Highest Voted 'trivy' Questions

0

votes

1 answer

Trivy scan image from within a container

So I am having an issue: I have a running container of jenkins which does some CI steps I downloaded on that jenkins container trivy inside it. In the CI pipeline if I wish to scan a docker image with trivy it says: FATAL scan error: image scan…

asked Jan 27 '23 at 13:57

Lev Meshorer

1

0

votes

1 answer

Strimzi-Images :Image with vulnerabilities

I have configured kafka using strimzi operator with 3 replicas in bare metal server .Everything is working fine(producer and consumer).My client is asking that Kafka images with 0 vulnerablities .when i scan images using trivy it is reporting some…

docker apache-kafka strimzi trivy

asked Dec 28 '22 at 07:00

Latha

7
5

0

votes

1 answer

Trivy Scan with Openshift internal registry | how to authenticate against openshift registry with trivy

I am currently using the trivy scanner to scan images in the pipeline. This has worked very well until now. But recently it is necessary to scan the image from an internal Openshift registry. Unfortunately I have the problem that I do not know how…

authentication openshift trivy imagestream

asked Dec 12 '22 at 15:01

Karlito Brigante

28
5

0

votes

1 answer

Trivy on EKS unable to scan any images

I am trying to scan all images deployed on my EKS cluster I am setting up for high security (will be deployed to classified IL5 environment). Kubernetes v1.23, all worker nodes run on Bottlerocket OS. I expect images to be scanned and available in…

amazon-eks containerd trivy

asked Nov 12 '22 at 23:12

user1314147

174
1
5
25

0

votes

1 answer

Passing Trivy results to harbor

Before pushing an image into Harbor, I'm running a Trivy scan. Instead of having Trivy scan images again within harbor, I'm looking for a way to pass the JSON results from Trivy into harbor. trivy image hello_docker_compose_web --output results.json…

harbor trivy

asked Oct 27 '22 at 17:58

J'e

3,014
4
31
55

0

votes

0 answers

How to fix ssl-cert-snakeoil.key in Gitlab' Continuous Integration?

I am getting an error regarding ' /etc/ssl/private/ssl-cert-snakeoil.key' I am using Gitlab-cli for continous integration alongside Trivy Dockerfile FROM python:3.9.6-slim # set work directory WORKDIR /usr/src/app # set environment variables ENV…

dockerfile gitlab-ci trivy

asked Oct 19 '22 at 18:51

G20map

77
1
2
9

0

votes

0 answers

Trivy: Trim Table Output

We're trying to implement Trivy as the pipeline scanner solution in our pipelines and the table visualization is awesome. Although, it comes with information that are not so interesting on the ending, such as secrets and ssh keys (see image). Is…

cicd trivy

asked Sep 02 '22 at 19:13

Exiett

77
7

0

votes

1 answer

How to fix vulnerabilities found in DevOps container scans when they appear to come from dotnet-core runtime config files and not my actual project?

So when running a Trivy container scan on my dockerised dotnet 6 app during my devops pipeline, many times I discover critical vulnerabilities which break the build and I am not sure how to fix as they do not relate to files or dependencies in my…

security .net-core azure-devops dotnetcorecli trivy

asked Jul 21 '22 at 14:42

Hakaewt

49
1
7

0

votes

0 answers

I can't run scan task for trivy 0.24.2 in harbor

harbor 2.4 migrate from 2.3 get logs Jul 14 14:19:55 172.26.0.1 trivy-adapter[13699]: {"error":"running trivy: exit status 1: Incorrect Usage. flag provided but not defined: -format\n\nNAME:\n trivy - A simple and comprehensive vulnerability…

harbor trivy

asked Jul 18 '22 at 01:42

wyx

3,334
6
24
44

0

votes

1 answer

Cant scan local docker image using trivy

I am trying to can for vulnerabilities using trivy on a local docker image, but i am getting this error. docker run aquasec/trivy:0.28.0 image ansys/twindeployer/runtime-vnc:7005166 11s2022-05-19T22:22:02.519Z FATAL image scan error: scan…

docker local docker-registry trivy

asked May 19 '22 at 22:25

vrc

3
4

0

votes

1 answer

Can you download a docker image from a repository to a docker container without a running docker daemon?

I have a docker container with Trivy installed. I have a remote registry with docker images. and I would like to download the docker images to the container for scanning Challenges It is hard to run docker within a docker container for pulling the…

docker security docker-container trivy

asked May 16 '22 at 12:52

Esben Eickhardt

3,183
2
35
56

0

votes

1 answer

Harbor Vulnerability Scanner is frozen

I installed Harbor along with the Trivy scanner. During the scan, Redis gave an out of memory error. Foolishly, I performed FLUSHALL in it and now the page with the scan schedule is stuck. The scanner itself works and scans individual images, but…

redis harbor trivy

asked Nov 03 '21 at 10:49

vovagib

53
5

0

votes

2 answers

where is the docker image stored in gitlab ci?

I have build a docker image successfully and tag it as testdock:latest ($CI_REGISTRY_IMAGE:latest) the $CI_REGISTRY variable is kept in GitLab project variable. I have another stage , to start scanning the testdock image by using Trivy: the process…

docker gitlab-ci trivy

asked Oct 21 '21 at 04:41

user2201789

1,083
2
20
45

0

votes

1 answer

How to check if trivy is up and running

Trivy scanner documentation does not mention how to test if trivy server is up and running (a simple API call by a monitoring check would be fine in docs). https://aquasecurity.github.io/trivy $ curl http://trivy.local:8080 404 page not found Of…

docker security monitoring image-scanner trivy

asked Oct 20 '21 at 13:40

Daniel Andrzejewski

470
4
10

0

votes

1 answer

Upload Trivy result.json file to DefectDojo

I am using trivy to do docker scanning and then saving the output into result.json file. Now I am trying to send the file to DefectDojo to visualize it there, how can I do that?

devops application-security devsecops trivy

asked Aug 31 '21 at 10:13

user16133873

Questions tagged [trivy]