Filter by image registry or regex #2002
Labels
kind/feature
Categorizes issue or PR as related to a new feature.
Comments
ybasket
added
the
kind/feature
|
@ybasket as mention in discussion, feel free to pick it up if you have time. |
I might do, but as it's neither decided we'll use |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Background
We're currently evaluating
trivy-operatorto secure our clusters regarding vulnerabilities in 3rd party container images, for examplenginx. As we already regularly scan images we build ourselves, it would be great if we could exclude our internal AWS ECR registry from image scanning. Namespace filtering doesn't help as they contain a mix of images from different sources. Resource labelling would work, but is rather tedious to set up and ensure only the correct resources are labelled.Feature
Allow filtering image before scanning by registry or more broadly, by regex on the image URL, so
trivy-operatorwould skip (or only include) containers running such images while considering all others.The text was updated successfully, but these errors were encountered: