REST APIs for Trivy

Supported tags and respective Dockerfile links:
・latest (versions/0.1/Dockerfile)
・0.1 (versions/0.1/Dockerfile)
・0.1-db (versions/0.1-db/Dockerfile)

Usage

Run the API server

$ docker run --name trivy -d --rm -p 9000:9000 \
    -v "${HOME}/Library/Caches/trivy":/root/.cache/trivy \
    pottava/trivy:0.1

Then wait about 30 minutes for building the vulnerability database.
Or

$ docker run --name trivy -d --rm -p 9000:9000 \
    pottava/trivy:0.1-db

Consume APIs

get repositories (API spec)

$ curl -s -X GET -H 'Content-Type:application/json' \
  "http://localhost:9000/api/v1/images/python%3A3.4.10-alpine3.9/vulnerabilities" \
  | jq .
{
  "Count": 1,
  "Vulnerabilities": [
    {
      "Description": "ChaCha20-Poly1305 is ...",
      "FixedVersion": "1.1.1b-r1",
      "InstalledVersion": "1.1.1a-r1",
      "PkgName": "openssl",
      "References": [
        "https://www.openssl.org/news/secadv/20190306.txt",
        "..."
      ],
      "Severity": "MEDIUM",
      "Title": "openssl: ChaCha20-Poly1305 with long nonces",
      "VulnerabilityID": "CVE-2019-1543"
    }
  ]
}
$ curl -s -X GET -H 'Content-Type:application/json' \
  "http://localhost:9000/api/v1/images/envoyproxy%2Fenvoy-alpine%3Av1.10.0/vulnerabilities?skip-update=yes" \
  | jq -r ".Count"
1