k3s/scripts/image_scan.sh

#/bin/sh

set -e 

if [ -n ${DEBUG} ]; then
    set -x
fi

if [ -z $1 ]; then
    echo "error: image name required as argument. exiting..."
    exit 1
fi

IMAGE=$1
SEVERITIES="HIGH,CRITICAL"

docker container run --rm --name=image-scan --volume /var/run/docker.sock:/var/run/docker.sock \
    docker.io/aquasec/trivy:0.10.2 --quiet image --severity ${SEVERITIES}  --no-progress --ignore-unfixed ${IMAGE}

exit 0
add trivy scans for built images Signed-off-by: Brian Downs <brian.downs@gmail.com> 2020-09-15 18:43:27 +00:00			`#/bin/sh`

			`set -e`

			`if [ -n ${DEBUG} ]; then`
			`set -x`
			`fi`

			`if [ -z $1 ]; then`
update error message Signed-off-by: Brian Downs <brian.downs@gmail.com> 2020-09-15 18:54:34 +00:00			`echo "error: image name required as argument. exiting..."`
add trivy scans for built images Signed-off-by: Brian Downs <brian.downs@gmail.com> 2020-09-15 18:43:27 +00:00			`exit 1`
			`fi`

			`IMAGE=$1`
			`SEVERITIES="HIGH,CRITICAL"`

			`docker container run --rm --name=image-scan --volume /var/run/docker.sock:/var/run/docker.sock \`
			`docker.io/aquasec/trivy:0.10.2 --quiet image --severity ${SEVERITIES} --no-progress --ignore-unfixed ${IMAGE}`

			`exit 0`