Skip to content

Trivy Operator#

Trivy Ooperator Logo

License: Apache 2.0

We use Trivy to actively scan all images in running clusters. Scan results are available by querying report objects in Kubernetes, through Headlamp, in Grafana dashboards, and with a CI building block. Trivy also keeps track of CIS Benchmark compliance.

Viewing Vulnerabilities#

Examples of how to view vulnerabilities can be found in the user documentation.

Update Concerns#

  • There is no official upgrade path. We normally taint the Trivy Helm release in Terraform to uninstall and reinstall the latest version.