trivy
Installation
Entrypoint
Types
Trivy
- container()
- helmChart()
Scan
- output()
- report()

trivy

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more.

Example (Container)

no available example in current language

// This example showcases how to scan a container with Trivy.
func (m *Examples) Trivy_Container(ctx context.Context) error {
	// Initialize Trivy module
	// See "New" example.
	trivy := m.trivy()

	// Grab or build a container
	container := dag.Container().From("alpine:latest")

	// Scan the container
	scan := trivy.Container(container)

	// See "Output" example.
	_, err := scan.Output(ctx)
	if err != nil {
		return err
	}

	return nil
}

no available example in current language

no available example in current language

Example (New)

no available example in current language

// This example showcases how to initialize the Trivy module.
func (m *Examples) Trivy_New() {
	dag.Trivy(dagger.TrivyOpts{
		// Persist cache between runs
		Cache: dag.CacheVolume("trivy"),

		// Preheat vulnerability database cache
		WarmDatabaseCache: true,
	})
}

no available example in current language

no available example in current language

Example (Helm)

no available example in current language

// This example showcases how to scan a Helm chart with Trivy.
func (m *Examples) Trivy_Helm(ctx context.Context) error {
	// Initialize Trivy module
	// See "New" example.
	trivy := m.trivy()

	// Grab or build a Helm chart package
	chart := dag.Helm().Create("foo").Package()

	// Scan the Helm chart
	scan := trivy.HelmChart(chart.File())

	// See "Output" example.
	_, err := scan.Output(ctx)
	if err != nil {
		return err
	}

	return nil
}

no available example in current language

no available example in current language

Example (Output)

no available example in current language

// This example showcases how to initialize the Trivy module.
func (m *Examples) Trivy_Output(ctx context.Context) error {
	// Initialize Trivy module
	// See "New" example.
	trivy := m.trivy()

	// Scan resources
	scans := []*dagger.TrivyScan{
		trivy.Container(dag.Container().From("alpine:latest")),
		trivy.HelmChart(dag.Helm().Create("foo").Package().File()),
	}

	// Grab the the report output
	{
		output, err := scans[0].Output(ctx, dagger.TrivyScanOutputOpts{
			// This is the default, but you can pass a format to this function as well
			Format: "table",
		})
		if err != nil {
			return err
		}

		_ = output
	}

	// Grab the report as a file
	{
		output, err := scans[0].Report("json").Sync(ctx)
		if err != nil {
			return err
		}

		_ = output
	}

	return nil
}

no available example in current language

no available example in current language

Installation

dagger install github.com/sagikazarmark/daggerverse/trivy@v0.3.0

Entrypoint

Return Type

Trivy !

Arguments

Name	Type	Default Value	Description
version	String	-	Version (image tag) to use from the official image repository as a base container.
container	Container	-	Custom container to use as a base container. Takes precedence over version.
config	File	-	Trivy configuration file.
cache	CacheVolume	-	Persist Trivy cache between runs.
databaseRepository	String	-	OCI repository to retrieve trivy-db from. (default "ghcr.io/aquasecurity/trivy-db:2")
warmDatabaseCache	Boolean	-	Warm the vulnerability database cache.

Example

dagger -m github.com/sagikazarmark/daggerverse/trivy@8d2665e05677098f4633c37298b01c0ab924235b call \

func (m *MyModule) Example() *dagger.Trivy  {
	return dag.
			Trivy()
}

@function
def example() -> dagger.Trivy:
	return (
		dag.trivy()
	)

@func()
example(): Trivy {
	return dag
		.trivy()
}

Types

Trivy 🔗

container() 🔗

Scan a container.

Return Type

Scan !

Arguments

Name	Type	Default Value	Description
container	Container !	-	Image container to scan.
config	File	-	Trivy configuration file.

Example

dagger -m github.com/sagikazarmark/daggerverse/trivy@8d2665e05677098f4633c37298b01c0ab924235b call \
 container --container IMAGE:TAG

func (m *MyModule) Example(container *dagger.Container) *dagger.TrivyScan  {
	return dag.
			Trivy().
			Container(container)
}

@function
def example(container: dagger.Container) -> dagger.TrivyScan:
	return (
		dag.trivy()
		.container(container)
	)

@func()
example(container: Container): TrivyScan {
	return dag
		.trivy()
		.container(container)
}

helmChart() 🔗

Scan a Helm chart.

Return Type

Scan !

Arguments

Name	Type	Default Value	Description
chart	File !	-	Helm chart package to scan.
set	[String ! ]	-	Inline values for the Helm chart (equivalent of --set parameter of the helm install command).
setString	[String ! ]	-	Inline values for the Helm chart (equivalent of --set-string parameter of the helm install command).
values	[File ! ]	-	Values files for the Helm chart (equivalent of --values parameter of the helm install command).
kubeVersion	String	-	Kubernetes version used for Capabilities.KubeVersion.
apiVersions	[String ! ]	-	Available API versions used for Capabilities.APIVersions.
config	File	-	Trivy configuration file.

Example

dagger -m github.com/sagikazarmark/daggerverse/trivy@8d2665e05677098f4633c37298b01c0ab924235b call \
 helm-chart --chart file:path

func (m *MyModule) Example(chart *dagger.File) *dagger.TrivyScan  {
	return dag.
			Trivy().
			HelmChart(chart)
}

@function
def example(chart: dagger.File) -> dagger.TrivyScan:
	return (
		dag.trivy()
		.helm_chart(chart)
	)

@func()
example(chart: File): TrivyScan {
	return dag
		.trivy()
		.helmChart(chart)
}

Scan 🔗

output() 🔗

Get the scan results.

Return Type

String !

Arguments

Name	Type	Default Value	Description
format	String	-	Trivy report format.

Example

dagger -m github.com/sagikazarmark/daggerverse/trivy@8d2665e05677098f4633c37298b01c0ab924235b call \
 helm-chart --chart file:path \
 output

func (m *MyModule) Example(ctx context.Context, chart *dagger.File) string  {
	return dag.
			Trivy().
			HelmChart(chart).
			Output(ctx)
}

@function
async def example(chart: dagger.File) -> str:
	return await (
		dag.trivy()
		.helm_chart(chart)
		.output()
	)

@func()
async example(chart: File): Promise<string> {
	return dag
		.trivy()
		.helmChart(chart)
		.output()
}

report() 🔗

Get the scan report as a file.

Return Type

File !

Arguments

Name	Type	Default Value	Description
format	String !	-	Trivy report format.

Example

dagger -m github.com/sagikazarmark/daggerverse/trivy@8d2665e05677098f4633c37298b01c0ab924235b call \
 helm-chart --chart file:path \
 report --format string

func (m *MyModule) Example(chart *dagger.File, format string) *dagger.File  {
	return dag.
			Trivy().
			HelmChart(chart).
			Report(format)
}

@function
def example(chart: dagger.File, format: str) -> dagger.File:
	return (
		dag.trivy()
		.helm_chart(chart)
		.report(format)
	)

@func()
example(chart: File, format: string): File {
	return dag
		.trivy()
		.helmChart(chart)
		.report(format)
}