Trivy Operator#
License: Apache 2.0
We use Trivy to actively scan all images in running clusters. Scan results are available by querying report objects in Kubernetes, through Headlamp, in Grafana dashboards, and with a CI building block. Trivy also keeps track of CIS Benchmark compliance.
Links#
-
Releases: https://github.com/aquasecurity/trivy-operator/releases
-
Documentation:
- General Documentation: https://aquasecurity.github.io/trivy-operator/
- Upgrade Documentation: https://aquasecurity.github.io/trivy-operator/latest/getting-started/installation/upgrade/
-
Helm:
-
Implementation:
- Install Trivy
- Allow user access to Trivy reports
Viewing Vulnerabilities#
Examples of how to view vulnerabilities can be found in the user documentation.
Update Concerns#
- There is no official upgrade path. We normally taint the Trivy Helm release in Terraform to uninstall and reinstall the latest version.