trivy: edit page (#12405)

* trivy: edit page

* Update pages/common/trivy.md

Co-authored-by: Juri Dispan <juri.dispan@posteo.net>

* Update pages/common/trivy.md

Co-authored-by: Juri Dispan <juri.dispan@posteo.net>

* Update pages/common/trivy.md

---------

Co-authored-by: Juri Dispan <juri.dispan@posteo.net>
Co-authored-by: K.B.Dharun Krishna <kbdharunkrishna@gmail.com>
pull/23/head
Fazle Arefin 2024-03-02 17:29:34 +11:00 committed by GitHub
parent c5b165b31a
commit e0f798426d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 19 additions and 3 deletions

View File

@ -1,20 +1,36 @@
# trivy # trivy
> Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues. > Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues.
> More information: <https://github.com/aquasecurity/trivy>. > More information: <https://aquasecurity.github.io/trivy>.
- Scan an image: - Scan a Docker image for vulnerabilities and exposed secrets:
`trivy image {{image:tag}}` `trivy image {{image:tag}}`
- Scan a Docker image filtering the output by severity:
`trivy image --severity {{HIGH,CRITICAL}} {{alpine:3.15}}`
- Scan a Docker image ignoring any unfixed/unpatched vulnerabilities:
`trivy image --ignore-unfixed {{alpine:3.15}}`
- Scan the filesystem for vulnerabilities and misconfigurations: - Scan the filesystem for vulnerabilities and misconfigurations:
`trivy fs --security-checks {{vuln,config}} {{path/to/project_directory}}` `trivy fs --security-checks {{vuln,config}} {{path/to/project_directory}}`
- Scan a directory for misconfigurations: - Scan a IaC (Terraform, CloudFormation, ARM, Helm and Dockerfile) directory for misconfigurations:
`trivy config {{path/to/iac_directory}}` `trivy config {{path/to/iac_directory}}`
- Scan a local or remote Git repository for vulnerabilities:
`trivy repo {{path/to/local_repository_directory|remote_repository_URL}}`
- Scan a Git repository up to a specific commit hash:
`trivy repo --commit {{commit_hash}} {{repository}}`
- Generate output with a SARIF template: - Generate output with a SARIF template:
`trivy image --format {{template}} --template {{"@sarif.tpl"}} -o {{path/to/report.sarif}} {{image:tag}}` `trivy image --format {{template}} --template {{"@sarif.tpl"}} -o {{path/to/report.sarif}} {{image:tag}}`