Open obeyler opened 4 years ago
At kubecon 2020 I saw a product 'trivy' (https://github.com/aquasecurity/trivy) witch can be combine with opa to check each docker image before use. (https://github.com/aquasecurity/trivy#filter-the-vulnerabilities-by-open-policy-agent-policy) As we discussed earlier about the flannel cve I thing may be it can be a good idea to add it to the K8S bosh release.
At kubecon 2020 I saw a product 'trivy' (https://github.com/aquasecurity/trivy) witch can be combine with opa to check each docker image before use. (https://github.com/aquasecurity/trivy#filter-the-vulnerabilities-by-open-policy-agent-policy) As we discussed earlier about the flannel cve I thing may be it can be a good idea to add it to the K8S bosh release.