trivy-gitlab

Usage

Container scanning

Example for docker socket binding

include:
    - remote: 'https://raw.githubusercontent.com/afdesk/trivy-gitlab/main/templates/jobs/container-scanning.gitlab-ci.yml'

variables:
    CONTAINER_TEST_IMAGE: $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA

stages:
    - build
    - test

build_img:
    stage: build
    script:
        - docker build -t $CONTAINER_TEST_IMAGE
        - docker login -u “$CI_REGISTRY_USER” -p “$CI_REGISTRY_PASSWORD” $CI_REGISTRY
        - docker push $CONTAINER_TEST_IMAGE
        - docker logout

trivy-container_scanning:
    stage: test
    variables:
        TS_IMAGE: $CONTAINER_TEST_IMAGE

Filesystem Scanning

include:
    - remote: 'https://raw.githubusercontent.com/afdesk/trivy-gitlab/main/templates/jobs/fs-scanning.gitlab-ci.yml'

stages:
    - test

trivy-fs_scanning:
    variables:
        GIT_STRATEGY: clone

If you are using docker-in-docker, just add the following:

image: docker:20.10

services:
    - docker:20.10-dind

Specific variables for the container scanner:

TS_IMAGE - name of the image to scan.

Name		Name	Last commit message	Last commit date
Latest commit History 59 Commits
.github/workflows		.github/workflows
cmd/trivy-gitlab		cmd/trivy-gitlab
dev		dev
docker		docker
examples		examples
internal/analyzer		internal/analyzer
templates/jobs		templates/jobs
.gitignore		.gitignore
.goreleaser.yaml		.goreleaser.yaml
.ruby-version		.ruby-version
LICENSE		LICENSE
README.md		README.md
go.mod		go.mod
go.sum		go.sum
plugin.yaml		plugin.yaml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

trivy-gitlab

Usage

Container scanning

Filesystem Scanning

About

Releases 1

Packages

Contributors 2

Languages

License

afdesk/trivy-gitlab

Folders and files

Latest commit

History

Repository files navigation

trivy-gitlab

Usage

Container scanning

Filesystem Scanning

About

Resources

License

Stars

Watchers

Forks

Releases 1

Packages 0

Contributors 2

Languages

Packages