-
Is there a way to use Trivy without a docker image?
We just want to scan the terraform that is the given repository.
However in the action.yml the `image-ref` is marked as required.
-
As a user, I would like to be able to run on and scan Windows machines for potential security issues.
Issues:
- openclarity/vmclarity#1204
- openclarity/vmclarity#1672
- openclarity/vmclarity#35…
-
Trivy is a nice tool that can be integrated with Github to scan vulnerabilities on Docker images.
We can simplify the configuration to allow trivy to do all the builds as required by cloudharness and …
-
Hi,
I had a pipeline run with a trivy scan on an image that was build using appsody in a tekton task.
The trivy tekton task fails, I see it copy the image into OCP.
The environment is OpenSh…
-
\[Description and comments are copied over from the Trello ticket found here: https://trello.com/c/EVzy1zE7/263-add-trivy-vuln-scanning-to-concourse-docker-containers \]
The plan is to create a pip…
-
This issue is derived from https://github.com/aquasecurity/trivy/issues/330
Trivy's issue was to display progress while fetching layers but the core logic of fetching and scanning each layer of the…
-
## Description
The README has two gaps in documentation that could cause unexpected behavior or errors in the application.
1. What are the versions of Trivy that have been tested to demonstrat…
ghost updated
9 months ago
-
While running it on our pipeline, it's impossible to upload the file result:
![image](https://user-images.githubusercontent.com/4749766/206200903-85368bc1-3cbf-4060-bc34-68055011d806.png)
The code…
-
Is your feature request related to a problem? Please describe.
When scanning images with trivy, there will be a report with all found CVEs. That's great. One can also decide to allow image distributi…
-
Currently the design of the exporter only allows to run the scanning on a manager node.
We can change this by:
- Using the tecnativa docker socket proxy for any docker swarm api calls
- A local…