trivy
Installation
Entrypoint
Types
Trivy
Scan
- output()
- report()

trivy

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more.

Installation

dagger install github.com/sagikazarmark/daggerverse/trivy@a2a82eaee0a9f6668ee7f191de08c9fc61d7b3dc

Entrypoint

Return Type

Trivy !

Arguments

Name	Type	Default Value	Description
version	String	-	Version (image tag) to use from the official image repository as a base container.
container	Container	-	Custom container to use as a base container. Takes precedence over version.
config	File	-	Trivy configuration file.
cache	CacheVolume	-	Persist Trivy cache between runs.
databaseRepository	String	-	OCI repository to retrieve trivy-db from. (default "ghcr.io/aquasecurity/trivy-db:2")
warmDatabaseCache	Boolean	-	Warm the vulnerability database cache.

Example

dagger -m github.com/sagikazarmark/daggerverse/trivy@a2a82eaee0a9f6668ee7f191de08c9fc61d7b3dc call \

func (m *myModule) example() *Trivy  {
	return dag.
			Trivy()
}

@function
def example() -> dag.Trivy:
	return (
		dag.trivy()
	)

@func()
example(): Trivy {
	return dag
		.trivy()
}

Types

Trivy 🔗

image() 🔗

Scan a container image.

See https://aquasecurity.github.io/trivy/latest/docs/target/container_image/ for more information.

Return Type

Scan !

Arguments

Name	Type	Default Value	Description
image	String !	-	Name of the image to scan.
config	File	-	Trivy configuration file.

Example

dagger -m github.com/sagikazarmark/daggerverse/trivy@a2a82eaee0a9f6668ee7f191de08c9fc61d7b3dc call \
 image --image string

func (m *myModule) example(image string) *TrivyScan  {
	return dag.
			Trivy().
			Image(image)
}

@function
def example(image: str) -> dag.TrivyScan:
	return (
		dag.trivy()
		.image(image)
	)

@func()
example(image: string): TrivyScan {
	return dag
		.trivy()
		.image(image)
}

imageTarball() 🔗

Scan a container image tarball.

See https://aquasecurity.github.io/trivy/latest/docs/target/container_image/ for more information.

Return Type

Scan !

Arguments

Name	Type	Default Value	Description
image	File !	-	Input file to the image (to use instead of pulling).
config	File	-	Trivy configuration file.

Example

dagger -m github.com/sagikazarmark/daggerverse/trivy@a2a82eaee0a9f6668ee7f191de08c9fc61d7b3dc call \
 image-tarball --image file:path

func (m *myModule) example(image *File) *TrivyScan  {
	return dag.
			Trivy().
			ImageTarball(image)
}

@function
def example(image: dagger.File) -> dag.TrivyScan:
	return (
		dag.trivy()
		.image_tarball(image)
	)

@func()
example(image: File): TrivyScan {
	return dag
		.trivy()
		.imageTarball(image)
}

container() 🔗

Scan a container.

See https://aquasecurity.github.io/trivy/latest/docs/target/container_image/ for more information.

Return Type

Scan !

Arguments

Name	Type	Default Value	Description
container	Container !	-	Image container to scan.
config	File	-	Trivy configuration file.

Example

dagger -m github.com/sagikazarmark/daggerverse/trivy@a2a82eaee0a9f6668ee7f191de08c9fc61d7b3dc call \
 container --container IMAGE:TAG

func (m *myModule) example(container *Container) *TrivyScan  {
	return dag.
			Trivy().
			Container(container)
}

@function
def example(container: dagger.Container) -> dag.TrivyScan:
	return (
		dag.trivy()
		.container(container)
	)

@func()
example(container: Container): TrivyScan {
	return dag
		.trivy()
		.container(container)
}

helmChart() 🔗

Scan a Helm chart.

Return Type

Scan !

Arguments

Name	Type	Default Value	Description
chart	File !	-	Helm chart package to scan.
set	[String ! ]	-	Inline values for the Helm chart (equivalent of --set parameter of the helm install command).
setString	[String ! ]	-	Inline values for the Helm chart (equivalent of --set-string parameter of the helm install command).
values	[File ! ]	-	Values files for the Helm chart (equivalent of --values parameter of the helm install command).
kubeVersion	String	-	Kubernetes version used for Capabilities.KubeVersion.
apiVersions	[String ! ]	-	Available API versions used for Capabilities.APIVersions.
config	File	-	Trivy configuration file.

Example

dagger -m github.com/sagikazarmark/daggerverse/trivy@a2a82eaee0a9f6668ee7f191de08c9fc61d7b3dc call \
 helm-chart --chart file:path

func (m *myModule) example(chart *File) *TrivyScan  {
	return dag.
			Trivy().
			HelmChart(chart)
}

@function
def example(chart: dagger.File) -> dag.TrivyScan:
	return (
		dag.trivy()
		.helm_chart(chart)
	)

@func()
example(chart: File): TrivyScan {
	return dag
		.trivy()
		.helmChart(chart)
}

filesystem() 🔗

Scan a filesystem.

See https://aquasecurity.github.io/trivy/latest/docs/target/filesystem/ for more information.

Return Type

Scan !

Arguments

Name	Type	Default Value	Description
directory	Directory !	-	Directory to scan.
target	String	"."	Subpath within the directory to scan.
config	File	-	Trivy configuration file.

Example

dagger -m github.com/sagikazarmark/daggerverse/trivy@a2a82eaee0a9f6668ee7f191de08c9fc61d7b3dc call \
 filesystem --directory DIR_PATH

func (m *myModule) example(directory *Directory) *TrivyScan  {
	return dag.
			Trivy().
			Filesystem(directory)
}

@function
def example(directory: dagger.Directory) -> dag.TrivyScan:
	return (
		dag.trivy()
		.filesystem(directory)
	)

@func()
example(directory: Directory): TrivyScan {
	return dag
		.trivy()
		.filesystem(directory)
}

rootfs() 🔗

Scan a root filesystem.

See https://aquasecurity.github.io/trivy/latest/docs/target/rootfs/ for more information.

Return Type

Scan !

Arguments

Name	Type	Default Value	Description
directory	Directory !	-	Directory to scan.
target	String	"."	Subpath within the directory to scan.
config	File	-	Trivy configuration file.

Example

dagger -m github.com/sagikazarmark/daggerverse/trivy@a2a82eaee0a9f6668ee7f191de08c9fc61d7b3dc call \
 rootfs --directory DIR_PATH

func (m *myModule) example(directory *Directory) *TrivyScan  {
	return dag.
			Trivy().
			Rootfs(directory)
}

@function
def example(directory: dagger.Directory) -> dag.TrivyScan:
	return (
		dag.trivy()
		.rootfs(directory)
	)

@func()
example(directory: Directory): TrivyScan {
	return dag
		.trivy()
		.rootfs(directory)
}

binary() 🔗

Scan a binary.

This is a convenience method to scan a binary file that normally falls under the rootfs target.

See https://aquasecurity.github.io/trivy/latest/docs/target/rootfs/ for more information.

Return Type

Scan !

Arguments

Name	Type	Default Value	Description
binary	File !	-	Binary to scan.
config	File	-	Trivy configuration file.

Example

dagger -m github.com/sagikazarmark/daggerverse/trivy@a2a82eaee0a9f6668ee7f191de08c9fc61d7b3dc call \
 binary --binary file:path

func (m *myModule) example(binary *File) *TrivyScan  {
	return dag.
			Trivy().
			Binary(binary)
}

@function
def example(binary: dagger.File) -> dag.TrivyScan:
	return (
		dag.trivy()
		.binary(binary)
	)

@func()
example(binary: File): TrivyScan {
	return dag
		.trivy()
		.binary(binary)
}

sbom() 🔗

Scan an SBOM.

See https://aquasecurity.github.io/trivy/latest/docs/target/sbom/ for more information.

Return Type

Scan !

Arguments

Name	Type	Default Value	Description
sbom	File !	-	SBOM to scan.
config	File	-	Trivy configuration file.

Example

dagger -m github.com/sagikazarmark/daggerverse/trivy@a2a82eaee0a9f6668ee7f191de08c9fc61d7b3dc call \
 sbom --sbom file:path

func (m *myModule) example(sbom *File) *TrivyScan  {
	return dag.
			Trivy().
			Sbom(sbom)
}

@function
def example(sbom: dagger.File) -> dag.TrivyScan:
	return (
		dag.trivy()
		.sbom(sbom)
	)

@func()
example(sbom: File): TrivyScan {
	return dag
		.trivy()
		.sbom(sbom)
}

Scan 🔗

output() 🔗

Get the scan results.

Return Type

String !

Arguments

Name	Type	Default Value	Description
format	Enum	-	Trivy report format.

Example

dagger -m github.com/sagikazarmark/daggerverse/trivy@a2a82eaee0a9f6668ee7f191de08c9fc61d7b3dc call \
 sbom --sbom file:path \
 output

func (m *myModule) example(ctx context.Context, sbom *File) string  {
	return dag.
			Trivy().
			Sbom(sbom).
			Output(ctx)
}

@function
async def example(sbom: dagger.File) -> str:
	return await (
		dag.trivy()
		.sbom(sbom)
		.output()
	)

@func()
async example(sbom: File): Promise<string> {
	return dag
		.trivy()
		.sbom(sbom)
		.output()
}

report() 🔗

Get the scan report as a file.

Return Type

File !

Arguments

Name	Type	Default Value	Description
format	Enum !	-	Trivy report format.

Example

dagger -m github.com/sagikazarmark/daggerverse/trivy@a2a82eaee0a9f6668ee7f191de08c9fc61d7b3dc call \
 sbom --sbom file:path \
 report

func (m *myModule) example(sbom *File, format ) *File  {
	return dag.
			Trivy().
			Sbom(sbom).
			Report(format)
}

@function
def example(sbom: dagger.File, format: ) -> dagger.File:
	return (
		dag.trivy()
		.sbom(sbom)
		.report(format)
	)

@func()
example(sbom: File, format: ): File {
	return dag
		.trivy()
		.sbom(sbom)
		.report(format)
}