mirror of
https://github.com/aquasecurity/trivy.git
synced 2025-12-21 06:43:05 -08:00
fix(k8s): add image sources (#4411)
This commit is contained in:
DmitriyLewen
@@ -51,6 +51,7 @@ trivy kubernetes [flags] { cluster | all | specific resources like kubectl. eg:
|
||||
--ignore-policy string specify the Rego file path to evaluate each vulnerability
|
||||
--ignore-unfixed display only fixed vulnerabilities
|
||||
--ignorefile string specify .trivyignore file (default ".trivyignore")
|
||||
--image-src strings image source(s) to use, in priority order (docker,containerd,podman,remote) (default [docker,containerd,podman,remote])
|
||||
--include-non-failures include successes and exceptions, available with '--scanners config'
|
||||
--java-db-repository string OCI repository to retrieve trivy-java-db from (default "ghcr.io/aquasecurity/trivy-java-db")
|
||||
--k8s-version string specify k8s version to validate outdated api by it (example: 1.21.0)
|
||||
|
||||
@@ -807,6 +807,9 @@ func NewKubernetesCommand(globalFlags *flag.GlobalFlagGroup) *cobra.Command {
|
||||
)
|
||||
scanFlags.Scanners = &scanners
|
||||
|
||||
// required only SourceFlag
|
||||
imageFlags := &flag.ImageFlagGroup{ImageSources: &flag.SourceFlag}
|
||||
|
||||
reportFlagGroup := flag.NewReportFlagGroup()
|
||||
compliance := flag.ComplianceFlag
|
||||
compliance.Usage += fmt.Sprintf(" (%s,%s, %s, %s)", types.ComplianceK8sNsa, types.ComplianceK8sCIS, types.ComplianceK8sPSSBaseline, types.ComplianceK8sPSSRestricted)
|
||||
@@ -816,6 +819,7 @@ func NewKubernetesCommand(globalFlags *flag.GlobalFlagGroup) *cobra.Command {
|
||||
k8sFlags := &flag.Flags{
|
||||
CacheFlagGroup: flag.NewCacheFlagGroup(),
|
||||
DBFlagGroup: flag.NewDBFlagGroup(),
|
||||
ImageFlagGroup: imageFlags,
|
||||
K8sFlagGroup: flag.NewK8sFlagGroup(), // kubernetes-specific flags
|
||||
MisconfFlagGroup: flag.NewMisconfFlagGroup(),
|
||||
RegoFlagGroup: flag.NewRegoFlagGroup(),
|
||||
|
||||
Reference in New Issue
Block a user