-
# Expected Behavior
The image is signed.
# Actual Behavior
The image is not signed.
# Steps to Reproduce the Problem
I have the following tasks in a pipeline:
```yaml
# Build OCI Image
- …
-
In the latest image Trivy is detecting 81 vulnerabilities in this image.
> Total: 81 (UNKNOWN: 0, LOW: 10, MEDIUM: 24, HIGH: 40, CRITICAL: 7)
[cloudflare-ddns_trivy_scan.txt](https://github.com/…
-
The image-ref description has the following:
https://github.com/aquasecurity/trivy-action/blob/9c21d3ca2c14eb35419e2a8b66d1195946d579b8/action.yaml#L10
To me, this implies that use of `image-ref…
-
It looks like when we scan images, we're *not* scanning the local images; this means that:
- If the local image has an issue that's been fixed in the registry, the user won't know about it
- I have …
-
Finding returns the following:
```
trivyfs-docker...........................................................Failed
- hook id: trivyfs-docker
- exit code: 1
- files were modified by this hook
…
-
Trivy-operator currently uses defsec for policy scanning. We want to move it to use trivy directly, but for this we would need trivy to expose a way to scan memory Filesystem. This would also help `t…
-
**What steps did you take and what happened:**
[A clear and concise description of what the bug is.]
`
{"level":"error","ts":1680803506.314774,"logger":"scanner","msg":"error scanning image","provi…
-
**Problem**
CReATE Aquasec Trivy scans not able to be convert to ASF format.
The current Trivy to ASF is highly specialized for an `AWS Security Finding Format` and it is not recognizing the Aquasec…
-
I've a workflow that builds ARM64 images then attempts to scan them with trivy, unfortunately because the host is AMD64 the images can't be found.
Is there a way to use docker buildx/etc to run tri…
-
**Is your enhancement related to a problem? Please describe.**
Harvester-network-controller imports Harvester and the go mod still stayed on v1.1.2-rc8
https://github.com/harvester/network-con…