chore: bump up Trivy to version v0.68.1

deploy/helm/README.md

@@ -153,7 +153,7 @@ Keeps security report resources updated
 | trivy.image.pullPolicy | string | `"IfNotPresent"` | pullPolicy is the imge pull policy used for trivy image , valid values are (Always, Never, IfNotPresent) |
 | trivy.image.registry | string | `"mirror.gcr.io"` | registry of the Trivy image |
 | trivy.image.repository | string | `"aquasec/trivy"` | repository of the Trivy image |
-| trivy.image.tag | string | `"0.67.0"` | tag version of the Trivy image |
+| trivy.image.tag | string | `"0.68.1"` | tag version of the Trivy image |
 | trivy.imageScanCacheDir | string | `"/tmp/trivy/.cache"` | imageScanCacheDir the flag to set custom path for trivy image scan `cache-dir` parameter. Only applicable in image scan mode. |
 | trivy.includeDevDeps | bool | `false` | includeDevDeps include development dependencies in the report (supported: npm, yarn) (default: false) note: this flag is only applicable when trivy.command is set to filesystem |
 | trivy.insecureRegistries | object | `{}` | The registry to which insecure connections are allowed. There can be multiple registries with different keys. |

deploy/helm/values.yaml

@@ -360,7 +360,7 @@ trivy:
     # -- repository of the Trivy image
     repository: aquasec/trivy
     # -- tag version of the Trivy image
-    tag: 0.67.0
+    tag: 0.68.1
     # -- imagePullSecret is the secret name to be used when pulling trivy image from private registries example : reg-secret
     # It is the user responsibility to create the secret for the private registry in `trivy-operator` namespace
     imagePullSecret: ~

deploy/static/trivy-operator.yaml

@@ -3047,7 +3047,7 @@ metadata:
     app.kubernetes.io/managed-by: kubectl
 data:
   trivy.repository: "mirror.gcr.io/aquasec/trivy"
-  trivy.tag: "0.67.0"
+  trivy.tag: "0.68.1"
   trivy.imagePullPolicy: "IfNotPresent"
   trivy.additionalVulnerabilityReportFields: ""
   trivy.severity: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL"

docs/docs/crds/clustervulnerability-report.md

@@ -44,7 +44,7 @@ report:
   scanner:
     name: Trivy
     vendor: Aqua Security
-    version: 0.67.0
+    version: 0.68.1
   summary:
     criticalCount: 0
     highCount: 4

docs/docs/crds/configaudit-report.md

@@ -34,7 +34,7 @@ report:
   scanner:
     name: Trivy 
     vendor: Aqua Security
-    version: '0.67.0'
+    version: '0.68.1'
   summary:
     criticalCount: 2
     highCount: 0

docs/docs/crds/exposedsecret-report.md

@@ -39,7 +39,7 @@ report:
   scanner:
     name: Trivy
     vendor: Aqua Security
-    version: 0.67.0
+    version: 0.68.1
   secrets:
   - category: Stripe
     match: 'publishable_key: *****'

docs/docs/crds/infraassessment-report.md

@@ -404,7 +404,7 @@ report:
   scanner:
     name: Trivy
     vendor: Aqua Security
-    version: '0.67.0'
+    version: '0.68.1'
   summary:
     criticalCount: 0
     highCount: 0

docs/docs/crds/rbacassessment-report.md

@@ -176,7 +176,7 @@ report:
   scanner:
     name: Trivy
     vendor: Aqua Security
-    version: '0.67.0'
+    version: '0.68.1'
   summary:
     criticalCount: 1
     highCount: 0

docs/docs/crds/sbom-report.md

@@ -162,7 +162,7 @@ report:
   scanner:
     name: Trivy
     vendor: Aqua Security
-    version: 0.67.0
+    version: 0.68.1
   summary:
     componentsCount: 5
     dependenciesCount: 5

docs/docs/crds/vulnerability-report.md

@@ -41,7 +41,7 @@ report:
   scanner:
     name: Trivy
     vendor: Aqua Security
-    version: 0.67.0
+    version: 0.68.1
   summary:
     criticalCount: 2
     highCount: 0

docs/docs/design/design_trivy_file_system_scanner.md

@@ -117,10 +117,10 @@ spec:
           emptyDir: { }
       initContainers:
         # The trivy-get-binary init container is used to copy out the trivy executable
-        # binary from the upstream Trivy container image, i.e. aquasec/trivy:0.67.0,
+        # binary from the upstream Trivy container image, i.e. aquasec/trivy:0.68.1,
         # to a shared emptyDir volume.
         - name: trivy-get-binary
-          image: aquasec/trivy:0.67.0
+          image: aquasec/trivy:0.68.1
           command:
             - cp
             - -v
@@ -135,7 +135,7 @@ spec:
         # This won't be required once Trivy supports ClientServer mode
         # for the fs subcommand.
         - name: trivy-download-db
-          image: aquasec/trivy:0.67.0
+          image: aquasec/trivy:0.68.1
           command:
             - /var/trivy-operator/trivy
             - --download-db-only

docs/docs/design/design_vuln_scan_job_in_same_namespace_of_workload.md

@@ -167,7 +167,7 @@ spec:
           emptyDir: { }
       initContainers:
         - name: trivy-get-binary
-          image: aquasec/trivy:0.67.0
+          image: aquasec/trivy:0.68.1
           command:
             - cp
             - -v
@@ -177,7 +177,7 @@ spec:
             - name: scan-volume
               mountPath: /var/trivy-operator
         - name: trivy-download-db
-          image: aquasec/trivy:0.67.0
+          image: aquasec/trivy:0.68.1
           command:
             - /var/trivy-operator/trivy
             - --download-db-only

docs/docs/design/ttl_scans.md

@@ -45,7 +45,7 @@ report:
   scanner:
     name: Trivy
     vendor: Aqua Security
-    version: 0.67.0
+    version: 0.68.1
   summary:
     criticalCount: 0
     highCount: 0