Skip to main content

🧩 A ready-to-use CI/CD Pipeline for scanning vulnerabilities using Trivy.

Works with
This package works with Bun
This package works with Node.js
This package works with Deno
JSR Score
76%
Published
3 months ago (0.4.1)

Trivy Pipeline

fluentci pipeline deno compatibility dagger-min-version ci

A ready-to-use CI/CD Pipeline for scanning vulnerabilities using Trivy.

🚀 Usage

Run the following command:

fluentci run trivy_pipeline

Or, if you want to use it as a template:

fluentci init -t trivy

This will create a .fluentci folder in your project.

Now you can run the pipeline with:

fluentci run .

🧩 Dagger Module

Use as a Dagger Module:

dagger install github.com/fluent-ci-templates/trivy-pipeline@main

Call a function from the module:

dagger call config --src . --exit-code 0
dagger call image --src . --exit-code 0 --image hashicorp/terraform:1.6

🛠️ Environment variables

Variable Description
TRIVY_IMAGE The image to scan
TRIVY_SBOM_PATH The path to the software bill of materials
TRIVY_EXIT_CODE Specify exit code when any security issues are found. Defaults to 0

✨ Jobs

Job Description
config Scan configuration files
fs Scan a local filesystem
repo Scan a repository
image Scan a container image
sbom Scan a software bill of materials
config(
  src: Directory | string,
  exitCode?: number,
  format?: string,
  outputFile?: string
): Promise<string>

fs(
  src: Directory | string,
  exitCode?: number,
  format?: string,
  outputFile?: string
): Promise<string>

repo(
  src: Directory | string,
  exitCode?: number,
  repoUrl?: string,
  format?: string,
  outputFile?: string
): Promise<string>

image(
  src: Directory | string,
  exitCode?: number,
  image?: string,
  format?: string,
  outputFile?: string
): Promise<string>

👨‍💻 Programmatic usage

You can also use this pipeline programmatically:

import { fs } from "jsr:@fluentci/trivy";

await fs(".");
Built and signed on
GitHub Actions
View transparency log

Add Package

deno add @fluentci/trivy

Import symbol

import * as mod from "@fluentci/trivy";

Add Package

npx jsr add @fluentci/trivy

Import symbol

import * as mod from "@fluentci/trivy";

Add Package

yarn dlx jsr add @fluentci/trivy

Import symbol

import * as mod from "@fluentci/trivy";

Add Package

pnpm dlx jsr add @fluentci/trivy

Import symbol

import * as mod from "@fluentci/trivy";

Add Package

bunx jsr add @fluentci/trivy

Import symbol

import * as mod from "@fluentci/trivy";