Skip to content

Introduce Trivy k8s wrapper image

Nick Ilieskou requested to merge introduce_trivy_k8s into main

What does this MR do?

  • Creates a command line tool app that can perform a Trivy scan
  • It receives 3 required flags:
    • endpoint: The endpoint to send the Vulnerability report
    • workloads: The workloads to be scanned
    • namespaces: The namespace to scan
  • The app validates the flags, performs the trivy scan and then sends the report through an HTTP request.
  • An Auth header is used with a JWT. The JWT is created using EdSDA pub/private keys.
  • A docker file that containerise the application.
  • A basic gitlab-ci.yml with basic functionality.
  • A test server is provided to test your application locally.

Why are we doing this?

We need to create a new Repo where we can store Trivy K8S Wrapper images. These images will be used by the gitlab-agent to perform OCS.

What are the relevant issue numbers?

Create a Trivy wrapper image (gitlab-org/gitlab#431320 - closed) Add authentication to the Trivy wrapper image (gitlab-org/gitlab#431331 - closed)

Edited by Nick Ilieskou

Merge request reports