add job permission to create manually triggerede vulnerability scans

.github/workflows/docker-build.yaml

@@ -16,8 +16,8 @@ on:
 
 env:
   SDK_VERSION: "v1.24.0"
-#  IMG: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.0.111
-#  BUNDLE_IMG: ghcr.io/kubero-dev/kubero-operator/kuberoapp-bundle:v0.0.111
+#  IMG: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.0.112
+#  BUNDLE_IMG: ghcr.io/kubero-dev/kubero-operator/kuberoapp-bundle:v0.0.112
 
 jobs:
   # Push image to GitHub Packages.

Makefile

@@ -3,7 +3,7 @@
 # To re-generate a bundle for another specific version without changing the standard setup, you can:
 # - use the VERSION as arg of the bundle target (e.g make bundle VERSION=0.0.2)
 # - use environment variables to overwrite this value (e.g export VERSION=0.0.2)
-VERSION ?= 0.0.111
+VERSION ?= 0.0.112
 
 # CHANNELS define the bundle channels used in the bundle.
 # Add a new line here if you would like to change its default config. (E.g CHANNELS = "candidate,fast,stable")

bundle/manifests/kubero-operator.clusterserviceversion.yaml

@@ -706,13 +706,13 @@ metadata:
     capabilities: Basic Install
     categories: Integration & Delivery
     certified: "false"
-    containerImage: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.0.111
+    containerImage: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.0.112
     description: Kubero is a GitOps continuous delivery tool for Kubernetes.
     operators.operatorframework.io/builder: operator-sdk-v1.24.0
     operators.operatorframework.io/project_layout: helm.sdk.operatorframework.io/v1
     repository: https://github.com/kubero-dev/kubero
     support: Kubero Community
-  name: kubero-operator.v0.0.111
+  name: kubero-operator.v0.0.112
   namespace: placeholder
 spec:
   apiservicedefinitions: {}
@@ -1402,7 +1402,7 @@ spec:
                 - --metrics-bind-address=127.0.0.1:8080
                 - --leader-elect
                 - --leader-election-id=kubero-operator
-                image: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.0.111
+                image: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.0.112
                 livenessProbe:
                   httpGet:
                     path: /healthz
@@ -1489,4 +1489,4 @@ spec:
   provider:
     name: kubero
     url: https://github.com/kubero-dev/
-  version: 0.0.111
+  version: 0.0.112

config/manager/kustomization.yaml

@@ -13,4 +13,4 @@ kind: Kustomization
 images:
 - name: controller
   newName: ghcr.io/kubero-dev/kubero-operator/kuberoapp
-  newTag: v0.0.111
+  newTag: v0.0.112

config/manifests/bases/kubero-operator.clusterserviceversion.yaml

@@ -6,7 +6,7 @@ metadata:
     capabilities: Basic Install
     categories: Integration & Delivery
     certified: "false"
-    containerImage: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.0.111
+    containerImage: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.0.112
     description: Kubero is a GitOps continuous delivery tool for Kubernetes.
     repository: https://github.com/kubero-dev/kubero
     support: Kubero Community

deploy/operator.yaml

@@ -1132,7 +1132,7 @@ spec:
         - --metrics-bind-address=127.0.0.1:8080
         - --leader-elect
         - --leader-election-id=kubero-operator
-        image: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.0.111
+        image: ghcr.io/kubero-dev/kubero-operator/kuberoapp:v0.0.112
         livenessProbe:
           httpGet:
             path: /healthz

helm-charts/kubero/templates/serviceaccount.yaml

@@ -34,7 +34,10 @@ rules:
     resources: ["customresourcedefinitions"]
     verbs: ["list", "watch", "get"]
   - apiGroups: [""]
-    resources: ["namespaces", "secrets", "pods", "pods/log", "events", "persistentvolumeclaims", "persistentvolumes", "jobs"]
+    resources: ["namespaces", "secrets", "pods", "pods/log", "events", "persistentvolumeclaims", "persistentvolumes"]
+    verbs: ["*"]
+  - apiGroups: ["batch"]
+    resources: ["jobs"]
     verbs: ["*"]
   - apiGroups: ["apps"]
     resources: ["deployments"]