docs: restructure docs and add tutorials (#2883)

Co-authored-by: knqyf263 <knqyf263@gmail.com>
2025-12-22 07:10:41 -08:00 · 2022-09-15 19:27:58 +01:00
parent 192fd78ca2
commit 20f1e5991a
32 changed files with 696 additions and 274 deletions
--- a/docs/getting-started/further.md
+++ b/docs/getting-started/further.md
@@ -1,32 +0,0 @@
-# Further Reading
-
-## Presentations
- Aqua Security YouTube Channel
-    - [Trivy - container image scanning][intro]
-    - [Using Trivy in client server mode][server]
-    - [Tweaking Trivy output to fit your workflow][tweaking]
-    - [How does a vulnerability scanner identify packages?][identify]
- CNCF Webinar 2020
-    - [Trivy Open Source Scanner for Container Images – Just Download and Run!][cncf]
- KubeCon + CloudNativeCon Europe 2020 Virtual
-    - [Handling Container Vulnerabilities with Open Policy Agent - Teppei Fukuda, Aqua Security][kubecon]
-  
-## Blogs
- [Trivy Vulnerability Scanner Joins the Aqua Open-source Family][join]
- [Trivy Image Vulnerability Scanner Now Under Apache 2.0 License][license]
- [DevSecOps with Trivy and GitHub Actions][actions]
- [Find Image Vulnerabilities Using GitHub and Aqua Security Trivy Action][actions2]
- [Using Trivy to Discover Vulnerabilities in VS Code Projects][vscode]
-
-[intro]: https://www.youtube.com/watch?v=AzOBGm7XxOA
-[cncf]: https://www.youtube.com/watch?v=XnYxX9uueoQ
-[server]: https://www.youtube.com/watch?v=tNQ-VlahtYM
-[kubecon]: https://www.youtube.com/watch?v=WKE2XNZ2zr4
-[identify]: https://www.youtube.com/watch?v=PaMnzeHBa8M
-[tweaking]: https://www.youtube.com/watch?v=wFIGUjcRLnU
-
-[join]: https://blog.aquasec.com/trivy-vulnerability-scanner-joins-aqua-family
-[license]: https://blog.aquasec.com/trivy-open-source-vulnerability-scanner-apache2.0-license
-[actions]: https://blog.aquasec.com/devsecops-with-trivy-github-actions
-[actions2]: https://blog.aquasec.com/github-vulnerability-scanner-trivy
-[vscode]: https://blog.aquasec.com/trivy-open-source-vulnerability-scanner-vs-code
--- a/docs/getting-started/installation.md
+++ b/docs/getting-started/installation.md
@@ -1,4 +1,4 @@
-# Installation
+# CLI Installation

 ## RHEL/CentOS

@@ -195,28 +195,6 @@ The same image is hosted on [Amazon ECR Public][ecr] as well.
 docker pull public.ecr.aws/aquasecurity/trivy:{{ git.tag[1:] }}
 ```

-## Helm
-
-### Installing from the Aqua Chart Repository
-
-```
-helm repo add aquasecurity https://aquasecurity.github.io/helm-charts/
-helm repo update
-helm search repo trivy
-helm install my-trivy aquasecurity/trivy
-```
-
-### Installing the Chart
-
-To install the chart with the release name `my-release`:
-
-```
-helm install my-release .
-```
-
-The command deploys Trivy on the Kubernetes cluster in the default configuration. The [Parameters][helm]
-section lists the parameters that can be configured during installation.
-
 ### AWS private registry permissions

 You may need to grant permissions to allow trivy to pull images from private registry (AWS ECR).
@@ -250,6 +228,37 @@ podAnnotations: {}

 > **Tip**: List all releases using `helm list`.

+## Other Tools to use and deploy Trivy
+
+For additional tools and ways to install and use Trivy in different envrionments such as in Docker Desktop and Kubernetes clusters, see the links in the [Ecosystem section](../ecosystem/tools.md).
+
+
 [ecr]: https://gallery.ecr.aws/aquasecurity/trivy
 [registry]: https://github.com/orgs/aquasecurity/packages/container/package/trivy
 [helm]: https://github.com/aquasecurity/trivy/tree/{{ git.tag }}/helm/trivy
+[slack]: https://slack.aquasec.com
+[operator-docs]: https://aquasecurity.github.io/trivy-operator/latest/
+
+[vuln]: ./docs/vulnerability/scanning/index.md
+[misconf]: ./docs/misconfiguration/scanning.md
+[kubernetesoperator]: ./docs/kubernetes/operator/index.md
+[container]: ./docs/vulnerability/scanning/image.md
+[rootfs]: ./docs/vulnerability/scanning/rootfs.md
+[filesystem]: ./docs/vulnerability/scanning/filesystem.md
+[repo]: ./docs/vulnerability/scanning/git-repository.md
+[kubernetes]: ./docs/kubernetes/cli/scanning.md
+
+[standalone]: ./docs/references/modes/standalone.md
+[client-server]: ./docs/references/modes/client-server.md
+[integrations]: ./tutorials/integrations/index.md
+
+[os]: ./docs/vulnerability/detection/os.md
+[lang]: ./docs/vulnerability/detection/language.md
+[builtin]: ./docs/misconfiguration/policy/builtin.md
+[quickstart]: ./getting-started/quickstart.md
+[podman]: ./docs/advanced/container/podman.md
+
+[sbom]: ./docs/sbom/index.md
+
+[oci]: https://github.com/opencontainers/image-spec
+[license]:  https://github.com/aquasecurity/trivy/blob/main/LICENSE
--- a/docs/getting-started/overview.md
+++ b/docs/getting-started/overview.md
@@ -1,44 +0,0 @@
-# Overview
-
-Trivy detects three types of security issues:
-
- [Vulnerabilities][vuln]
-    - [OS packages][os] (Alpine, Red Hat Universal Base Image, Red Hat Enterprise Linux, CentOS, AlmaLinux, Rocky Linux, CBL-Mariner, Oracle Linux, Debian, Ubuntu, Amazon Linux, openSUSE Leap, SUSE Enterprise Linux, Photon OS and Distroless)
-    - [Language-specific packages][lang] (Bundler, Composer, Pipenv, Poetry, npm, yarn, pnpm, Cargo, NuGet, Maven, and Go)
- [Misconfigurations][misconf]
-    - Kubernetes
-    - Docker
-    - Terraform
-    - CloudFormation
-    - more coming soon
- [Secrets][secret]
-    - AWS access key
-    - GCP service account
-    - GitHub personal access token
-    - etc.
-
-Trivy can scan three different artifacts:
-
- [Container Images][container]
- [Filesystem][filesystem]
- [Git Repositories][repo]
-
-It is designed to be used in CI. Before pushing to a container registry or deploying your application, you can scan your local container image and other artifacts easily.
-See [Integrations][integrations] for details.
-
-[vuln]: ../docs/vulnerability/scanning/index.md
-[os]: ../docs/vulnerability/detection/os.md
-[lang]: ../docs/vulnerability/detection/language.md
-
-[misconf]: ../docs/misconfiguration/scanning.md
-
-[secret]: ../docs/secret/scanning.md
-
-[container]: ../docs/vulnerability/scanning/image.md
-[rootfs]: ../docs/vulnerability/scanning/rootfs.md
-[filesystem]: ../docs/vulnerability/scanning/filesystem.md
-[repo]: ../docs/vulnerability/scanning/git-repository.md
-
-[integrations]: ../docs/integrations/index.md
-
-[license]:  https://github.com/aquasecurity/trivy/blob/main/LICENSE
--- a/docs/getting-started/quickstart.md
+++ b/docs/getting-started/quickstart.md
@@ -1,5 +1,9 @@
 # Quick Start

+## Prerequisites
+
+- Make sure to have the Trivy [CLI installed][installation]
+
 ## Scan image for vulnerabilities and secrets

 Simply specify an image name (and a tag).
@@ -80,6 +84,7 @@ See https://avd.aquasec.com/misconfig/ds001

 For more details, see [here][misconf].

+[installation]: ./installation.md
 [vulnerability]: ../docs/vulnerability/scanning/index.md
 [misconf]: ../docs/misconfiguration/scanning.md
 [secret]: ../docs/secret/scanning.md