Feat: Support Scanning Multiple Images at once

aquasecurity / trivy-action

Runs Trivy as GitHub action to scan your Docker container image for vulnerabilities

Apache License 2.0

775 stars 223 forks source link

Feat: Support Scanning Multiple Images at once #313

Open JayGhiya opened 7 months ago

JayGhiya commented 7 months ago

For lot of stateful applications on kubernetes there are n images as part of single helm/kcustomize artifact. it will help if a list of images could be passed to trivy github action to get multiple jsons out of the same.

lou-lan commented 1 month ago

  - name: Run Trivy vulnerability scanner in tarball mode
    uses: aquasecurity/trivy-action@0.24.0
    with:
      input: output/image/app-agent.tar,output/image/app-controller.tar
      severity: 'CRITICAL,HIGH'

  - name: Run Trivy vulnerability scanner in tarball mode
    uses: aquasecurity/trivy-action@0.24.0
    with:
      input: output/image/*.tar
      severity: 'CRITICAL,HIGH'