-
Agent: Ubuntu latest, using Azure DevOps pipelines.
I have been running trivy side by side and found the results in `MicrosoftSecurityDevOps@1` to be less than the output results running in `trivy@…
-
**What steps did you take and what happened:**
**1.** `docker pull ghcr.io/aquasecurity/trivy-operator:0.22.0`
**2.** `trivy image ghcr.io/aquasecurity/trivy-operator:0.22.0 --severity CRITICAL`…
-
### Checklist
- [X] I've searched for similar issues and couldn't find anything matching
- [X] I've included steps to reproduce the behavior
### Affected Components
- [X] K8sGPT (CLI)
- [X] K8sGPT …
-
Didn't we already do this working with the trivy folks? Check CVE bin tool issues first
-
**What happened**:
Trivy vulnerability scanner test failed on PR: https://github.com/kubernetes-csi/external-snapshotter/pull/1152
**What you expected to happen**:
Trivy vulnerability scann…
-
After upgrading from helm chart v1.14.0 to v1.15.0 we noticed in our test environment that the trivy pod sends requests to the core pod now.
**v1.14.0**
Trivy -> registry
**v1.15.0**
Trivy ->…
-
I have this step in a workflow and it works:
```yaml
- name: "Upload Trivy scan results to GitHub Security tab"
uses: github/codeql-action/upload-sarif@v3
with:
…
-
### Please add the exact image (with tag) that you are using
eclipse-temurin:17-jre-alpine
### Please add the version of Docker you are running
24.0.5
### What happened?
We are using `eclipse-tem…
-
Yesterday the Azure DevOps Task trivy@1 had a change in code and stopped working. The check is still the same, we did not change anything. Before we had the following result in our pipeline:
>/tmp/…
-
In our project we are doing many sarif scans: trivy + hadolint for every container we are going to build.
All sarif files ending up in CodeAnalysisLogs with their respective name e.g. hadolint-{conta…