Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.
Recipe explains about the following.
1. How to integrate trivy in Jenkins2. How to integrate trivy in Tekton
Note:
The full content of the recipe is available in GIT at the below location.
https://github.com/GandhiCloudLab/devsecops-with-trivy
The snapshots only given in this recipe here.
DevSecOps ensures the security by doing Vulnerability scanning on the container images. There are several tools available for image scanning.
Trivy is a Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI.
The more information on Trivy is available in https://github.com/aquasecurity/trivy
In this article, we will see, how to implement trivy in Jenkins and Tekton pipelines.
The CICD process contains several steps. There could be a step called Build Image that will build a image and Push the image to the image registry.
Need to split the step into 3 steps.
Build ImageTrivy ScanPush Image
Here is the modified pipeline.
You can see more information in
https://github.com/GandhiCloudLab/devsecops-with-trivy/#1-Integrating-Trivy-in-Jenkins
The CICD process contains several steps. There could be a step called Build that will build a image and Push the image to the image registry.
buildimage-scanpush
https://github.com/GandhiCloudLab/devsecops-with-trivy/#2-Integrating-Trivy-in-Tekton
Copy
By
Jeya Gandhi Rajan M
posted