Skip to content
This repository has been archived by the owner on Jun 6, 2023. It is now read-only.

ObjectifLibre/helm-trivy

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
scripts
scripts
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 
plugin.yaml
plugin.yaml
 
 

Repository files navigation

Helm-trivy

This is a small helm plugin that performs vulnerability scans on container images used by charts. It was inspired by Snyk.io's helm-snyk plugin. It uses aquasec's trivy instead of Snyk.io for vulnerability scanning. To be fair, I found in my testing that Snyk had better results, but trivy isn't far (and it's free).

Installation

Just like any helm plugin, use the helm plugin subcommand:

helm plugin install  https://github.com/ObjectifLibre/helm-trivy

Currently avalaible for linux and mac platforms.

Usage

Usage: helm trivy [options] <helm chart>
Example: helm trivy -json stable/mariadb

Options:
  --debug
    	Enable debug logging
  --json
    	Enable JSON output
  --nopull
    	Don't pull latest trivy image
  --set string
    	Values to set for helm chart, format: 'key1=value1,key2=value2'
  --trivyargs string
    	CLI args to passthrough to trivy
  --values string
    	Specify chart values in a YAML file or a URL
  --version string
    	Specify chart version

Some examples:

Output only high and critical severity vulnerabilities:

helm trivy -trivyargs '--severity HIGH,CRITICAL' stable/mariadb

Get a JSON array with scan results:

helm trivy -json stable/wordpress

About

No description, website, or topics provided.

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

12 stars

Watchers

6 watching

Forks

10 forks
Report repository

Releases 3

0.1.2 Latest
Jan 15, 2020
+ 2 releases

Packages

No packages published

Contributors 2

  •  
  •  

Languages