Files
a13labs.infra/terraform/modules/utils/trivy/resources/generate_report.sh
T
alexandre.pires 255ba6aec9 feat(trivy): Enhance Trivy report generation and metrics handling
- Updated `generate_report.sh` to include additional scanners and output paths.
- Enhanced `send_report.py` with new data classes for misconfigurations and vulnerabilities.
- Improved parsing logic for Trivy output, supporting both Kubernetes and image scans.
- Added Prometheus metrics generation for various scan results, including misconfigurations and vulnerabilities.
- Introduced unit tests for parsing Trivy output and generating Prometheus metrics.
- Modified Terraform variables for SMTP port type and added Pushgateway URL variable.
2026-05-22 23:41:26 +02:00

16 lines
601 B
Bash

#!/usr/bin/env sh
set -euo pipefail
export HOME="/tmp"
TRIVY_CACHE_DIR="/tmp/cache"
mkdir -p /tmp/.trivy
mkdir -p ${TRIVY_CACHE_DIR}
trivy plugin install scan2html
trivy k8s --report=${REPORT_TYPE:-all} \
--exit-code=0 \
--severity=${LEVELS:-CRITICAL,HIGH,MEDIUM} \
--scanners ${SCANNERS:-vuln,misconfig} \
-o /tmp/trivy.json \
--format json \
--disable-node-collector \
--parallel ${PARALLEL:-5}
trivy scan2html generate --scan2html-flags --output /tmp/report.html --from /tmp/trivy.json