diff --git a/docs/docs/references/configuration/cli/trivy_kubernetes.md b/docs/docs/references/configuration/cli/trivy_kubernetes.md index 6b499ee7ee..9b25602679 100644 --- a/docs/docs/references/configuration/cli/trivy_kubernetes.md +++ b/docs/docs/references/configuration/cli/trivy_kubernetes.md @@ -51,6 +51,7 @@ trivy kubernetes [flags] { cluster | all | specific resources like kubectl. eg: --ignore-policy string specify the Rego file path to evaluate each vulnerability --ignore-unfixed display only fixed vulnerabilities --ignorefile string specify .trivyignore file (default ".trivyignore") + --image-src strings image source(s) to use, in priority order (docker,containerd,podman,remote) (default [docker,containerd,podman,remote]) --include-non-failures include successes and exceptions, available with '--scanners config' --java-db-repository string OCI repository to retrieve trivy-java-db from (default "ghcr.io/aquasecurity/trivy-java-db") --k8s-version string specify k8s version to validate outdated api by it (example: 1.21.0) diff --git a/pkg/commands/app.go b/pkg/commands/app.go index 0ad5ddba86..f640a8dc43 100644 --- a/pkg/commands/app.go +++ b/pkg/commands/app.go @@ -807,6 +807,9 @@ func NewKubernetesCommand(globalFlags *flag.GlobalFlagGroup) *cobra.Command { ) scanFlags.Scanners = &scanners + // required only SourceFlag + imageFlags := &flag.ImageFlagGroup{ImageSources: &flag.SourceFlag} + reportFlagGroup := flag.NewReportFlagGroup() compliance := flag.ComplianceFlag compliance.Usage += fmt.Sprintf(" (%s,%s, %s, %s)", types.ComplianceK8sNsa, types.ComplianceK8sCIS, types.ComplianceK8sPSSBaseline, types.ComplianceK8sPSSRestricted) @@ -816,6 +819,7 @@ func NewKubernetesCommand(globalFlags *flag.GlobalFlagGroup) *cobra.Command { k8sFlags := &flag.Flags{ CacheFlagGroup: flag.NewCacheFlagGroup(), DBFlagGroup: flag.NewDBFlagGroup(), + ImageFlagGroup: imageFlags, K8sFlagGroup: flag.NewK8sFlagGroup(), // kubernetes-specific flags MisconfFlagGroup: flag.NewMisconfFlagGroup(), RegoFlagGroup: flag.NewRegoFlagGroup(),