pre-commit-trivy

Add this to your pre-commit .pre-commit-config.yaml config.

You can use trivy fs flags to configure Trivy filesytem scans. Insert the required flags in the args field.

You can also use the trivyconfig-docker` to scan for misconfigurations trivy config

trivyfs-docker

pre-commit will use the aquasec/trivy:0.57.1 docker image and run it inside a docker container.

repos:
-   repo: https://github.com/mxab/pre-commit-trivy.git
    rev: v0.14.0
    hooks:
    -   id: trivyfs-docker
        args:
          - --skip-dirs
          - ./tests
          - . # last arg indicates the path/file to scan
    -   id: trivyconfig-docker
        args:
          - --skip-dirs
          - ./tests
          - . # last arg indicates the path/file to scan

Cache

The hook will create a cache directory .pre-commit-trivy-cache in your repo. Add it to the .gitignore.

echo ".pre-commit-trivy-cache" >> .gitignore

Example

You can find a sample use case here https://github.com/mxab/trivy-pre-commit-demo

Name		Name	Last commit message	Last commit date
Latest commit History 32 Commits
.pre-commit-hooks.yaml		.pre-commit-hooks.yaml
LICENSE		LICENSE
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

pre-commit-trivy

trivyfs-docker

Cache

Example

About

Releases 16

Packages

Contributors 6

License

mxab/pre-commit-trivy

Folders and files

Latest commit

History

Repository files navigation

pre-commit-trivy

trivyfs-docker

Cache

Example

About

Resources

License

Stars

Watchers

Forks

Releases 16

Packages 0

Contributors 6

Packages