Merge branch 'main' into add-service

.github/workflows/build.yml

@@ -17,13 +17,13 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
       -
         name: Set up QEMU
         uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3
       -
         name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3
+        uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3
       -
         name: Login to ghcr.io
         uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3
@@ -34,13 +34,13 @@ jobs:
         if: github.event_name == 'release'
       -
         name: Build the container
-        uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6
+        uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6
         with:
           context: .
           push: false
       -
         name: Build and push to ghcr.io
-        uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6
+        uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6
         with:
           context: .
           push: true

.github/workflows/draft-release.yml

@@ -15,7 +15,7 @@ jobs:
     steps:
 
       - name: Checkout repository
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           fetch-depth: 0
           persist-credentials: false
@@ -39,7 +39,7 @@ jobs:
           futureRelease: ${{ steps.version.outputs.next-version }}
 
       - name: Update YAML File with next version
-        uses: mikefarah/yq@bbdd97482f2d439126582a59689eb1c855944955 # v4.44.3
+        uses: mikefarah/yq@bc5b54cb1d1f720db16c9f75c5b45384d00e5cbf # v4.44.5
         with:
           cmd: |
             yq e '.operator.trivyDojoReportOperator.image.tag = "${{ steps.version.outputs.next-version }}"' -i charts/values.yaml
@@ -62,7 +62,7 @@ jobs:
 
       # do a second checkout to prevent race situation
       # changelog gets updated but action works on old commit id
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           ref: main
 

.github/workflows/hadolint.yml

@@ -14,5 +14,5 @@ jobs:
     runs-on: ubuntu-latest
     name: Hadolint-your-PR
     steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
       - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0

.github/workflows/release.yml

@@ -13,7 +13,7 @@ jobs:
     steps:
 
       - name: Checkout repo main-branch, because there is the up-to-date Chart.yaml
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           fetch-depth: 0
           ref: main
@@ -32,7 +32,7 @@ jobs:
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Checkout Branch gh-pages because that's where the chart-repo exists
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           ref: gh-pages
           # we do not want to delete the created chart

CHANGELOG.md

@@ -1,6 +1,27 @@
 # Changelog
 
-## [0.7.2](https://github.com/telekom-mms/trivy-dojo-report-operator/tree/0.7.2) (2024-09-06)
+## [0.8.0](https://github.com/telekom-mms/trivy-dojo-report-operator/tree/0.8.0) (2024-11-21)
+
+[Full Changelog](https://github.com/telekom-mms/trivy-dojo-report-operator/compare/0.7.3...0.8.0)
+
+**Implemented enhancements:**
+
+- Allow variable DEFECT\_DOJO\_PRODUCT\_TYPE\_NAME empty [\#83](https://github.com/telekom-mms/trivy-dojo-report-operator/pull/83) ([tidusete](https://github.com/tidusete))
+
+**Fixed bugs:**
+
+- \[Bug\] Image docker-trivy-dojo-operator:0.7.3 does not exist? [\#82](https://github.com/telekom-mms/trivy-dojo-report-operator/issues/82)
+
+**Merged pull requests:**
+
+- Update dependency pytest-cov to v6 - autoclosed [\#81](https://github.com/telekom-mms/trivy-dojo-report-operator/pull/81) ([renovate[bot]](https://github.com/apps/renovate))
+- Update dependency kubernetes to v31 [\#79](https://github.com/telekom-mms/trivy-dojo-report-operator/pull/79) ([renovate[bot]](https://github.com/apps/renovate))
+
+## [0.7.3](https://github.com/telekom-mms/trivy-dojo-report-operator/tree/0.7.3) (2024-10-23)
+
+[Full Changelog](https://github.com/telekom-mms/trivy-dojo-report-operator/compare/0.7.2...0.7.3)
+
+## [0.7.2](https://github.com/telekom-mms/trivy-dojo-report-operator/tree/0.7.2) (2024-09-27)
 
 [Full Changelog](https://github.com/telekom-mms/trivy-dojo-report-operator/compare/0.7.1...0.7.2)
 

Dockerfile

@@ -1,4 +1,4 @@
-FROM python:3.12@sha256:11aa4b620c15f855f66f02a7f3c1cd9cf843cc10f3edbcf158e5ebcd98d1f549 as build
+FROM python:3.12@sha256:f71437b2bad6af0615875c8f7fbeeeae1b73e3c76b82056d283644aca5afe355 as build
 
 WORKDIR /app
 
@@ -9,7 +9,7 @@ COPY poetry.lock pyproject.toml /app/
 RUN poetry config virtualenvs.in-project true && \
     poetry install --no-ansi
 
-FROM python:3.12-slim@sha256:c24c34b502635f1f7c4e99dc09a2cbd85d480b7dcfd077198c6b5af138906390
+FROM python:3.12-slim@sha256:2a6386ad2db20e7f55073f69a98d6da2cf9f168e05e7487d2670baeb9b7601c5
 
 RUN groupadd --gid 1000 app && \
     useradd --gid 1000 --uid 1000 app

README.md

@@ -81,6 +81,7 @@ docker pull ghcr.io/telekom-mms/docker-trivy-dojo-operator
 docker run -it -v /path/to/your/.kube/config:/root/.kube/config \
   -e DEFECT_DOJO_API_KEY=$DEFECT_DOJO_API_KEY \
   -e DEFECT_DOJO_URL=$DEFECT_DOJO_URL \
+  -e DEFECT_DOJO_PRODUCT_TYPE_NAME="Research and Development" \
   -e LABEL="trivy-operator.resource.name" \
   -e LABEL_VALUE="master-live-server" \
   -e REPORTS="vulnerabilityreports"

charts/Chart.yaml

@@ -1,6 +1,6 @@
 apiVersion: v2
-appVersion: 0.7.2
+appVersion: 0.8.0
 description: A Helm chart to install the trivy-dojo-report-operator
 name: trivy-dojo-report-operator
 type: application
-version: 0.7.2
+version: 0.8.0

charts/values.yaml

@@ -48,7 +48,7 @@ operator:
       reports: vulnerabilityreports
     image:
       repository: ghcr.io/telekom-mms/docker-trivy-dojo-operator
-      tag: 0.7.2
+      tag: 0.8.0
   type: ClusterIP
   podSecurityContext:
     runAsNonRoot: true

deploy/trivy-dojo-report-operator.yaml

@@ -5,10 +5,10 @@ kind: ServiceAccount
 metadata:
   name: telekom-mms-trivy-dojo-report-operator-account
   labels:
-    helm.sh/chart: trivy-dojo-report-operator-0.7.2
+    helm.sh/chart: trivy-dojo-report-operator-0.8.0
     app.kubernetes.io/name: trivy-dojo-report-operator
     app.kubernetes.io/instance: telekom-mms
-    app.kubernetes.io/version: "0.7.2"
+    app.kubernetes.io/version: "0.8.0"
     app.kubernetes.io/managed-by: Helm
   annotations:
     {}
@@ -19,10 +19,10 @@ kind: Secret
 metadata:
   name: telekom-mms-trivy-dojo-report-operator-defect-dojo-api-credentials
   labels:
-    helm.sh/chart: trivy-dojo-report-operator-0.7.2
+    helm.sh/chart: trivy-dojo-report-operator-0.8.0
     app.kubernetes.io/name: trivy-dojo-report-operator
     app.kubernetes.io/instance: telekom-mms
-    app.kubernetes.io/version: "0.7.2"
+    app.kubernetes.io/version: "0.8.0"
     app.kubernetes.io/managed-by: Helm
 stringData:
   apiKey: "YOUR_DEFECTDOJO_API_KEY"
@@ -35,10 +35,10 @@ kind: ClusterRole
 metadata:
   name: telekom-mms-trivy-dojo-report-operator-role-cluster
   labels:
-    helm.sh/chart: trivy-dojo-report-operator-0.7.2
+    helm.sh/chart: trivy-dojo-report-operator-0.8.0
     app.kubernetes.io/name: trivy-dojo-report-operator
     app.kubernetes.io/instance: telekom-mms
-    app.kubernetes.io/version: "0.7.2"
+    app.kubernetes.io/version: "0.8.0"
     app.kubernetes.io/managed-by: Helm
 rules:
 - apiGroups:
@@ -81,10 +81,10 @@ kind: ClusterRoleBinding
 metadata:
   name: telekom-mms-trivy-dojo-report-operator-rolebinding-cluster
   labels:
-    helm.sh/chart: trivy-dojo-report-operator-0.7.2
+    helm.sh/chart: trivy-dojo-report-operator-0.8.0
     app.kubernetes.io/name: trivy-dojo-report-operator
     app.kubernetes.io/instance: telekom-mms
-    app.kubernetes.io/version: "0.7.2"
+    app.kubernetes.io/version: "0.8.0"
     app.kubernetes.io/managed-by: Helm
 roleRef:
   apiGroup: rbac.authorization.k8s.io
@@ -101,10 +101,10 @@ kind: Service
 metadata:
   name: telekom-mms-trivy-dojo-report-operator-operator
   labels:
-    helm.sh/chart: trivy-dojo-report-operator-0.7.2
+    helm.sh/chart: trivy-dojo-report-operator-0.8.0
     app.kubernetes.io/name: trivy-dojo-report-operator
     app.kubernetes.io/instance: telekom-mms
-    app.kubernetes.io/version: "0.7.2"
+    app.kubernetes.io/version: "0.8.0"
     app.kubernetes.io/managed-by: Helm
 spec:
   type: ClusterIP
@@ -123,10 +123,10 @@ kind: Deployment
 metadata:
   name: telekom-mms-trivy-dojo-report-operator-operator
   labels:
-    helm.sh/chart: trivy-dojo-report-operator-0.7.2
+    helm.sh/chart: trivy-dojo-report-operator-0.8.0
     app.kubernetes.io/name: trivy-dojo-report-operator
     app.kubernetes.io/instance: telekom-mms
-    app.kubernetes.io/version: "0.7.2"
+    app.kubernetes.io/version: "0.8.0"
     app.kubernetes.io/managed-by: Helm
 spec:
   replicas: 1
@@ -198,7 +198,7 @@ spec:
           value: "vulnerabilityreports"
         - name: KUBERNETES_CLUSTER_DOMAIN
           value: "cluster.local"
-        image: ghcr.io/telekom-mms/docker-trivy-dojo-operator:0.7.2
+        image: ghcr.io/telekom-mms/docker-trivy-dojo-operator:0.8.0
         livenessProbe:
           httpGet:
             path: /healthz