Closed amit-kumar-absg closed 8 months ago
I was able to fix it by using the following
- task: MicrosoftSecurityDevOps@1
displayName: 'Microsoft Security DevOps'
inputs:
tools: 'terrascan,credscan,trivy'
env:
trivy_input: '/tmp/$(apiImageNameAndVersion).tar'
I am trying to use Trivy task to scan the local image which has been built by using Buildah. I am using the following Task set up to run the scan on a local image cache (.tar file):
The Trivy task fails with the following error:
/nc/_work/_msdo/packages/nuget/Microsoft.Guardian.TrivyRedist_linux_amd64.0.45.0/tools/trivy "image --input" --exit-code 100 --format sarif --output /nc/_work/10/s/.gdn/.r/trivy/001/trivy.sarif /tmp/my-buildah-imagename.tar
Error: unknown flag: --exit-code
I want to know if this is the right approach to scan a local image built using Buildah and:
--input
flag in the action?This is the screenshot of the command and error message from Azure DevOps build log page: