feat(trivy): Enhance Trivy report generation and metrics handling

- Updated `generate_report.sh` to include additional scanners and output paths.
- Enhanced `send_report.py` with new data classes for misconfigurations and vulnerabilities.
- Improved parsing logic for Trivy output, supporting both Kubernetes and image scans.
- Added Prometheus metrics generation for various scan results, including misconfigurations and vulnerabilities.
- Introduced unit tests for parsing Trivy output and generating Prometheus metrics.
- Modified Terraform variables for SMTP port type and added Pushgateway URL variable.
This commit is contained in:
2026-05-22 23:41:26 +02:00
parent 829ab48919
commit 255ba6aec9
25 changed files with 410938 additions and 71 deletions
@@ -8,8 +8,9 @@ trivy plugin install scan2html
trivy k8s --report=${REPORT_TYPE:-all} \
--exit-code=0 \
--severity=${LEVELS:-CRITICAL,HIGH,MEDIUM} \
-o tmp/trivy.json \
--scanners ${SCANNERS:-vuln,misconfig} \
-o /tmp/trivy.json \
--format json \
--disable-node-collector \
--parallel ${PARALLEL:-5}
trivy scan2html generate --scan2html-flags --output tmp/report.html --from tmp/trivy.json
trivy scan2html generate --scan2html-flags --output /tmp/report.html --from /tmp/trivy.json