trivy-operator

module

v0.1.4-rc Latest Latest Go to latest Published: Jul 19, 2022 License: Apache-2.0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/aquasecurity/trivy-operator

README ¶

Kubernetes-native security toolkit. (Documentation)

Introduction

There are lots of security tools in the cloud native world, created by Aqua and by others, for identifying and informing users about security issues in Kubernetes workloads and infrastructure components. However powerful and useful they might be, they tend to sit alongside Kubernetes, with each new product requiring users to learn a separate set of commands and installation steps in order to operate them and find critical security information.

Trivy-Operator leverage the trivy security tools by incorporating it outputs into Kubernetes CRDs (Custom Resource Definitions) and from there, making security reports accessible through the Kubernetes API. This way users can find and view the risks that relate to different resources in what we call a Kubernetes-native way.

Trivy-Operator provides:

Automated vulnerability scanning for Kubernetes workloads.
Automated configuration audits for Kubernetes resources with predefined rules or custom Open Policy Agent (OPA) policies.
Custom Resource Definitions and a Go module to work with and integrate a range of security scanners.
The Lens Extension that make security reports available through familiar Kubernetes interfaces.

Trivy-operator Overview

Trivy-Operator can be used:

As a Kubernetes operator to automatically update security reports in response to workload and other changes on a Kubernetes cluster - for example, initiating a vulnerability and misconfiguration scan when a new Pod is started.

Status

Although we are trying to keep new releases backward compatible with previous versions, this project is still incubating, and some APIs and Custom Resource Definitions may change.

Documentation

The official Documentation provides detailed installation, configuration, troubleshooting, and quick start guides.

You can install the Trivy-operator Operator with Static YAML Manifests and follow the Getting Started guide to see how vulnerability and configuration audit reports are generated automatically.

Contributing

At this early stage we would love your feedback on the overall concept of Trivy-Operator. Over time, we'd love to see contributions integrating different security tools so that users can access security information in standard, Kubernetes-native ways.

See Contributing for information about setting up your development environment, and the contribution workflow that we expect.

Trivy-Operator is an Aqua Security open source project.
Learn about our Open Source Work and Portfolio.
Join the community, and talk to us about any matter in GitHub Discussions or Slack.

Directories ¶

Path	Synopsis
cmd
trivy-operator
itest
helper The helper package provides builders to instantiate Kubernetes objects used in integration tests.	The helper package provides builders to instantiate Kubernetes objects used in integration tests.
matcher The matcher package provides domain-specific Gomega matchers.	The matcher package provides domain-specific Gomega matchers.
trivy-operator/behavior
pkg
apis/aquasecurity
apis/aquasecurity/v1alpha1 Package v1alpha1 is the v1alpha1 version of the API.	Package v1alpha1 is the v1alpha1 version of the API.
compliance
configauditreport Package configauditreport provides primitives for working with Kubernetes workload configuration checkers.	Package configauditreport provides primitives for working with Kubernetes workload configuration checkers.
configauditreport/controller
docker Package docker provides primitives for working with Docker.	Package docker provides primitives for working with Docker.
exposedsecretreport
ext
kube Package kube provides primitives for working with Kubernetes objects.	Package kube provides primitives for working with Kubernetes objects.
metrics
operator Package operator provides primitives for implementing Trivy-Operator Operator.	Package operator provides primitives for implementing Trivy-Operator Operator.
operator/etc
operator/jobs
operator/predicate
plugins Package plugins aggregates plugins for Trivy-Operator.	Package plugins aggregates plugins for Trivy-Operator.
plugins/trivy Package trivy provides primitives for working with Trivy.	Package trivy provides primitives for working with Trivy.
policy
rbacassessment Package rbacassessment provides primitives for working with Kubernetes workload rbac assessment checkers.	Package rbacassessment provides primitives for working with Kubernetes workload rbac assessment checkers.
trivyoperator Package trivyoperator provides primitives for working with Trivy-operator toolkit.	Package trivyoperator provides primitives for working with Trivy-operator toolkit.
utils
vulnerabilityreport Package vulnerabilityreport provides primitives for working with vulnerability scanners.	Package vulnerabilityreport provides primitives for working with vulnerability scanners.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL