REST APIs for Trivy
Supported tags and respective Dockerfile
links:
・latest (versions/0.1/Dockerfile)
・0.1 (versions/0.1/Dockerfile)
・0.1-db (versions/0.1-db/Dockerfile)
$ docker run --name trivy -d --rm -p 9000:9000 \
-v "${HOME}/Library/Caches/trivy":/root/.cache/trivy \
pottava/trivy:0.1
Then wait about 30 minutes for building the vulnerability database.
Or
$ docker run --name trivy -d --rm -p 9000:9000 \
pottava/trivy:0.1-db
get repositories (API spec)
$ curl -s -X GET -H 'Content-Type:application/json' \
"http://localhost:9000/api/v1/images/python%3A3.4.10-alpine3.9/vulnerabilities" \
| jq .
{
"Count": 1,
"Vulnerabilities": [
{
"Description": "ChaCha20-Poly1305 is ...",
"FixedVersion": "1.1.1b-r1",
"InstalledVersion": "1.1.1a-r1",
"PkgName": "openssl",
"References": [
"https://www.openssl.org/news/secadv/20190306.txt",
"..."
],
"Severity": "MEDIUM",
"Title": "openssl: ChaCha20-Poly1305 with long nonces",
"VulnerabilityID": "CVE-2019-1543"
}
]
}
$ curl -s -X GET -H 'Content-Type:application/json' \
"http://localhost:9000/api/v1/images/envoyproxy%2Fenvoy-alpine%3Av1.10.0/vulnerabilities?skip-update=yes" \
| jq -r ".Count"
1