Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

refactor(misconf): Merging trivy-iac into Trivy #5626

Closed
simar7 opened this issue Nov 21, 2023 · 0 comments · Fixed by #6005 or #6109
Closed

refactor(misconf): Merging trivy-iac into Trivy #5626

simar7 opened this issue Nov 21, 2023 · 0 comments · Fixed by #6005 or #6109
Assignees
@simar7
Labels
kind/feature Categorizes issue or PR as related to a new feature. scan/misconfiguration Issues relating to misconfiguration scanning
Milestone
v0.50.0

Comments

@simar7
Copy link
Member

simar7 commented Nov 21, 2023

After several discussions it was concluded that it might be best to merge trivy-iac into Trivy. This has several benefits:

  1. trivy-iac release can be coupled with Trivy. This will reduce co-ordination between the two projects, previously defsec (now trivy-iac) will have to release first, and then be incorporated into Trivy.
  2. Easier contribution workflow: New services added to misconfiguration scanning can be directly added to Trivy as misconfiguration scanning is a core component of Trivy.

This transition will follow the fanal model. We plan to integrate trivy-iac into Trivy in a similar fashion.

As for trivy-policies it will remain as-is but will be renamed trivy-checks more on that in this issue: #5609

As for trivy-aws, it will remain as-is for now. In the future, it will be converted into a Trivy plugin, thereby eliminating and AWS SDK dependencies from within Trivy, thereby reducing the overall dependency footprint of Trivy.
@simar7 simar7 added kind/feature Categorizes issue or PR as related to a new feature. scan/misconfiguration Issues relating to misconfiguration scanning labels Nov 21, 2023
@simar7 simar7 self-assigned this Nov 21, 2023
@simar7 simar7 added this to the v0.48.0 milestone Nov 21, 2023
This was referenced Nov 21, 2023
Merged
Merged
Merged
Closed
@simar7 simar7 removed this from the v0.48.0 milestone Nov 24, 2023
@nikpivkin nikpivkin mentioned this issue Dec 4, 2023
Closed
6 tasks
This was referenced Jan 25, 2024
Merged
Closed
Closed
@knqyf263 knqyf263 mentioned this issue Feb 12, 2024
Closed
@simar7 simar7 mentioned this issue Feb 13, 2024
Merged
9 tasks
@simar7 simar7 added this to the v0.50.0 milestone Feb 28, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@simar7 simar7

Labels
kind/feature Categorizes issue or PR as related to a new feature. scan/misconfiguration Issues relating to misconfiguration scanning
Projects
Trivy Roadmap
Archived in project
Milestone
v0.50.0
1 participant
@simar7