diff --git a/Dockerfile b/Dockerfile index eebbac1..258a000 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.18 as builder +FROM golang:1.19 as builder ARG LD_FLAGS ARG TARGETPLATFORM diff --git a/Makefile b/Makefile index 9a80749..a23298d 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,7 @@ GO ?= go BUILD ?= build REPO ?= ghcr.io/fjogeleit/trivy-operator-polr-adapter -IMAGE_TAG ?= 0.1.4 +IMAGE_TAG ?= 0.1.5 LD_FLAGS="-s -w" PLATFORMS ?= linux/arm64,linux/amd64 diff --git a/charts/trivy-operator-polr-adapter/Chart.yaml b/charts/trivy-operator-polr-adapter/Chart.yaml index d4512c1..7c5b662 100644 --- a/charts/trivy-operator-polr-adapter/Chart.yaml +++ b/charts/trivy-operator-polr-adapter/Chart.yaml @@ -3,5 +3,5 @@ name: trivy-operator-polr-adapter description: Helm Chart to install the trivy-operator PolicyReport adapter type: application -version: "0.1.4" -appVersion: "0.1.4" +version: "0.1.5" +appVersion: "0.1.5" diff --git a/charts/trivy-operator-polr-adapter/values.yaml b/charts/trivy-operator-polr-adapter/values.yaml index 09ececf..184e688 100644 --- a/charts/trivy-operator-polr-adapter/values.yaml +++ b/charts/trivy-operator-polr-adapter/values.yaml @@ -4,7 +4,7 @@ image: registry: ghcr.io repository: fjogeleit/trivy-operator-polr-adapter pullPolicy: IfNotPresent - tag: 0.1.4 + tag: 0.1.5 imagePullSecrets: [] nameOverride: "" diff --git a/go.mod b/go.mod index 6e35e89..8f7d222 100644 --- a/go.mod +++ b/go.mod @@ -4,7 +4,7 @@ go 1.18 require ( github.com/aquasecurity/starboard v0.15.11 - github.com/aquasecurity/trivy-operator v0.6.0 + github.com/aquasecurity/trivy-operator v0.7.1 github.com/kyverno/kyverno v1.8.2 github.com/spf13/cobra v1.6.1 github.com/spf13/viper v1.14.0 @@ -133,7 +133,7 @@ require ( github.com/google/certificate-transparency-go v1.1.3 // indirect github.com/google/gnostic v0.6.9 // indirect github.com/google/go-cmp v0.5.9 // indirect - github.com/google/go-containerregistry v0.12.0 // indirect + github.com/google/go-containerregistry v0.12.1 // indirect github.com/google/go-github/v45 v45.2.0 // indirect github.com/google/go-querystring v1.1.0 // indirect github.com/google/gofuzz v1.2.0 // indirect @@ -249,7 +249,7 @@ require ( go.etcd.io/etcd/server/v3 v3.6.0-alpha.0 // indirect go.etcd.io/etcd/tests/v3 v3.6.0-alpha.0 // indirect go.etcd.io/etcd/v3 v3.6.0-alpha.0 // indirect - go.mongodb.org/mongo-driver v1.10.0 // indirect + go.mongodb.org/mongo-driver v1.11.0 // indirect go.opencensus.io v0.23.0 // indirect go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.28.0 // indirect go.opentelemetry.io/otel v1.7.0 // indirect @@ -264,7 +264,7 @@ require ( go.uber.org/multierr v1.8.0 // indirect go.uber.org/zap v1.23.0 // indirect golang.org/x/crypto v0.1.0 // indirect - golang.org/x/exp v0.0.0-20221012211006-4de253d81b95 // indirect + golang.org/x/exp v0.0.0-20221109205753-fc8884afc316 // indirect golang.org/x/mod v0.6.0 // indirect golang.org/x/oauth2 v0.1.0 // indirect golang.org/x/sync v0.1.0 // indirect diff --git a/go.sum b/go.sum index ae581f4..21cdead 100644 --- a/go.sum +++ b/go.sum @@ -301,8 +301,8 @@ github.com/aquasecurity/starboard v0.15.11 h1:LUUSOSfAqsYa0wbA66kMTD9dNwyIYZ/VG8 github.com/aquasecurity/starboard v0.15.11/go.mod h1:indT3eLm8IMgDeLd2/LSyS5Jgr760Ov4rit/rS1iew0= github.com/aquasecurity/trivy-db v0.0.0-20220904090734-9dd4c7776a52 h1:mAMQbKPIPWG3YIzwFq2UgfnnZ5miBJEFJBR6x3FAjZ4= github.com/aquasecurity/trivy-db v0.0.0-20220904090734-9dd4c7776a52/go.mod h1:/nULgnDeq/JMPMVwE1dmf4kWlYn++7VrM3O2naj4BHA= -github.com/aquasecurity/trivy-operator v0.6.0 h1:81VvgvOVoV36oRX+TMjIK+6UEy2jGYtdyGxBtFMKpos= -github.com/aquasecurity/trivy-operator v0.6.0/go.mod h1:8LrvgA3BpNYiD+0bmZG11XlJOTAaothorWHmFohtPYE= +github.com/aquasecurity/trivy-operator v0.7.1 h1:pI1yxMAseExksev/0Kajk29iNHM58Bxnj97GOpnCFEk= +github.com/aquasecurity/trivy-operator v0.7.1/go.mod h1:Ropd6wO/uV+offfx0F2nOpfl5tg5M8AqKtDzV4CBcVc= github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0 h1:jfIu9sQUG6Ig+0+Ap1h4unLjW6YQJpKZVmUzxsD4E/Q= github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0/go.mod h1:t2tdKJDJF9BV14lnkjHmOQgcvEKgtqs5a1N3LNdJhGE= github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o= @@ -1016,8 +1016,8 @@ github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-containerregistry v0.4.1-0.20210128200529-19c2b639fab1/go.mod h1:GU9FUA/X9rd2cV3ZoUNaWihp27tki6/38EsVzL2Dyzc= github.com/google/go-containerregistry v0.5.1/go.mod h1:Ct15B4yir3PLOP5jsy0GNeYVaIZs/MK/Jz5any1wFW0= -github.com/google/go-containerregistry v0.12.0 h1:nidOEtFYlgPCRqxCKj/4c/js940HVWplCWc5ftdfdUA= -github.com/google/go-containerregistry v0.12.0/go.mod h1:sdIK+oHQO7B93xI8UweYdl887YhuIwg9vz8BSLH3+8k= +github.com/google/go-containerregistry v0.12.1 h1:W1mzdNUTx4Zla4JaixCRLhORcR7G6KxE5hHl5fkPsp8= +github.com/google/go-containerregistry v0.12.1/go.mod h1:sdIK+oHQO7B93xI8UweYdl887YhuIwg9vz8BSLH3+8k= github.com/google/go-containerregistry/pkg/authn/k8schain v0.0.0-20210129212729-5c4818de4025/go.mod h1:n9wRxRfKkHy6ZFyj0jJQHw11P+mGLnED4sqegwrXxDk= github.com/google/go-containerregistry/pkg/authn/k8schain v0.0.0-20210216200643-d81088d9983e/go.mod h1:n9wRxRfKkHy6ZFyj0jJQHw11P+mGLnED4sqegwrXxDk= github.com/google/go-github/v27 v27.0.6/go.mod h1:/0Gr8pJ55COkmv+S/yPKCczSkUPIM/LnFyubufRNIS0= @@ -1570,7 +1570,7 @@ github.com/onsi/gomega v1.10.5/go.mod h1:gza4q3jKQJijlu05nKWRCW/GavJumGt8aNRxWg7 github.com/onsi/gomega v1.11.0/go.mod h1:azGKhqFUon9Vuj0YmTfLSmx0FUwqXYSTl5re8lQLTUg= github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= github.com/onsi/gomega v1.19.0/go.mod h1:LY+I3pBVzYsTBU1AnDwOSxaYi9WoWiqgwooUqq9yPro= -github.com/onsi/gomega v1.24.0 h1:+0glovB9Jd6z3VR+ScSwQqXVTIfJcGA9UBM8yzQxhqg= +github.com/onsi/gomega v1.24.1 h1:KORJXNNTzJXzu4ScJWssJfJMnJ+2QJqhoQSRwNlze9E= github.com/op/go-logging v0.0.0-20160315200505-970db520ece7/go.mod h1:HzydrMdWErDVzsI23lYNej1Htcns9BCg93Dk0bBINWk= github.com/open-policy-agent/cert-controller v0.2.0/go.mod h1:SWS7Ame8oKHF11cDsQCFlULrrOMV5Z59FIGEAF/M6YI= github.com/open-policy-agent/frameworks/constraint v0.0.0-20210701194838-1dbe2618668d/go.mod h1:y8wOVfZ6+bEmbhBMnLnFlQrJB9eQpVk+dIDa7YrtocI= @@ -2108,8 +2108,9 @@ go.mongodb.org/mongo-driver v1.6.0/go.mod h1:Q4oFMbo1+MSNqICAdYMlC/zSTrwCogR4R8N go.mongodb.org/mongo-driver v1.7.3/go.mod h1:NqaYOwnXWr5Pm7AOpO5QFxKJ503nbMse/R79oO62zWg= go.mongodb.org/mongo-driver v1.7.5/go.mod h1:VXEWRZ6URJIkUq2SCAyapmhH0ZLRBP+FT4xhp5Zvxng= go.mongodb.org/mongo-driver v1.8.3/go.mod h1:0sQWfOeY63QTntERDJJ/0SuKK0T1uVSgKCuAROlKEPY= -go.mongodb.org/mongo-driver v1.10.0 h1:UtV6N5k14upNp4LTduX0QCufG124fSu25Wz9tu94GLg= go.mongodb.org/mongo-driver v1.10.0/go.mod h1:wsihk0Kdgv8Kqu1Anit4sfK+22vSFbUrAVEYRhCXrA8= +go.mongodb.org/mongo-driver v1.11.0 h1:FZKhBSTydeuffHj9CBjXlR8vQLee1cQyTWYPA6/tqiE= +go.mongodb.org/mongo-driver v1.11.0/go.mod h1:s7p5vEtfbeR1gYi6pnj3c3/urpbLv2T5Sfd6Rp2HBB8= go.mozilla.org/mozlog v0.0.0-20170222151521-4bb13139d403/go.mod h1:jHoPAGnDrCy6kaI2tAze5Prf0Nr0w/oNkROt2lw3n3o= go.opencensus.io v0.15.0/go.mod h1:UffZAU+4sDEINUGP/B7UfBBkq4fqLu9zXAX7ke6CHW0= go.opencensus.io v0.20.1/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk= @@ -2256,8 +2257,8 @@ golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u0 golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= golang.org/x/exp v0.0.0-20200331195152-e8c3332aa8e5/go.mod h1:4M0jN8W1tt0AVLNr8HDosyJCDCDuyL9N9+3m7wDWgKw= -golang.org/x/exp v0.0.0-20221012211006-4de253d81b95 h1:sBdrWpxhGDdTAYNqbgBLAR+ULAPPhfgncLr1X0lyWtg= -golang.org/x/exp v0.0.0-20221012211006-4de253d81b95/go.mod h1:cyybsKvd6eL0RnXn6p/Grxp8F5bW7iYuBgsNCOHpMYE= +golang.org/x/exp v0.0.0-20221109205753-fc8884afc316 h1:FedCSp0+vayF11p3wAQndIgu+JTcW2nLp5M+HSefjlM= +golang.org/x/exp v0.0.0-20221109205753-fc8884afc316/go.mod h1:CxIveKay+FTh1D0yPZemJVgC/95VzuuOLq5Qi4xnoYc= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/lint v0.0.0-20181023182221-1baf3a9d7d67/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= diff --git a/pkg/adapters/auditr/mapper.go b/pkg/adapters/auditr/mapper.go index 84e5d00..aefea7b 100644 --- a/pkg/adapters/auditr/mapper.go +++ b/pkg/adapters/auditr/mapper.go @@ -116,9 +116,11 @@ func MapServerity(severity v1alpha1.Severity) v1alpha2.PolicySeverity { return v1alpha2.SeverityMedium } else if severity == v1alpha1.SeverityHigh { return v1alpha2.SeverityHigh + } else if severity == v1alpha1.SeverityCritical { + return v1alpha2.SeverityCritical } - return v1alpha2.SeverityHigh + return v1alpha2.SeverityInfo } func CreateObjectReference(report *v1alpha1.ConfigAuditReport) corev1.ObjectReference { diff --git a/pkg/adapters/clusterrbac/mapper.go b/pkg/adapters/clusterrbac/mapper.go index 487f4ea..4cd3b11 100644 --- a/pkg/adapters/clusterrbac/mapper.go +++ b/pkg/adapters/clusterrbac/mapper.go @@ -103,9 +103,13 @@ func MapServerity(severity v1alpha1.Severity) v1alpha2.PolicySeverity { return v1alpha2.SeverityLow } else if severity == v1alpha1.SeverityMedium { return v1alpha2.SeverityMedium + } else if severity == v1alpha1.SeverityHigh { + return v1alpha2.SeverityHigh + } else if severity == v1alpha1.SeverityCritical { + return v1alpha2.SeverityCritical } - return v1alpha2.SeverityHigh + return v1alpha2.SeverityInfo } func CreateObjectReference(report *v1alpha1.ClusterRbacAssessmentReport) corev1.ObjectReference { diff --git a/pkg/adapters/compliance/mapper.go b/pkg/adapters/compliance/mapper.go index 766f73b..b1635f1 100644 --- a/pkg/adapters/compliance/mapper.go +++ b/pkg/adapters/compliance/mapper.go @@ -89,9 +89,13 @@ func MapServerity(severity v1alpha1.Severity) v1alpha2.PolicySeverity { return v1alpha2.SeverityLow } else if severity == v1alpha1.SeverityMedium { return v1alpha2.SeverityMedium + } else if severity == v1alpha1.SeverityHigh { + return v1alpha2.SeverityHigh + } else if severity == v1alpha1.SeverityCritical { + return v1alpha2.SeverityCritical } - return v1alpha2.SeverityHigh + return v1alpha2.SeverityInfo } func CreatePolicyReport(report *v1alpha1.ClusterComplianceDetailReport) *v1alpha2.ClusterPolicyReport { diff --git a/pkg/adapters/exposedsecret/mapper.go b/pkg/adapters/exposedsecret/mapper.go index 1b7f774..c3ae42e 100644 --- a/pkg/adapters/exposedsecret/mapper.go +++ b/pkg/adapters/exposedsecret/mapper.go @@ -92,9 +92,13 @@ func MapServerity(severity v1alpha1.Severity) v1alpha2.PolicySeverity { return v1alpha2.SeverityLow } else if severity == v1alpha1.SeverityMedium { return v1alpha2.SeverityMedium + } else if severity == v1alpha1.SeverityHigh { + return v1alpha2.SeverityHigh + } else if severity == v1alpha1.SeverityCritical { + return v1alpha2.SeverityCritical } - return v1alpha2.SeverityHigh + return v1alpha2.SeverityInfo } func CreateObjectReference(report *v1alpha1.ExposedSecretReport) corev1.ObjectReference { diff --git a/pkg/adapters/kubebench/mapper.go b/pkg/adapters/kubebench/mapper.go index 9e02406..357f13c 100644 --- a/pkg/adapters/kubebench/mapper.go +++ b/pkg/adapters/kubebench/mapper.go @@ -99,9 +99,13 @@ func MapServerity(severity v1alpha1.Severity) v1alpha2.PolicySeverity { return v1alpha2.SeverityLow } else if severity == v1alpha1.SeverityMedium { return v1alpha2.SeverityMedium + } else if severity == v1alpha1.SeverityHigh { + return v1alpha2.SeverityHigh + } else if severity == v1alpha1.SeverityCritical { + return v1alpha2.SeverityCritical } - return v1alpha2.SeverityHigh + return v1alpha2.SeverityInfo } func CreatePolicyReport(report *v1alpha1.CISKubeBenchReport) *v1alpha2.ClusterPolicyReport { diff --git a/pkg/adapters/rbac/mapper.go b/pkg/adapters/rbac/mapper.go index 7a10fae..2c9b99e 100644 --- a/pkg/adapters/rbac/mapper.go +++ b/pkg/adapters/rbac/mapper.go @@ -110,9 +110,13 @@ func MapServerity(severity v1alpha1.Severity) v1alpha2.PolicySeverity { return v1alpha2.SeverityLow } else if severity == v1alpha1.SeverityMedium { return v1alpha2.SeverityMedium + } else if severity == v1alpha1.SeverityHigh { + return v1alpha2.SeverityHigh + } else if severity == v1alpha1.SeverityCritical { + return v1alpha2.SeverityCritical } - return v1alpha2.SeverityHigh + return v1alpha2.SeverityInfo } func CreateObjectReference(report *v1alpha1.RbacAssessmentReport) corev1.ObjectReference { diff --git a/pkg/adapters/vulnr/mapper.go b/pkg/adapters/vulnr/mapper.go index 544b0f8..b532c22 100644 --- a/pkg/adapters/vulnr/mapper.go +++ b/pkg/adapters/vulnr/mapper.go @@ -125,9 +125,13 @@ func MapServerity(severity v1alpha1.Severity) v1alpha2.PolicySeverity { return v1alpha2.SeverityLow } else if severity == v1alpha1.SeverityMedium { return v1alpha2.SeverityMedium + } else if severity == v1alpha1.SeverityHigh { + return v1alpha2.SeverityHigh + } else if severity == v1alpha1.SeverityCritical { + return v1alpha2.SeverityCritical } - return v1alpha2.SeverityHigh + return v1alpha2.SeverityInfo } func CreateObjectReference(report *v1alpha1.VulnerabilityReport) corev1.ObjectReference {