mirror of
https://github.com/goharbor/harbor.git
synced 2024-11-24 19:25:19 +01:00
feat: bump TRIVYVERSION to v0.32.1 and bump TRIVYADAPTERVERSION to v0.30.2 (#17681)
Signed-off-by: Shengwen Yu <yshengwen@vmware.com> Signed-off-by: Shengwen Yu <yshengwen@vmware.com>
This commit is contained in:
parent
cd0fa06a32
commit
0acfbdc7a1
4
Makefile
4
Makefile
@ -109,8 +109,8 @@ PREPARE_VERSION_NAME=versions
|
||||
REGISTRYVERSION=v2.8.0-patch-redis
|
||||
NOTARYVERSION=v0.6.1
|
||||
NOTARYMIGRATEVERSION=v4.11.0
|
||||
TRIVYVERSION=v0.29.2
|
||||
TRIVYADAPTERVERSION=v0.30.0
|
||||
TRIVYVERSION=v0.32.1
|
||||
TRIVYADAPTERVERSION=v0.30.2
|
||||
|
||||
# version of chartmuseum for pulling the source code
|
||||
CHARTMUSEUM_SRC_TAG=v0.14.0
|
||||
|
@ -86,6 +86,9 @@ trivy:
|
||||
# This option doesn’t affect DB download. You need to specify "skip-update" as well as "offline-scan" in an air-gapped environment.
|
||||
offline_scan: false
|
||||
#
|
||||
# Comma-separated list of what security issues to detect. Possible values are `vuln`, `config` and `secret`. Defaults to `vuln`.
|
||||
security_check: vuln
|
||||
#
|
||||
# insecure The flag to skip verifying registry certificate
|
||||
insecure: false
|
||||
# github_token The GitHub access token to download Trivy DB
|
||||
|
@ -11,6 +11,7 @@ SCANNER_TRIVY_SEVERITY=UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL
|
||||
SCANNER_TRIVY_IGNORE_UNFIXED={{trivy_ignore_unfixed}}
|
||||
SCANNER_TRIVY_SKIP_UPDATE={{trivy_skip_update}}
|
||||
SCANNER_TRIVY_OFFLINE_SCAN={{trivy_offline_scan}}
|
||||
SCANNER_TRIVY_SECURITY_CHECKS={{trivy_security_check}}
|
||||
SCANNER_TRIVY_GITHUB_TOKEN={{trivy_github_token}}
|
||||
SCANNER_TRIVY_INSECURE={{trivy_insecure}}
|
||||
SCANNER_TRIVY_TIMEOUT={{trivy_timeout}}
|
||||
|
@ -229,6 +229,7 @@ def parse_yaml_config(config_file_path, with_notary, with_trivy, with_chartmuseu
|
||||
config_dict['trivy_github_token'] = trivy_configs.get("github_token") or ''
|
||||
config_dict['trivy_skip_update'] = trivy_configs.get("skip_update") or False
|
||||
config_dict['trivy_offline_scan'] = trivy_configs.get("offline_scan") or False
|
||||
config_dict['trivy_security_check'] = trivy_configs.get("security_check") or 'vuln'
|
||||
config_dict['trivy_ignore_unfixed'] = trivy_configs.get("ignore_unfixed") or False
|
||||
config_dict['trivy_insecure'] = trivy_configs.get("insecure") or False
|
||||
config_dict['trivy_timeout'] = trivy_configs.get("timeout") or '5m0s'
|
||||
|
Loading…
Reference in New Issue
Block a user