search

iganari / package-gcp

Sample code collection specialized for GCP! :)
2 stars 0 forks source link

気軽に使えるContainerの脆弱性スキャンツール Trivy #84

Closed iganari closed 3 years ago

iganari commented 4 years ago

https://tech.recruit-mp.co.jp/infrastructure/continuous-integration-vulnerability-detection-tool-trivy/

iganari commented 4 years ago 
- name: 'aquasec/trivy'
  entrypoint: sh
  args:
    - -c
    - |
      trivy --exit-code=1 --severity=CRITICAL -o /dev/stdout  gcr.io/$PROJECT_ID/$_SERVICE_NAME:$COMMIT_SHA
      if [ $? != 0 ];then echo "脆弱性を検知しました";exit 1;fi
iganari commented 3 years ago

https://github.com/iganari/package-gcp/pull/92

上記の RP で追加済み