Diposting kali ini, akan mengenalkan software trivy sebagai tools untuk pengecekan dan analisa vulnerability yang terdapat pada container docker dengan kelebihan pengecekan seperti OS Package (Alpine, RHEL, Centos, Debian, Ubuntu, Amzon dan Distroless) dan Library Package. Berikut tahapan installasi pada Ubuntu dan RHEL/Centos serta pemakaian secara default.
Install Trivy on Ubuntu
sudo sudo apt-get install wget apt-transport-https gnupg lsb-release
wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -
echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list.d/trivy.list
sudo apt-get update
sudo apt-get install trivy
Install Trivy on RHEL/Centos
sudo vim /etc/yum.repos.d/trivy.repo
[trivy] name=Trivy repository baseurl=https://aquasecurity.github.io/trivy-repo/rpm/releases/$releasever/$basearch/ gpgcheck=0 enabled=1
sudo yum -y update
sudo yum -y install trivy
Usage Trivy
trivy name_docker_image
Example trivy tomcat:8
Link Referensi : https://github.com/aquasecurity/trivy#installation