-
Need to check if 'Checkout of code' or 'creating Jar' steps are required in Trivy scan in all four application.
E.g. https://github.com/eclipse-tractusx/sldt-semantic-hub/blob/main/.github/workflows…
-
After upgrading from helm chart v1.14.0 to v1.15.0 we noticed in our test environment that the trivy pod sends requests to the core pod now.
**v1.14.0**
Trivy -> registry
**v1.15.0**
Trivy ->…
-
As a CSP, I want to continuously scan my container infrastructure for security weaknesses so that I can prevent security gaps in my Kubernetes clusters.
This issue focusses on the **Trivy Operator*…
-
## Description
I was running the trivy on the github action workflow and give an error message that the vulnerability database can't be downloaded.
## What did you expect to happen?
The trivy c…
-
when use trivy to scan the image, got some vulnerbiltiy,
but using this sbom tool to getnerated .\_manifest\spdx_2.2\manifest.spdx.json, then run trivy sbom .\_manifest\spdx_2.2\manifest.spdx.json
re…
-
**What steps did you take and what happened:**
Deployed trivy-operator on EKS with IRSA auth to ECR.
**What did you expect to happen:**
All our ARM64-only images are scanned.
**Environment…
-
### Checklist
- [X] I've searched for similar issues and couldn't find anything matching
- [X] I've included steps to reproduce the behavior
### Affected Components
- [X] K8sGPT (CLI)
- [X] K8sGPT …
-
Recently we have beeing seeing trivy action taking lot of time to Initialize the aqyasecurity trivy action(Build container for action use: '/home/runner/work/_actions/aquasecurity/trivy-action/0.20.0/…
-
### Preflight Checklist
- [X] I agree to follow the [Code of Conduct](https://github.com/deckhouse/deckhouse/blob/main/CODE_OF_CONDUCT.md) that this project adheres to.
- [X] I have searched the [iss…
-
In Azure DevOps for privatized deployments, we pull images from `registry.my-company.com/third-party/trivy` instead of `aquasec/trivy` because of network isolation.