {