Securing Container Image using trivy in CICD Pipeline
Hello Everyone I hope you guys are doing well. In this blog, I am going to explain how we can free our docker images from vulnerability. There are numerous tools to scan the docker images but I am going to use one of the awesome tool trivy by aquasec. I will walk you through installing it to integrate it into Jenkins CICD pipeline.
What is Trivy ?
Trivy is a simple and comprehensive scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues.
How to install?
Installing trivy is easy and simple. You can use the latest binary release from Trivy official GitHub repo.
https://github.com/aquasecurity/trivy/releasesIn this blog, we will be going to automate trivy in the CICD pipeline. Trivy will scan the docker images in every build and publish the report in HTML format so that it’s easy to access the report by developers.
Let’s first install trivy in our Jenkins server.
$ curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/master/contrib/install.sh | sh -s -- -b /usr/local/bin
