Go To All Steps
Codefresh Steps: Reusable Code for Common Operations
This page provides code you can use to perform common operations in the Codefresh CI/CD platform.
1.4K

trivy-scan trivy-scan

The step scans the list of docker images and sends the report to a Slack webhook URL.

arguments

  • GITHUB_TOKEN - GitHub API token
  • IMAGES_FILE - Path to the file with list of images to scan
  • IMAGES_LIST - Images to scan
  • SKIP_EMPTY - Do not attach to the report message images with empty vulnerabilities list
  • SLACK_INCOMING_URL - Slack webhook notification URL
  • TRIVY_IGNORE_FILE - specify .trivyignore file
  • TRIVY_IGNORE_LIST - List of CVEs to ingnore
  • TRIVY_PASSWORD - DockerHub password
  • TRIVY_USERNAME - DockerHub username
    scan:
  title: Scan images
  type: trivy-scan
  arguments:
    GITHUB_TOKEN: '${{GITHUB_TOKEN}}'
    SLACK_INCOMING_URL: 'https://my.slack.url'
    IMAGES_LIST:
      - 'image1:tag'
      - 'image2:tag'
github.com
Pavel Nosovets
May 17, 2023
source