Skip to content
Snippets Groups Projects
Unverified Commit 131a8215 authored by Timothy Stone's avatar Timothy Stone
Browse files

fix: use --pkg-types instead of deprecated --vuln-type

Trivy is deprecating the --vuln-type CLI option. The new option is --pkg-types; also TRIVY_PKG_TYPES
for environment configuration.
parent 98dc84d8
No related branches found
No related tags found
No related merge requests found
...@@ -483,7 +483,7 @@ The template uses GitLab registries and authentication defaults. See the Docker ...@@ -483,7 +483,7 @@ The template uses GitLab registries and authentication defaults. See the Docker
| `sbom-image` / `MAVEN_SBOM_IMAGE` | The image used to perform and complete the Security Bill of Materials | `registry.hub.docker.com/anchore/syft:debug` | | `sbom-image` / `MAVEN_SBOM_IMAGE` | The image used to perform and complete the Security Bill of Materials | `registry.hub.docker.com/anchore/syft:debug` |
| `sbom-opts` / `MAVEN_SBOM_OPTS` | SBOM options to complete the Security Bill of Materials | `--override-default-catalogers rpm-db-cataloger,alpm-db-cataloger,apk-db-cataloger,dpkg-db-cataloger,portage-cataloger,nix-store-cataloger,java` | | `sbom-opts` / `MAVEN_SBOM_OPTS` | SBOM options to complete the Security Bill of Materials | `--override-default-catalogers rpm-db-cataloger,alpm-db-cataloger,apk-db-cataloger,dpkg-db-cataloger,portage-cataloger,nix-store-cataloger,java` |
| `trivy-image` / `MAVEN_TRIVY_IMAGE` | The image to perform container security scanning | `registry.hub.docker.com/aquasec/trivy:latest` | | `trivy-image` / `MAVEN_TRIVY_IMAGE` | The image to perform container security scanning | `registry.hub.docker.com/aquasec/trivy:latest` |
| `trivy-args` / `MAVEN_TRIVY_ARGS` | Additional [`trivy image` options](https://aquasecurity.github.io/trivy/latest/docs/references/configuration/cli/trivy_image/#options) | `--ignore-unfixed --vuln-type os` | | `trivy-args` / `MAVEN_TRIVY_ARGS` | Additional [`trivy image` options](https://aquasecurity.github.io/trivy/latest/docs/references/configuration/cli/trivy_image/#options) | `--ignore-unfixed --pkg-types os` |
Other Trivy parameters shall be configured using [Trivy environment variables](https://aquasecurity.github.io/trivy/latest/docs/references/configuration/cli/trivy_image/#options). Other Trivy parameters shall be configured using [Trivy environment variables](https://aquasecurity.github.io/trivy/latest/docs/references/configuration/cli/trivy_image/#options).
Examples: Examples:
......
...@@ -229,7 +229,7 @@ ...@@ -229,7 +229,7 @@
{ {
"name": "MAVEN_TRIVY_ARGS", "name": "MAVEN_TRIVY_ARGS",
"description": "Additional [`trivy image` options](https://aquasecurity.github.io/trivy/latest/docs/references/configuration/cli/trivy_image/#options)", "description": "Additional [`trivy image` options](https://aquasecurity.github.io/trivy/latest/docs/references/configuration/cli/trivy_image/#options)",
"default": "--ignore-unfixed --vuln-type os", "default": "--ignore-unfixed --pkg-types os",
"advanced": true "advanced": true
} }
] ]
......
...@@ -34,7 +34,7 @@ spec: ...@@ -34,7 +34,7 @@ spec:
default: registry.hub.docker.com/aquasec/trivy:latest default: registry.hub.docker.com/aquasec/trivy:latest
trivy-args: trivy-args:
description: Additional [`trivy image` options](https://aquasecurity.github.io/trivy/latest/docs/references/configuration/cli/trivy_image/#options) description: Additional [`trivy image` options](https://aquasecurity.github.io/trivy/latest/docs/references/configuration/cli/trivy_image/#options)
default: --ignore-unfixed --vuln-type os default: --ignore-unfixed --pkg-types os
sbom-image: sbom-image:
default: registry.hub.docker.com/anchore/syft:debug default: registry.hub.docker.com/anchore/syft:debug
sbom-opts: sbom-opts:
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment