oowy/trivy

By oowy

Updated 3 days ago

Trivy Docker image base on Alpine linux, for efficient container management.

Image
Security
0

100K+

Quick reference

Supported tags

Based on Alpine Linux 3.20

  • latest
  • 0.58.1-alpine3.200.58.0-alpine3.20

Based on Alpine Linux 3.19

  • 0.57.1-alpine3.190.57.0-alpine3.190.56.2-alpine3.190.56.1-alpine3.190.56.0-alpine3.190.55.2-alpine3.190.55.1-alpine3.190.55.0-alpine3.190.54.1-alpine3.190.54.0-alpine3.190.53.0-alpine3.190.52.2-alpine3.190.52.1-alpine3.190.52.0-alpine3.190.51.4-alpine3.190.51.2-alpine3.190.51.1-alpine3.190.51.0-alpine3.190.50.4-alpine3.190.50.2-alpine3.190.50.1-alpine3.190.50.0-alpine3.190.49.1-alpine3.190.49.0-alpine3.190.48.3-alpine3.190.48.2-alpine3.190.48.1-alpine3.190.48.0-alpine3.190.47.0-alpine3.190.46.1-alpine3.190.46.0-alpine3.19

Based on Alpine Linux 3.18

  • 0.54.1-alpine3.180.54.0-alpine3.180.53.0-alpine3.180.52.2-alpine3.180.52.1-alpine3.180.52.0-alpine3.180.51.4-alpine3.180.51.2-alpine3.180.51.1-alpine3.180.51.0-alpine3.180.50.4-alpine3.180.50.2-alpine3.180.50.1-alpine3.180.50.0-alpine3.180.49.1-alpine3.180.49.0-alpine3.180.48.3-alpine3.180.48.2-alpine3.180.48.1-alpine3.180.48.0-alpine3.180.47.0-alpine3.180.46.1-alpine3.180.46.0-alpine3.18

Quick reference (cont.)

  • Supported architectures: amd64, arm64v8

What is Trivy?

Trivy is an open-source vulnerability scanner for containers and applications. Created by Aqua Security, Trivy is designed to detect and report security vulnerabilities in container images, as well as in application dependencies like programming languages, libraries, and frameworks.

Running Trivy inside a Docker container requires more configuration than running the Trivy executables directly. Unless you need container isolation, we recommend using [the non-containerized Trivy packages](the non-containerized Trivy packages).

logo

Trivy Docker Images

The team publishes a Docker image to this repository for each official release of Trivy. Each versioned image includes the Trivy release with the same version number.

These images wrap the Trivy executable, allowing you to run Trivy subcommands by passing in their names and arguments as part of docker run.

For example, the command below uses the 'latest' tag to generate a 'plan' using the most recent version of Trivy:

  docker run -i -t oowy/trivy:latest

Note that for production use, we recommend specifying a specific version instead of using latest.

Configuration

You will likely need to further configure your container so that Trivy can access your configuration files and provider credentials. This could include mounting your configuration into the container, setting the working directory to refer to your configuration, and passing in environment variables and credentials files for the providers you intend to use. The docker run documentation lists the options you can use to customize the container environment. You could also use these images as a base for your own images. For example, this would be helpful if you wanted to to pre-set CLI Configuration settings as part of your image.

Community

Open issues about Trivy binary on the main Trivy repository.

Docker Pull Command

docker pull oowy/trivy