diff --git a/deploy/crd/ciskubebenchreports.crd.yaml b/deploy/crd/ciskubebenchreports.crd.yaml index 7fc030544..0c62ba776 100644 --- a/deploy/crd/ciskubebenchreports.crd.yaml +++ b/deploy/crd/ciskubebenchreports.crd.yaml @@ -5,7 +5,7 @@ metadata: name: ciskubebenchreports.aquasecurity.github.io labels: app.kubernetes.io/managed-by: starboard - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" spec: group: aquasecurity.github.io versions: diff --git a/deploy/crd/clustercompliancedetailreports.crd.yaml b/deploy/crd/clustercompliancedetailreports.crd.yaml index 0d798bd23..854b08064 100644 --- a/deploy/crd/clustercompliancedetailreports.crd.yaml +++ b/deploy/crd/clustercompliancedetailreports.crd.yaml @@ -5,7 +5,7 @@ metadata: name: clustercompliancedetailreports.aquasecurity.github.io labels: app.kubernetes.io/managed-by: starboard - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" spec: group: aquasecurity.github.io versions: diff --git a/deploy/crd/clustercompliancereports.crd.yaml b/deploy/crd/clustercompliancereports.crd.yaml index 259a4b728..493ebef39 100644 --- a/deploy/crd/clustercompliancereports.crd.yaml +++ b/deploy/crd/clustercompliancereports.crd.yaml @@ -5,7 +5,7 @@ metadata: name: clustercompliancereports.aquasecurity.github.io labels: app.kubernetes.io/managed-by: starboard - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" spec: group: aquasecurity.github.io scope: Cluster diff --git a/deploy/crd/clusterconfigauditreports.crd.yaml b/deploy/crd/clusterconfigauditreports.crd.yaml index 8bc512a8c..56b0016be 100644 --- a/deploy/crd/clusterconfigauditreports.crd.yaml +++ b/deploy/crd/clusterconfigauditreports.crd.yaml @@ -5,7 +5,7 @@ metadata: name: clusterconfigauditreports.aquasecurity.github.io labels: app.kubernetes.io/managed-by: starboard - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" spec: group: aquasecurity.github.io versions: diff --git a/deploy/crd/clustervulnerabilityreports.crd.yaml b/deploy/crd/clustervulnerabilityreports.crd.yaml index 2661ce7ee..1239c2de4 100644 --- a/deploy/crd/clustervulnerabilityreports.crd.yaml +++ b/deploy/crd/clustervulnerabilityreports.crd.yaml @@ -5,7 +5,7 @@ metadata: name: clustervulnerabilityreports.aquasecurity.github.io labels: app.kubernetes.io/managed-by: starboard - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" spec: group: aquasecurity.github.io versions: diff --git a/deploy/crd/configauditreports.crd.yaml b/deploy/crd/configauditreports.crd.yaml index 30de5a3d0..3ed1010d7 100644 --- a/deploy/crd/configauditreports.crd.yaml +++ b/deploy/crd/configauditreports.crd.yaml @@ -5,7 +5,7 @@ metadata: name: configauditreports.aquasecurity.github.io labels: app.kubernetes.io/managed-by: starboard - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" spec: group: aquasecurity.github.io versions: diff --git a/deploy/crd/kubehunterreports.crd.yaml b/deploy/crd/kubehunterreports.crd.yaml index b69a3942e..16052a7b7 100644 --- a/deploy/crd/kubehunterreports.crd.yaml +++ b/deploy/crd/kubehunterreports.crd.yaml @@ -5,7 +5,7 @@ metadata: name: kubehunterreports.aquasecurity.github.io labels: app.kubernetes.io/managed-by: starboard - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" spec: group: aquasecurity.github.io versions: diff --git a/deploy/crd/vulnerabilityreports.crd.yaml b/deploy/crd/vulnerabilityreports.crd.yaml index 7b3ab2e68..091979431 100644 --- a/deploy/crd/vulnerabilityreports.crd.yaml +++ b/deploy/crd/vulnerabilityreports.crd.yaml @@ -5,7 +5,7 @@ metadata: name: vulnerabilityreports.aquasecurity.github.io labels: app.kubernetes.io/managed-by: starboard - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" spec: group: aquasecurity.github.io versions: diff --git a/deploy/helm/Chart.yaml b/deploy/helm/Chart.yaml index d44d0bc78..da67215d3 100644 --- a/deploy/helm/Chart.yaml +++ b/deploy/helm/Chart.yaml @@ -6,12 +6,12 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.10.0 +version: 0.10.1 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. -appVersion: 0.15.0 +appVersion: 0.15.1 # kubeVersion: A SemVer range of compatible Kubernetes versions (optional) diff --git a/deploy/specs/nsa-1.0.yaml b/deploy/specs/nsa-1.0.yaml index a28598449..6d6237390 100644 --- a/deploy/specs/nsa-1.0.yaml +++ b/deploy/specs/nsa-1.0.yaml @@ -6,7 +6,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" app.kubernetes.io/managed-by: kubectl spec: name: nsa diff --git a/deploy/static/01-starboard-operator.ns.yaml b/deploy/static/01-starboard-operator.ns.yaml index 274395ec8..6368e4a09 100644 --- a/deploy/static/01-starboard-operator.ns.yaml +++ b/deploy/static/01-starboard-operator.ns.yaml @@ -6,5 +6,5 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" app.kubernetes.io/managed-by: kubectl diff --git a/deploy/static/02-starboard-operator.rbac.yaml b/deploy/static/02-starboard-operator.rbac.yaml index ca324ac10..5e2e75375 100644 --- a/deploy/static/02-starboard-operator.rbac.yaml +++ b/deploy/static/02-starboard-operator.rbac.yaml @@ -7,7 +7,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" app.kubernetes.io/managed-by: kubectl --- apiVersion: rbac.authorization.k8s.io/v1 @@ -17,7 +17,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" app.kubernetes.io/managed-by: kubectl rules: - apiGroups: @@ -166,7 +166,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" app.kubernetes.io/managed-by: kubectl roleRef: apiGroup: rbac.authorization.k8s.io diff --git a/deploy/static/03-starboard-operator.config.yaml b/deploy/static/03-starboard-operator.config.yaml index a69b86335..86f509fd3 100644 --- a/deploy/static/03-starboard-operator.config.yaml +++ b/deploy/static/03-starboard-operator.config.yaml @@ -7,7 +7,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" app.kubernetes.io/managed-by: kubectl --- apiVersion: v1 @@ -18,7 +18,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" app.kubernetes.io/managed-by: kubectl --- apiVersion: v1 @@ -29,7 +29,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" app.kubernetes.io/managed-by: kubectl data: vulnerabilityReports.scanner: "Trivy" @@ -44,7 +44,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" app.kubernetes.io/managed-by: kubectl data: trivy.imageRef: "docker.io/aquasec/trivy:0.24.2" @@ -64,7 +64,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" app.kubernetes.io/managed-by: kubectl data: polaris.imageRef: "quay.io/fairwinds/polaris:4.2" diff --git a/deploy/static/04-starboard-operator.policies.yaml b/deploy/static/04-starboard-operator.policies.yaml index f4b7629d9..9def224f0 100644 --- a/deploy/static/04-starboard-operator.policies.yaml +++ b/deploy/static/04-starboard-operator.policies.yaml @@ -7,7 +7,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" app.kubernetes.io/managed-by: kubectl data: library.kubernetes.rego: "package lib.kubernetes\n\ndefault is_gatekeeper = false\n\nis_gatekeeper diff --git a/deploy/static/05-starboard-operator.deployment.yaml b/deploy/static/05-starboard-operator.deployment.yaml index b4156acbe..737e45dde 100644 --- a/deploy/static/05-starboard-operator.deployment.yaml +++ b/deploy/static/05-starboard-operator.deployment.yaml @@ -7,7 +7,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" app.kubernetes.io/managed-by: kubectl annotations: prometheus.io/path: /metrics @@ -30,7 +30,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" app.kubernetes.io/managed-by: kubectl spec: replicas: 1 @@ -50,7 +50,7 @@ spec: automountServiceAccountToken: true containers: - name: "starboard-operator" - image: "docker.io/aquasec/starboard-operator:0.15.0" + image: "docker.io/aquasec/starboard-operator:0.15.1" imagePullPolicy: IfNotPresent env: - name: OPERATOR_NAMESPACE diff --git a/deploy/static/starboard.yaml b/deploy/static/starboard.yaml index 13f0af572..df106b303 100644 --- a/deploy/static/starboard.yaml +++ b/deploy/static/starboard.yaml @@ -5,7 +5,7 @@ metadata: name: vulnerabilityreports.aquasecurity.github.io labels: app.kubernetes.io/managed-by: starboard - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" spec: group: aquasecurity.github.io versions: @@ -249,7 +249,7 @@ metadata: name: configauditreports.aquasecurity.github.io labels: app.kubernetes.io/managed-by: starboard - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" spec: group: aquasecurity.github.io versions: @@ -306,7 +306,7 @@ metadata: name: clusterconfigauditreports.aquasecurity.github.io labels: app.kubernetes.io/managed-by: starboard - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" spec: group: aquasecurity.github.io versions: @@ -362,7 +362,7 @@ metadata: name: ciskubebenchreports.aquasecurity.github.io labels: app.kubernetes.io/managed-by: starboard - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" spec: group: aquasecurity.github.io versions: @@ -412,7 +412,7 @@ metadata: name: clustercompliancereports.aquasecurity.github.io labels: app.kubernetes.io/managed-by: starboard - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" spec: group: aquasecurity.github.io scope: Cluster @@ -549,7 +549,7 @@ metadata: name: clustercompliancedetailreports.aquasecurity.github.io labels: app.kubernetes.io/managed-by: starboard - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" spec: group: aquasecurity.github.io versions: @@ -592,7 +592,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" app.kubernetes.io/managed-by: kubectl --- apiVersion: v1 @@ -603,7 +603,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" app.kubernetes.io/managed-by: kubectl --- apiVersion: rbac.authorization.k8s.io/v1 @@ -613,7 +613,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" app.kubernetes.io/managed-by: kubectl rules: - apiGroups: @@ -762,7 +762,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" app.kubernetes.io/managed-by: kubectl roleRef: apiGroup: rbac.authorization.k8s.io @@ -781,7 +781,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" app.kubernetes.io/managed-by: kubectl --- apiVersion: v1 @@ -792,7 +792,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" app.kubernetes.io/managed-by: kubectl --- apiVersion: v1 @@ -803,7 +803,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" app.kubernetes.io/managed-by: kubectl data: vulnerabilityReports.scanner: "Trivy" @@ -818,7 +818,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" app.kubernetes.io/managed-by: kubectl data: trivy.imageRef: "docker.io/aquasec/trivy:0.24.2" @@ -838,7 +838,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" app.kubernetes.io/managed-by: kubectl data: polaris.imageRef: "quay.io/fairwinds/polaris:4.2" @@ -1039,7 +1039,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" app.kubernetes.io/managed-by: kubectl data: library.kubernetes.rego: "package lib.kubernetes\n\ndefault is_gatekeeper = false\n\nis_gatekeeper @@ -1908,7 +1908,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" app.kubernetes.io/managed-by: kubectl annotations: prometheus.io/path: /metrics @@ -1931,7 +1931,7 @@ metadata: labels: app.kubernetes.io/name: starboard-operator app.kubernetes.io/instance: starboard-operator - app.kubernetes.io/version: "0.15.0" + app.kubernetes.io/version: "0.15.1" app.kubernetes.io/managed-by: kubectl spec: replicas: 1 @@ -1951,7 +1951,7 @@ spec: automountServiceAccountToken: true containers: - name: "starboard-operator" - image: "docker.io/aquasec/starboard-operator:0.15.0" + image: "docker.io/aquasec/starboard-operator:0.15.1" imagePullPolicy: IfNotPresent env: - name: OPERATOR_NAMESPACE diff --git a/docs/crds/clustercompliance-report.md b/docs/crds/clustercompliance-report.md index 688630616..1933ba26c 100644 --- a/docs/crds/clustercompliance-report.md +++ b/docs/crds/clustercompliance-report.md @@ -2,16 +2,16 @@ The ClusterComplianceReport is a cluster-scoped resource, which represents the latest compliance control checks results. The report spec defines a mapping between pre-defined compliance control check ids to security scanners check ids. -Currently, only `kube-bench` and `config-audit` security scanners are supported +Currently, only `kube-bench` and `config-audit` security scanners are supported. +The NSA compliance report is composed of two parts: -The NSA compliance report is composed of two parts : +- `spec:` represents the compliance control checks specification, check details, and the mapping to the security scanner + (this part is defined by the user) +- `status:` represents the compliance control checks (as defined by spec mapping) results extracted from the security + scanners reports (this part is output by starboard) -- `spec:` represents the compliance control checks specification, check details, and the mapping to the security scanner (this part is defined by the user) - -- `status:` represents the compliance control checks (as defined by spec mapping) results extracted from the security scanners reports (this part is output by starboard) - -The following shows a sample ClusterComplianceReport NSA specification associated with the `cluster` +The following shows a sample ClusterComplianceReport NSA specification associated with the `cluster`: ```yaml apiVersion: aquasecurity.github.io/v1alpha1 @@ -25,7 +25,7 @@ metadata: app.kubernetes.io/instance: starboard-operator app.kubernetes.io/managed-by: kubectl app.kubernetes.io/name: starboard-operator - app.kubernetes.io/version: 0.15.0 + app.kubernetes.io/version: {{ git.tag[1:] }} name: nsa resourceVersion: '15745' uid: d11e8af1-daac-457d-96ea-45be4b043814 diff --git a/mkdocs.yml b/mkdocs.yml index bb21f2448..3ab88aff6 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -99,8 +99,8 @@ extra: version: provider: mike var: - prev_git_tag: "v0.14.1" - chart_version: 0.10.0 + prev_git_tag: "v0.15.0" + chart_version: 0.10.1 # Requires pip install mkdocs-macros-plugin plugins: