feat: Support custom URLs for builtin policies #4672
Assignees
Labels
kind/feature
Categorizes issue or PR as related to a new feature.
scan/misconfiguration
Issues relating to misconfiguration scanning
Comments
simar7
added
kind/feature
simar7
added a commit
that referenced
this issue
Jul 17, 2023
This PR adds support for custom policy bundles to be specified with a flag `--policy-bundle-url` as an option to Trivy. Fixes: #4672 Signed-off-by: Simar <simar@linux.com>
6 tasks
simar7
added a commit
that referenced
this issue
Jul 20, 2023
This PR adds support for custom policy bundles to be specified with a flag `--policy-bundle-url` as an option to Trivy. Fixes: #4672 Signed-off-by: Simar <simar@linux.com>
simar7
added a commit
that referenced
this issue
Jul 24, 2023
This PR adds support for custom policy bundles to be specified with a flag `--policy-bundle-url` as an option to Trivy. Fixes: #4672 Signed-off-by: Simar <simar@linux.com>
github-merge-queue bot
pushed a commit
that referenced
this issue
Jul 26, 2023
* feat(misconf): Support custom URLs for policy bundle This PR adds support for custom policy bundles to be specified with a flag `--policy-bundle-url` as an option to Trivy. Fixes: #4672 Signed-off-by: Simar <simar@linux.com> * update docs Signed-off-by: Simar <simar@linux.com> * rename flag to `--policy-bundle-repository` Signed-off-by: Simar <simar@linux.com> * fix field * rebase and update docs Signed-off-by: Simar <simar@linux.com> * set policyBundleRepo on client Signed-off-by: Simar <simar@linux.com> --------- Signed-off-by: Simar <simar@linux.com>
AnaisUrlichs
pushed a commit
to AnaisUrlichs/trivy
that referenced
this issue
Aug 10, 2023
* feat(misconf): Support custom URLs for policy bundle This PR adds support for custom policy bundles to be specified with a flag `--policy-bundle-url` as an option to Trivy. Fixes: aquasecurity#4672 Signed-off-by: Simar <simar@linux.com> * update docs Signed-off-by: Simar <simar@linux.com> * rename flag to `--policy-bundle-repository` Signed-off-by: Simar <simar@linux.com> * fix field * rebase and update docs Signed-off-by: Simar <simar@linux.com> * set policyBundleRepo on client Signed-off-by: Simar <simar@linux.com> --------- Signed-off-by: Simar <simar@linux.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
As with Trivy DB, we can add support for custom URLs for users to download the misconfiguration policy bundle from.
Discussed in #4651
Originally posted by danieljantosovic-ext54837 June 16, 2023
Question
Hello,
in our company we use Artifactory remote repositories as proxy to access registries on internet.
I'm able to configure our artifactory as DB_REPOSITORY , DOWNLOAD_URL and DOWNLOAD_BASE_URL and i can successfully scan for example filesystem , but when I try scan configuration trivy starts downloading updates of policies through ghcr.io directly.
Is there a way to redirect these updates to our artifactory too?
Thank you.
Target
Filesystem
Scanner
Misconfiguration
Output Format
Template
Mode
Standalone
Operating System
Ubunut 22.04
Version
The text was updated successfully, but these errors were encountered: