-
We don't have dind available in our CI/CD pipeline. Is there a way to perform a docker scan without it.
-
### Description
It would have been nice to add some mechanism for secret scanning in the CICD setup. Both on the github and ado side;
-
using the following command to scan
if sbom is found, trivy will use sbom instead. https://github.com/aquasecurity/trivy/blob/main/docs/docs/target/container_image.md#sbom
```sh
trivy image --…
-
Finding returns the following:
```
trivyfs-docker...........................................................Failed
- hook id: trivyfs-docker
- exit code: 1
- files were modified by this hook
…
-
### What happened?
CVE-2022-47629
CVE-2023-44487
CVE-2022-1271
We are receiving the above vulnerabilities for Jaeger due to which we are unable to use this on our production environment
### Steps…
-
---
# Bug Report or Design System update
- [x] I’ve searched for any related issues and avoided creating a duplicate issue.
## What happened
We have a web application that is using the VA De…
-
**What steps did you take and what happened:**
Running Trivy operator with these ENV values
```
OPERATOR_TARGET_NAMESPACES:
OPERATOR_EXCLUDE_NAMESPACES:
OPERATOR_TARGET_WORKLOADS: pod,replicaset,…
-
Is there any way to scan for just the diff in a PR when integrating Trivy for secret scan in a PR, rather than having to scan the entire repo?
Current trivy file:
`
name: Secrets Check
on:
p…
-
### Summary
Our current overview dashboard is aggregating and displaying data at the organization level, encompassing all repositories within the organization. To provide a more comprehensive view fo…
-
* **I'm submitting a ...**
- [ ] bug report
- [x] feature request
* **What is the current behavior?**
detect-secrets-hook gets a list of files as command line arguments.
* **What is the d…