chore: Bump up Trivy to 0.4.3 (#75)

Signed-off-by: Daniel Pacak <[email protected]>

Dockerfile

@@ -1,5 +1,5 @@
 # That's the only place where you're supposed to specify or change version of Trivy.
-ARG TRIVY_VERSION=0.4.2
+ARG TRIVY_VERSION=0.4.3
 
 FROM aquasec/trivy:${TRIVY_VERSION}
 

helm/harbor-scanner-trivy/Chart.yaml

@@ -1,7 +1,7 @@
 apiVersion: v1
 name: harbor-scanner-trivy
-version: 0.1.4
-appVersion: "0.2.2"
+version: 0.1.5
+appVersion: "0.2.3"
 description: Trivy as a plug-in vulnerability scanner in the Harbor registry
 keywords:
   - scanner

helm/harbor-scanner-trivy/values.yaml

@@ -4,7 +4,7 @@ fullnameOverride: ""
 image:
   registry: docker.io
   repository: aquasec/harbor-scanner-trivy
-  tag: 0.2.2
+  tag: 0.2.3
   pullPolicy: IfNotPresent
 
 replicaCount: 1

test/component/component_test.go

@@ -86,7 +86,7 @@ func TestComponent(t *testing.T) {
 	require.NoError(t, err)
 
 	assert.Equal(t, req.Artifact, report.Artifact)
-	assert.Equal(t, harbor.Scanner{Name: "Trivy", Vendor: "Aqua Security", Version: "0.4.2"}, report.Scanner)
+	assert.Equal(t, harbor.Scanner{Name: "Trivy", Vendor: "Aqua Security", Version: "0.4.3"}, report.Scanner)
 	// TODO Adding asserts on CVEs is tricky as we do not have any control over upstream vulnerabilities database used by Trivy.
 	for _, v := range report.Vulnerabilities {
 		t.Logf("ID %s, Package: %s, Version: %s, Severity: %s", v.ID, v.Pkg, v.Version, v.Severity)