Update mirror.gcr.io/aquasec/trivy Docker tag to v0.67.0 (#1622) · c62e888737 - infrastructure

Update mirror.gcr.io/aquasec/trivy Docker tag to v0.67.0 (#1622)

All checks were successful

lint-test-helm / helm-lint (push) Successful in 12s

Details

renovate / renovate (push) Successful in 1m37s

Details

This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [mirror.gcr.io/aquasec/trivy](https://www.aquasec.com/products/trivy/) ([source](https://github.com/aquasecurity/trivy)) | minor | `0.66.0` -> `0.67.0` |

---

### Release Notes

<details>
<summary>aquasecurity/trivy (mirror.gcr.io/aquasec/trivy)</summary>

### [`v0.67.0`](https://github.com/aquasecurity/trivy/blob/HEAD/CHANGELOG.md#0670-2025-09-30)

[Compare Source](https://github.com/aquasecurity/trivy/compare/v0.66.0...v0.67.0)

##### Features

- add documentation URL for database lock errors ([#&#8203;9531](https://github.com/aquasecurity/trivy/issues/9531)) ([eba48af](eba48afd58))
- **cli:** change --list-all-pkgs default to true ([#&#8203;9510](https://github.com/aquasecurity/trivy/issues/9510)) ([7b663d8](7b663d86ca))
- **cloudformation:** support default values and list results in Fn::FindInMap ([#&#8203;9515](https://github.com/aquasecurity/trivy/issues/9515)) ([42b3bf3](42b3bf37bb))
- **cyclonedx:** preserve SBOM structure when scanning SBOM files with vulnerability updates ([#&#8203;9439](https://github.com/aquasecurity/trivy/issues/9439)) ([aff03eb](aff03ebab2))
- **redhat:** add os-release detection for RHEL-based images ([#&#8203;9458](https://github.com/aquasecurity/trivy/issues/9458)) ([cb25a07](cb25a07450))
- **sbom:** added support for CoreOS ([#&#8203;9448](https://github.com/aquasecurity/trivy/issues/9448)) ([6d562a3](6d562a3b48))
- **seal:** add seal support ([#&#8203;9370](https://github.com/aquasecurity/trivy/issues/9370)) ([e4af279](e4af279b29))

##### Bug Fixes

- **aws:** use `BuildableClient` insead of `xhttp.Client` ([#&#8203;9436](https://github.com/aquasecurity/trivy/issues/9436)) ([fa6f1bf](fa6f1bfecf))
- close file descriptors and pipes on error paths ([#&#8203;9536](https://github.com/aquasecurity/trivy/issues/9536)) ([a4cbd6a](a4cbd6a138))
- **db:** Dowload database when missing but metadata still exists ([#&#8203;9393](https://github.com/aquasecurity/trivy/issues/9393)) ([92ebc7e](92ebc7e4d7))
- **k8s:** disable parallel traversal with fs cache for k8s images ([#&#8203;9534](https://github.com/aquasecurity/trivy/issues/9534)) ([c0c7a6b](c0c7a6bf1b))
- **misconf:** handle tofu files in module detection ([#&#8203;9486](https://github.com/aquasecurity/trivy/issues/9486)) ([bfd2f6b](bfd2f6ba69))
- **misconf:** strip build metadata suffixes from image history ([#&#8203;9498](https://github.com/aquasecurity/trivy/issues/9498)) ([c938806](c9388069a4))
- **misconf:** unmark cty values before access ([#&#8203;9495](https://github.com/aquasecurity/trivy/issues/9495)) ([8e40d27](8e40d27a43))
- **misconf:** wrap legacy ENV values in quotes to preserve spaces ([#&#8203;9497](https://github.com/aquasecurity/trivy/issues/9497)) ([267a970](267a9700fa))
- **nodejs:** parse workspaces as objects for package-lock.json files ([#&#8203;9518](https://github.com/aquasecurity/trivy/issues/9518)) ([404abb3](404abb3d91))
- **nodejs:** use snapshot string as `Package.ID` for pnpm packages ([#&#8203;9330](https://github.com/aquasecurity/trivy/issues/9330)) ([4517e8c](4517e8c0ef))
- **vex:** don't  suppress vulns for packages with infinity loop ([#&#8203;9465](https://github.com/aquasecurity/trivy/issues/9465)) ([78f0d4a](78f0d4ae03))
- **vuln:** compare `nuget` package names in lower case ([#&#8203;9456](https://github.com/aquasecurity/trivy/issues/9456)) ([1ff9ac7](1ff9ac7948))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xMTYuNiIsInVwZGF0ZWRJblZlciI6IjQxLjExNi42IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJpbWFnZSJdfQ==-->

Reviewed-on: #1622
Co-authored-by: Renovate Bot <renovate-bot@alexlebens.net>
Co-committed-by: Renovate Bot <renovate-bot@alexlebens.net>

This commit is contained in:

Renovate Bot

2025-09-30 20:00:41 +00:00

committed by

Alex Lebens

parent c42c129476

commit c62e888737

1 changed files with 1 additions and 1 deletions

									
										2

clusters/cl01tl/monitoring/trivy/values.yaml
									
												View File
												
					@@ -16,7 +16,7 @@ trivy-operator:

					    image:

					    image:

					      registry: mirror.gcr.io

					      registry: mirror.gcr.io

					      repository: aquasec/trivy

					      repository: aquasec/trivy

					      tag: 0.66.0

					      tag: 0.67.0

					    storageClassEnabled: true

					    storageClassEnabled: true

					    storageClassName: ceph-block

					    storageClassName: ceph-block

					    storageSize: "5Gi"

					    storageSize: "5Gi"

Update mirror.gcr.io/aquasec/trivy Docker tag to v0.67.0 (#1622) All checks were successful lint-test-helm / helm-lint (push) Successful in 12s Details renovate / renovate (push) Successful in 1m37s Details

2 clusters/cl01tl/monitoring/trivy/values.yaml Unescape Escape View File

Update mirror.gcr.io/aquasec/trivy Docker tag to v0.67.0 (#1622)

All checks were successful

lint-test-helm / helm-lint (push) Successful in 12s

Details

renovate / renovate (push) Successful in 1m37s

Details

2

clusters/cl01tl/monitoring/trivy/values.yaml

View File