gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-05 20:40:16 -08:00
Code Issues Packages Projects Releases Wiki Activity

docs: combine trivy.dev into trivy docs (#7884)

Browse Source 
Co-authored-by: simar7 <1254783+simar7@users.noreply.github.com>
This commit is contained in:
Itay Shakury
2024-11-17 23:34:48 -07:00
committed by GitHub
parent 0d3d934f76
commit 94791f8343
22 changed files with 1357 additions and 331 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/mkdocs-dev.yaml vendored
View File

@@ -22,7 +22,7 @@ jobs:
- name: Install dependencies
run: |
python -m pip install --upgrade pip setuptools wheel
pip install git+https://${GH_TOKEN}@github.com/squidfunk/mkdocs-material-insiders.git
pip install git+https://${GH_TOKEN}@github.com/squidfunk/mkdocs-material-insiders.git@9.5.44-insiders-4.53.14
pip install -r docs/build/requirements.txt
env:
GH_TOKEN: ${{ secrets.MKDOCS_AQUA_BOT }}

2
.github/workflows/mkdocs-latest.yaml vendored
View File

@@ -24,7 +24,7 @@ jobs:
- name: Install dependencies
run: |
python -m pip install --upgrade pip setuptools wheel
pip install git+https://${GH_TOKEN}@github.com/squidfunk/mkdocs-material-insiders.git
pip install git+https://${GH_TOKEN}@github.com/squidfunk/mkdocs-material-insiders.git@9.5.44-insiders-4.53.14
pip install -r docs/build/requirements.txt
env:
GH_TOKEN: ${{ secrets.MKDOCS_AQUA_BOT }}

1
docs/assets/css/trivy_v1_homepage.min.css vendored Normal file
View File

File diff suppressed because one or more lines are too long

693
docs/assets/css/trivy_v1_homepage.scss Normal file
View File

@@ -0,0 +1,693 @@
/* trivy homepage */
//aqua brand colors
$aq-royal-blue: #1904da;
$aq-legacy-blue: #08b1d5;
$aq-coral-red: #ff445f;
$aq-starfish-yellow: #ffc900;
$aq-dark-abyss: #07242d;
$aq-deep-sea-blue: #183278;
$aq-ocean-ash: #405a75;
$aq-sea-foam: #00ffe4;
$aq-neo-background: #ebf3fa;
$aq-neo-background-hover: #f0f8ff;
$aq-royal-blue-dark: #1503ba;
$aq-trivy-dark: #0a0b23;
$weight-normal: 400;
$weight-semibold: 600;
$weight-bold: 700;
$gap: 32px;
// 960, 1152, and 1344 have been chosen because they are divisible by both 12 and 16
$tablet: 769px;
// 960px container + 4rem
$desktop: 960px + 2 * $gap;
// 1152px container + 4rem
$widescreen: 1152px + 2 * $gap;
$widescreen-enabled: true;
// 1344px container + 4rem
$fullhd: 1344px + 2 * $gap;
$fullhd-enabled: true;
body {
font-family: "Inter", sans-serif;
}
.trivy_v1_homepage_wrap {
position: relative;
z-index: 3;
* {
transition: all 0.2s ease !important;
}
.container {
width: 100%;
margin: 0 auto;
max-width: 1440px;
@media screen and (max-width: $tablet), print { //769
padding: 0 24px;
max-width: $tablet; //769
} //until tablet
}
.button {
background-color: #ebf3fa;
border: 1px solid #dbdbdb;
border-width: 1px;
color: #363636;
cursor: pointer;
justify-content: center;
padding-bottom: calc(.5em - 1px);
padding-left: 1em;
padding-right: 1em;
padding-top: calc(.5em - 1px);
text-align: center;
white-space: nowrap;
border-radius: 4px;
transition: all .2s ease;
font-size: 16px;
display: inline-block;
font-weight: 700;
&.is-seafoam {
background-color: $aq-sea-foam;
border-color: $aq-sea-foam;
color: $aq-dark-abyss;
&.is-outlined {
background-color: rgba(0,0,0,0);
border-color: $aq-sea-foam;
color: $aq-sea-foam;
border-width: 2px;
&:hover {
background-color: $aq-sea-foam;
color: $aq-dark-abyss;
}
} //is-outlines
} //is-seafoam
&.large_btn {
font-size: 22px;
padding: 16px 27px;
margin-right: 12px;
@media screen and (max-width: $tablet), print {
font-size: 18px;
} //until tablet
}
&.solidseafoamarrowbutton {
background-color: $aq-sea-foam;
font-weight: 700;
border: 2px solid $aq-sea-foam;
font-size: 22px; //1.375rem; //1.125rem;
padding: 16px 27px;
color: $aq-dark-abyss;
&:after {
content: "";
border: solid $aq-dark-abyss;
border-width: 0 2px 2px 0;
display: inline-block;
padding: 4px;
transform: rotate(-45deg);
margin-left: 30px;
vertical-align: middle;
transition: all .2s;
}
} //solidseafoamarrowbutton
} //button
.margin-bottom-20 {
margin-bottom: 20px;
}
.hero_wrap {
background-color: $aq-trivy-dark;
background-image: radial-gradient(1600px at 70% 120%, #031145 10%, $aq-trivy-dark 100%);
min-height: 1050px;
position: relative;
z-index: 10;
.homepage_background_image_wrap {
position: absolute;
left: 0px;
top: 0px;
width: 100%;
height: 100%;
z-index: 1;
pointer-events: none;
.stars_wrap {
position: absolute;
left: 0px;
top: 0px;
width: 100%;
height: 100%;
z-index: 1;
overflow: hidden;
.stars_bg {
position: absolute;
width: 400vw;
height: 400vh;
top: 50%;
left: 50%;
margin-top: -200vh;
margin-left: -200vw;
animation: stars_ani 240s linear infinite;
background-size: 240px;
backface-visibility: visible;
background-image:url(../images/homepage_hero_stars_02.svg);
background-repeat: repeat;
}
@keyframes stars_ani {
0% { transform: rotate(0deg); }
100% { transform: rotate(360deg); }
}
} //stars_wrap
.terrain_wrap {
position: absolute;
left: 0px;
bottom: 0px;
width: 100%;
height: 680px;
background-image:url(../images/homepage_hero_terrain_08.svg);
background-repeat: no-repeat;
background-position: center top;
background-size: cover;
z-index: 2;
} // terrain_wrap
.beams_wrap {
position: absolute;
left: 0px;
bottom: 0px;
width: 100%;
height: 100%;
z-index: 3;
overflow: hidden;
.beam {
position: absolute;
right: 200px;
top: 270px;
width: 3px;
height: 350%;
background: rgba(#3eabff,0.6);
box-shadow: 0px 0px 55px 0px rgba(#3eabff,1);
transform-origin: 0 0;
animation: beam_ani 10s infinite;
&.num2 {animation: beam_ani 11s infinite;}
&.num3 {animation: beam_ani 12s infinite;}
&.num4 {animation: beam_ani 13s infinite;}
} //beam
@keyframes beam_ani {
0% { transform: rotate(75deg); }
50% { transform: rotate(-15deg); }
100% { transform: rotate(75deg); }
}
.sphere {
z-index:999;
position: absolute;
top: 60px;
right: 50px;
width: 280px;
height: 280px;
background-image:url(../images/homepage_hero_orb_03.png);
background-position: center center;
background-repeat: no-repeat;
}
} //beams_wrap
.person_wrap {
position: absolute;
left: 0px;
bottom: 0px;
width: 100%;
height: 595px;
background-image:url(../images/homepage_v1_hero_person_01.png);
background-repeat: no-repeat;
background-position: center bottom;
z-index: 4;
} // person_wrap
} //hero_background_image_wrap
}
.hero {
.hero-body {
padding: 80px 0px;
// border: 1px solid red;
.header_title_wrap {
.header_title_content_wrap {
width: 50%;
position: relative;
z-index: 3;
.page_title {
color: #ffffff;
font-weight: $weight-bold;
font-size: 48px; //3rem;
line-height: 1.3;
}//page_title
.page_subtitle {
color: #ffffff;
font-weight: $weight-normal;
font-size: 24px; //1.5rem;
line-height: 1.3;
margin-bottom: 30px;
} //page_subtitle
@media screen and (max-width: $widescreen), print {
width: 70%;
} //until widescreen
@media screen and (max-width: $tablet), print { //769
width: 100%;
.page_title {
font-size: 32px; //2rem;
}//page_title
.page_subtitle {
font-size: 18px; //1.125rem;
}//page_subtitle
} //until tablet
} //header_title_content_wrap
} //header_title_wrap
@media screen and (min-width: $tablet), print { //769
padding: 48px 24px; //3rem 1.5rem;
}
}
} //hero
// } //page-trivy_homepage
/* homepage_community */
.homepage_community_wrap {
position: relative;
background-color: $aq-trivy-dark;
color: #ffffff;
z-index: 5;
padding-top: 60px;
padding-bottom: 20px;
.container.wide_container {
max-width: 1640px;
padding-left: 20px;
padding-right: 20px;
display: flex;
flex-direction: row;
flex-wrap: wrap;
}
.community_titles_column {
width: 33.3333%;
padding-right: 32px;
@media screen and (max-width: $desktop), print {
width: 41.6666666667%;
} //until desktop
@media screen and (max-width: $tablet), print {
width: 100%;
} //until tablet
}
.community_slider_column {
width: 66.6666%;
@media screen and (max-width: $desktop), print {
width: 58.3333333333%;
} //until desktop
@media screen and (max-width: $tablet), print {
width: 100%;
} //until tablet
}
.community_title {
color: $aq-sea-foam;
font-size: 60px; //3.75rem;
font-weight: $weight-bold;
margin-bottom: 24px; ////1.5rem;
line-height: 1.2;
}
.community_subtitle {
color: #ffffff;
font-size: 26px; //1.625rem;
margin-bottom: 24px; ////1.5rem;
}
.community_cta_wrap {
.button {
font-weight: $weight-bold;
margin-right: 10px;
}
}
.community_quotes_wrap {
position: relative;
.community_quotes {
column-count: 3;
column-gap: 20px;
@media screen and (max-width: $widescreen), print { //1216
column-count: 2;
}
@media screen and (max-width: $tablet), print { //769
column-count: 1;
}
.quote_item_wrap {
display: inline-block;
margin: 0px 0px 20px 0px;
width: 100%;
}
.quote_item {
display: block;
position: relative;
color: #ffffff;
border: 1px solid rgba($aq-sea-foam,0.2);
background-color: rgba($aq-sea-foam,0.05);
border-radius: 4px;
padding: 25px;
.quote_name {
font-size: 16px; //1rem;
font-weight: $weight-semibold;
}
.quote_twitter_handle {
opacity: 0.6;
font-size: 13px; //0.8125rem;
}
.quote_company {
opacity: 0.6;
font-size: 13px; //0.8125rem;
}
.quote_text {
font-size: 16px; //1rem;
font-weight: $weight-normal;
line-height: 1.3;
}
.quote_avatar {
display: block;
position: absolute;
top: 25px;
left: 25px;
width: 40px;
height: 40px;
border-radius: 50%;
background-repeat: no-repeat;
background-position: center center;
background-size: cover;
}
&.is_tweet {
.quote_text {
padding-top: 10px;
}
&.has_avatar {
.quote_name,
.quote_twitter_handle {
padding-left: 50px;
}
} //has_avatar
} //&is_tweet
&.is_quote {
.quote_text {
position: relative;
padding-top: 40px;
padding-bottom: 10px;
&:before {
content: "";
display: block;
position: absolute;
top: -10px;
left: 0px;
width: 56px;
height: 42px;
background-image: url(../images/community_quote.png);
background-position: center center;
background-repeat: no-repeat;
}
} //quote_text
} //&is_quote
} //quote_item
}
} //community_quotes_wrap
@media screen and (max-width: $tablet), print { //tablet
.community_title {
font-size: 32px; //2rem;
}
.community_subtitle {
font-size: 18px; //1.125rem;
}
} //until
} //homepage_community_wrap
} //trivy_homepage_wrap
/* Slider */
.slick-slider{position:relative;display:block;box-sizing:border-box;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;user-select:none;-webkit-touch-callout:none;-khtml-user-select:none;-ms-touch-action:pan-y;touch-action:pan-y;-webkit-tap-highlight-color:transparent;}
.slick-list{position:relative;display:block;overflow:hidden;margin:0;padding:0;}
.slick-list:focus{outline:none;}
.slick-list.dragging{cursor:hand;}
.slick-slider .slick-track,.slick-slider .slick-list{transform:translate3d(0,0,0);}
.slick-track{position:relative;top:0;left:0;display:block;margin-left:auto;margin-right:auto;}
.slick-track:before,.slick-track:after{display:table;content:'';}
.slick-track:after{clear:both;}
.slick-loading .slick-track{visibility:hidden;}
.slick-slide{display:none;float:left;height:100%;min-height:1px;}
.slick-slide:focus{outline:none;}
.slick-slide img{display:block;}
.slick-slide.slick-loading img{display:none;}
.slick-slide.dragging img{pointer-events:none;}
.slick-initialized .slick-slide{display:block;}
.slick-loading .slick-slide{visibility:hidden;}
.slick-vertical .slick-slide{display:block;height:auto;border:1px solid transparent;}
.slick-arrow.slick-hidden{display:none;}
.slick-arrow {display:block;background-color:transparent;border:none;color:transparent;cursor:pointer;position:absolute;top:0px;height:330px;width:80px;z-index:20;outline:none;}
.slick-arrow:focus, .slick-arrow:active {outline:none;}
.slick-arrow.slick-prev {left:0px;background-image:linear-gradient(to right, rgba($aq-neo-background,1) 0%, rgba($aq-neo-background,0) 100%);}
.slick-arrow.slick-next {right:0px;background-image:linear-gradient(to left, rgba($aq-neo-background,1) 0%, rgba($aq-neo-background,0) 100%);}
.slick-arrow:before {content:"";display:block;position:absolute;left:0px;top:0px;width:100%;height:100%;z-index:21;background-repeat:no-repeat;}
.slick-arrow.slick-prev:before {background-image:url(../images/arrow_left.png);background-position:center left;}
.slick-arrow.slick-next:before {background-image:url(../images/arrow_right.png);background-position:center right;}
/* dots */
.slick-dotted.slick-slider
{
margin-bottom: 0px;
}
.slick-dots
{
//position: absolute;
//bottom: -25px;
position: relative;
display: block;
width: 100%;
padding: 0;
margin: 0;
list-style: none;
text-align: center;
}
.slick-dots li {
position: relative;
display: inline-block;
width: 24px;
height: 24px;
margin: 0px 4px;
padding: 0;
cursor: pointer;
}
.slick-dots li button
{
font-size: 0;
line-height: 0;
display: block;
width: 24px;
height: 24px;
padding: 0px;
cursor: pointer;
color: transparent;
border: 0;
outline: none;
background: transparent;
&:before {
position: relative;
top: 0px;
left: 0px;
width: 20px;
height: 20px;
content: "";
background-color: transparent;
border: 2px solid $aq-sea-foam;
border-radius: 50%;
display: block;
opacity: 0.7;
}
&:after {
position: absolute;
top: 7px;
left: 5px;
width: 10px;
height: 10px;
content: "";
background-color: $aq-sea-foam;
//border: 1px solid #666;
border-radius: 50%;
//box-shadow: inset 1px 1px 1px #888;
display: block;
opacity: 0;
transition: 0.2s ease-out;
}
}
.slick-dots li button:hover,
.slick-dots li button:focus
{
outline: none;
&:after {
opacity: 1;
}
}
.slick-dots li.slick-active button:after {
opacity: 1;
}

BIN
docs/assets/images/homepage_hero_orb_03.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 28 KiB

1
docs/assets/images/homepage_hero_stars_02.svg Normal file
View File

@@ -0,0 +1 @@
<svg version="1.1" id="Layer_2" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" viewBox="0 0 240 240" enable-background="new 0 0 240 240" xml:space="preserve"><rect x="106" y="90" fill="#00ffe4" width="2" height="2"/><rect x="74" y="63" fill="#00ffe4" width="1" height="1"/><rect x="23" y="66" fill="#00ffe4" width="1" height="1"/><rect x="50" y="110" fill="#00ffe4" width="1" height="1"/><rect x="63" y="128" fill="#00ffe4" width="1" height="1"/><rect x="45" y="149" fill="#00ffe4" width="1" height="1"/><rect x="92" y="151" fill="#00ffe4" width="1" height="1"/><rect x="58" y="8" fill="#00ffe4" width="1" height="1"/><rect x="147" y="33" fill="#00ffe4" width="2" height="2"/><rect x="91" y="43" fill="#00ffe4" width="1" height="1"/><rect x="169" y="29" fill="#ffffff" width="1" height="1"/><rect x="182" y="19" fill="#00ffe4" width="1" height="1"/><rect x="161" y="59" fill="#00ffe4" width="1" height="1"/><rect x="138" y="95" fill="#00ffe4" width="1" height="1"/><rect x="199" y="71" fill="#ffffff" width="3" height="3"/><rect x="213" y="153" fill="#00ffe4" width="2" height="2"/><rect x="128" y="163" fill="#ffffff" width="1" height="1"/><rect x="205" y="174" fill="#00ffe4" width="1" height="1"/><rect x="152" y="200" fill="#00ffe4" width="1" height="1"/><rect x="52" y="211" fill="#00ffe4" width="2" height="2"/><rect y="191" fill="#00ffe4" width="1" height="1"/><rect x="110" y="184" fill="#00ffe4" width="1" height="1"/></svg>
Side by Side

After

Width:  |  Height:  |  Size: 1.4 KiB

1
docs/assets/images/homepage_hero_terrain_08.svg Normal file
View File

File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 336 KiB

BIN
docs/assets/images/homepage_v1_hero_person_01.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 55 KiB

1
docs/assets/images/trivy_logo_horizontal_white.svg Normal file
View File

@@ -0,0 +1 @@
<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" x="0" y="0" viewBox="0 0 1920 891" style="enable-background:new 0 0 1920 891" xml:space="preserve"><style>.st0{fill:#fff}.st1{fill:#50f0ff}</style><path class="st0" d="M1421.86 281.92h-46.97c-25.9 0-46.97-21.07-46.97-46.97s21.07-46.97 46.97-46.97 46.97 21.07 46.97 46.97v46.97zm-46.97-74.87c-15.38 0-27.9 12.52-27.9 27.9 0 15.38 12.52 27.9 27.9 27.9h27.9v-27.9c0-15.38-12.51-27.9-27.9-27.9zM1737.06 281.92h-46.97c-25.9 0-46.97-21.07-46.97-46.97s21.07-46.97 46.97-46.97 46.97 21.07 46.97 46.97v46.97zm-46.97-74.87c-15.38 0-27.9 12.52-27.9 27.9 0 15.38 12.52 27.9 27.9 27.9h27.9v-27.9c-.01-15.38-12.52-27.9-27.9-27.9zM1585.02 281.94c-25.91 0-46.99-21.08-46.99-46.99v-44.08h19.08v44.08c0 15.39 12.52 27.91 27.91 27.91s27.91-12.52 27.91-27.91v-44.08h19.09v44.08c-.01 25.91-21.1 46.99-47 46.99zM1479.94 187.98c-25.9 0-46.97 21.07-46.97 46.97s21.07 46.97 46.97 46.97l19.07-19.07h-19.07c-15.38 0-27.9-12.52-27.9-27.9 0-15.38 12.52-27.9 27.9-27.9 15.38 0 27.9 12.52 27.9 27.9v91.8h19.07v-91.8c0-25.9-21.07-46.97-46.97-46.97zM942.76 588.45v46.29c-31.53 0-59.94-11.34-82.34-30.14-28.15-23.63-46.04-59.08-46.04-98.71V274.06h46.04v105.2h82.34v46.59h-82.34v81.19c.63 45.06 37.13 81.41 82.34 81.41zM1106.82 379.26v45.98c-43.65.1-79.18 34.71-80.78 77.98v131.52h-46.12V379.26h46.12v29.16c21.93-18.18 50.08-29.12 80.78-29.16zM1136.4 353.72v-40.29h46.05v40.29h-46.05zm0 281.02V379.26h46.05v255.48h-46.05zM1464.76 379.26l-127.64 255.48-127.8-255.48h52.33l75.47 150.88 75.31-150.88h52.33zM1740.81 379.26v297.8c0 71.31-58.52 128.26-127.83 128.2-32.47.03-62.55-12.29-85.37-32.76l33.1-33.09c14.13 11.97 32.36 19.22 52.28 19.2 44.86 0 81.17-36.69 81.17-81.55v-71.39c-22.26 18.42-50.67 29.09-81.17 29.06-69.46.06-127.95-56-127.95-127.85V379.24h46.64l.02 127.64c0 44.67 36.39 81.6 81.28 81.55 44.86 0 81.17-36.69 81.17-81.55V379.26h46.66z"/><path class="st1" d="M428.54 364.9h.12c6.56.01 11.98-5.03 11.98-11.58V135.99l-12.23-6.83-12.18 6.8v217.36c0 6.56 5.43 11.61 11.98 11.58h.33z"/><path d="M355.18 463.55 153.55 598.87v15.41l11.49 6.29 203.73-136.73c5.23-3.51 6.53-10.52 3.15-15.84-.14-.23-.29-.45-.43-.68-3.5-5.62-10.81-7.46-16.31-3.77z" style="fill:#0744dd"/><path d="m488.27 483.95 203.55 136.61 11.45-6.28v-15.44L501.86 463.66c-5.51-3.7-12.82-1.87-16.32 3.76-.13.21-.27.43-.4.64-3.41 5.34-2.12 12.37 3.13 15.89z" style="fill:#ffc900"/><path class="st0" d="M727.69 282.29v-13.96l-12.5-6.98-.93-.49-273.93-152.99-11.92-6.64-11.87 6.64-273.98 152.99-.93.49-12.5 6.98v13.96l-.93.54.93.49v345.42l12.69 6.94 266.85 146.2 3.37 1.85 16.41 8.98 16.36-8.98 3.37-1.85 266.85-146.2 12.65-6.94V283.37l.98-.54-.97-.54zM440.95 758.05V511.4c0-6.72-5.5-12.22-12.22-12.21h-.32c-6.72-.01-12.22 5.49-12.22 12.21v246.64L165.04 620.57l-11.49-6.29V294.7l199.98 109.56c5.77 3.16 13.1 1.04 16.28-4.72l.14-.26c3.22-5.83 1.08-13.22-4.76-16.42L167.81 274.72l248.42-138.75 12.18-6.8 12.23 6.83 248.37 138.73-197.54 108.22c-5.81 3.18-7.63 10.45-4.41 16.24.05.1.11.2.16.29 3.16 5.73 10.22 8.01 15.96 4.86L703.27 294.7v319.59l-11.45 6.28-250.87 137.48z"/><circle cx="428.54" cy="432.05" r="35.42" style="fill:#ff0036"/><path class="st1" d="M617.65 262.99 426.32 155.74c-5.88-3.3-7.98-10.74-4.68-16.62 3.3-5.88 10.74-7.98 16.62-4.68l191.33 107.25c5.88 3.3 7.98 10.74 4.68 16.62-3.3 5.88-10.74 7.98-16.62 4.68zM533.81 271.27l-107.48-60.25c-5.88-3.3-7.98-10.74-4.68-16.62 3.3-5.88 10.74-7.98 16.62-4.68l107.48 60.25c5.88 3.3 7.98 10.74 4.68 16.62-3.3 5.88-10.74 7.97-16.62 4.68zM569.02 291c-5.88-3.3-7.98-10.74-4.68-16.62 3.3-5.88 10.74-7.98 16.62-4.68 5.88 3.3 7.98 10.74 4.68 16.62-3.3 5.88-10.74 7.98-16.62 4.68zM462.29 288.33l-35.7-20.01c-5.88-3.3-7.98-10.74-4.68-16.62 3.3-5.88 10.74-7.98 16.62-4.68l35.7 20.01c5.88 3.3 7.98 10.74 4.68 16.62-3.3 5.88-10.74 7.98-16.62 4.68zM516.16 321.21l-20.67-11.58c-5.88-3.3-7.98-10.74-4.68-16.62 3.3-5.88 10.74-7.98 16.62-4.68l20.67 11.58c5.88 3.3 7.98 10.74 4.68 16.62-3.3 5.88-10.74 7.98-16.62 4.68z"/></svg>
Side by Side

After

Width:  |  Height:  |  Size: 3.9 KiB

9
docs/assets/javascripts/trivy_v1_homepage.js Normal file
View File

File diff suppressed because one or more lines are too long

8
docs/build/Dockerfile vendored
View File

@@ -1,10 +1,6 @@
FROM squidfunk/mkdocs-material:9.4.6
FROM squidfunk/mkdocs-material:9.5.44
## If you want to see exactly the same version as is published to GitHub pages
## use a private image for insiders, which requires authentication.
# docker login -u ${GITHUB_USERNAME} -p ${GITHUB_TOKEN} ghcr.io
# FROM ghcr.io/squidfunk/mkdocs-material-insiders
# https://squidfunk.github.io/mkdocs-material/getting-started/?h=macros#with-docker-material-for-mkdocs
COPY requirements.txt .
RUN pip install -r requirements.txt

3
docs/build/requirements.in vendored Normal file
View File

@@ -0,0 +1,3 @@
mkdocs-material==9.5.44
mkdocs-macros-plugin
mike

136
docs/build/requirements.txt vendored
View File

@@ -1,30 +1,114 @@
click==8.1.2
csscompressor==0.9.5
ghp-import==2.0.2
htmlmin==0.1.12
importlib-metadata==4.11.3
Jinja2==3.1.1
jsmin==3.0.1
Markdown==3.3.6
MarkupSafe==2.1.1
#
# This file is autogenerated by pip-compile with Python 3.13
# by the following command:
#
# pip-compile --output-file=docs/build/requirements.txt docs/build/requirements.in
#
babel==2.16.0
# via mkdocs-material
certifi==2024.8.30
# via requests
charset-normalizer==3.4.0
# via requests
click==8.1.7
# via mkdocs
colorama==0.4.6
# via mkdocs-material
ghp-import==2.1.0
# via mkdocs
hjson==3.1.0
# via
# mkdocs-macros-plugin
# super-collections
idna==3.10
# via requests
importlib-metadata==8.5.0
# via mike
importlib-resources==6.4.5
# via mike
jinja2==3.1.4
# via
# mike
# mkdocs
# mkdocs-macros-plugin
# mkdocs-material
markdown==3.7
# via
# mkdocs
# mkdocs-material
# pymdown-extensions
markupsafe==3.0.2
# via
# jinja2
# mkdocs
mergedeep==1.3.4
mike==1.1.2
mkdocs==1.3.0
mkdocs-macros-plugin==0.7.0
mkdocs-material==8.3.9
mkdocs-material-extensions==1.0.3
mkdocs-minify-plugin==0.5.0
mkdocs-redirects==1.0.4
packaging==21.3
Pygments==2.12.0
pymdown-extensions==9.5
pyparsing==3.0.8
python-dateutil==2.8.2
PyYAML==6.0.1
# via
# mkdocs
# mkdocs-get-deps
mike==2.1.3
# via -r docs/build/requirements.in
mkdocs==1.6.1
# via
# mike
# mkdocs-macros-plugin
# mkdocs-material
mkdocs-get-deps==0.2.0
# via mkdocs
mkdocs-macros-plugin==1.3.7
# via -r docs/build/requirements.in
mkdocs-material==9.5.44
# via -r docs/build/requirements.in
mkdocs-material-extensions==1.3.1
# via mkdocs-material
packaging==24.2
# via
# mkdocs
# mkdocs-macros-plugin
paginate==0.5.7
# via mkdocs-material
pathspec==0.12.1
# via
# mkdocs
# mkdocs-macros-plugin
platformdirs==4.3.6
# via mkdocs-get-deps
pygments==2.18.0
# via mkdocs-material
pymdown-extensions==10.12
# via mkdocs-material
pyparsing==3.2.0
# via mike
python-dateutil==2.9.0.post0
# via
# ghp-import
# mkdocs-macros-plugin
pyyaml==6.0.2
# via
# mike
# mkdocs
# mkdocs-get-deps
# mkdocs-macros-plugin
# pymdown-extensions
# pyyaml-env-tag
pyyaml-env-tag==0.1
# via
# mike
# mkdocs
regex==2024.11.6
# via mkdocs-material
requests==2.32.3
# via mkdocs-material
six==1.16.0
termcolor==1.1.0
# via python-dateutil
super-collections==0.5.3
# via mkdocs-macros-plugin
termcolor==2.5.0
# via mkdocs-macros-plugin
urllib3==2.2.3
# via requests
verspec==0.1.0
watchdog==2.1.7
zipp==3.8.0
# via mike
watchdog==6.0.0
# via mkdocs
zipp==3.21.0
# via importlib-metadata

5
docs/docs/index.md
View File

@@ -1,5 +1,6 @@
# Docs
In this section you can find the complete reference documentation for all the different features and settings that Trivy has to offer.
Welcome to the Trivy documentation!
Here you can find complete and thorough information about every aspect of Trivy, how to use it, features available, and configuration options.
👈 Please use the side-navigation on the left in order to browse the different topics.
👈 Please use the left side navigation browse the different topics.

74
docs/getting-started/index.md Normal file
View File

@@ -0,0 +1,74 @@
# First steps with Trivy
## Get Trivy
Trivy is available in most common distribution channels. The complete list of installation options is available in the [Installation](./installation.md) page. Here are a few popular examples:
- macOS: `brew install trivy`
- Docker: `docker run aquasec/trivy`
- Download binary from [GitHub Release](https://github.com/aquasecurity/trivy/releases/latest/)
- See [Installation](./installation.md) for more
Trivy is integrated with many popular platforms and applications. The complete list of integrations is available in the [Ecosystem](../ecosystem/index.md) page. Here are a few popular options examples:
- [GitHub Actions](https://github.com/aquasecurity/trivy-action)
- [Kubernetes operator](https://github.com/aquasecurity/trivy-operator)
- [VS Code plugin](https://github.com/aquasecurity/trivy-vscode-extension)
- See [Ecosystem](../ecosystem/index.md) for more
## General usage
Trivy's Command Line Interface pattern follows its major concepts: targets (what you want to scan), and scanners (what you want to scan for):
```bash
trivy <target> [--scanners <scanner1,scanner2>] <subject>
```
### Examples
Scan a container image from registry, with the default scanner which is Vulnerabilities scanner:
```bash
trivy image python:3.4-alpine
```
<video width="1000" muted controls>
<source src="https://user-images.githubusercontent.com/1161307/171013513-95f18734-233d-45d3-aaf5-d6aec687db0e.mov" type="video/mp4" />
</video>
Scan a local code repository, for vulnerabilities, exposed secrets and misconfigurations:
```bash
trivy fs --scanners vuln,secret,misconfig /path/to/myproject
```
<video width="1000" muted controls>
<source src="https://user-images.githubusercontent.com/1161307/171013917-b1f37810-f434-465c-b01a-22de036bd9b3.mov" type="video/mp4" />
</video>
Scan a Kubernetes cluster, with all available scanners, and show a summary report:
```bash
trivy k8s --report summary cluster
```
<img src="../imgs/trivy-k8s.png" width="1000" alt="trivy-k8s"/>
For a more complete introduction, check out the basic Trivy Demo: <https://github.com/itaysk/trivy-demo>
## Learn more
Now that you up and ready, here are some resources to help you deepen your knowledge:
- Learn more about Trivy's capabilities by exploring the complete [documentation](../docs/index.md).
- Explore community questions and under [GitHub Discussions](https://github.com/aquasecurity/trivy/discussions).
- Stay up to date by watching for [New Releases & Announcements](https://github.com/aquasecurity/trivy/discussions/categories/announcements).
- Follow Trivy on Twitter/X: [@aquatrivy](https://x.com/aquatrivy)
- Explore and subscribe to our YouTube channel [@AquaSecOSS](http://youtube.com/@aquasecoss)
# Want more? Check out Aqua
If you liked Trivy, you will love Aqua which builds on top of Trivy to provide even more enhanced capabilities for a complete security management offering.
You can find a high level comparison table specific to Trivy users [here](https://github.com/aquasecurity/resources/blob/main/trivy-aqua.md).
In addition, check out the <https://aquasec.com> website for more information about our products and services.
If you'd like to contact Aqua or request a demo, please use this form: <https://www.aquasec.com/demo>

116
docs/getting-started/installation.md
View File

@@ -1,10 +1,47 @@
# Installing Trivy
In this section you will find an aggregation of the different ways to install Trivy. installations are listed as either "official" or "community". Official integrations are developed by the core Trivy team and supported by it. Community integrations are integrations developed by the community, and collected here for your convenience. For support or questions about community integrations, please contact the original developers.
In this section you will find an aggregation of the different ways to install Trivy. Installation options are labeled as either "Official" or "Community". Official installations are developed by the Trivy team and supported by it. Community installations could be developed by anyone from the Trivy community, and collected here for your convenience. For support or questions about community installations, please contact the original developers.
## Install using Package Manager
!!! note
If you are looking to integrate Trivy into another system, such as CI/CD, IDE, Kubernetes, etc, please see [Ecosystem section](../ecosystem/index.md) to explore integrations of Trivy with other tools.
### RHEL/CentOS (Official)
## Container image (Official)
Use one of the official Trivy images:
| Registry | Repository | Link |
| --- | --- | --- |
| Docker Hub | `docker.io/aquasec/trivy` | https://hub.docker.com/r/aquasec/trivy |
| GitHub Container Registry (GHCR) | `ghcr.io/aquasecurity/trivy` | https://github.com/orgs/aquasecurity/packages/container/package/trivy |
| AWS Elastic Container Registry (ECR) | `public.ecr.aws/aquasecurity/trivy` | https://gallery.ecr.aws/aquasecurity/trivy |
!!! Tip
It is advisable to mount a persistent [cache dir](../docs/configuration/cache.md) on the host into the Trivy container.
!!! Tip
For scanning container images with Trivy, mount the container engine socket from the host into the Trivy container.
Example:
``` bash
docker run -v /var/run/docker.sock:/var/run/docker.sock -v $HOME/Library/Caches:/root/.cache/ aquasec/trivy:{{ git.tag[1:] }} image python:3.4-alpine
```
## GitHub Release (Official)
1. Download the file for your operating system/architecture from [GitHub Release assets](https://github.com/aquasecurity/trivy/releases/tag/{{ git.tag }}).
2. Unpack the downloaded archive (`tar -xzf ./trivy.tar.gz`).
3. Make sure the binary has execution bit turned on (`chmod +x ./trivy`).
## Install Script (Official)
For convenience, you can use the install script to download and install Trivy from GitHub Release.
```bash
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sudo sh -s -- -b /usr/local/bin {{ git.tag }}
```
## RHEL/CentOS (Official)
=== "Repository"
Add repository setting to `/etc/yum.repos.d`.
@@ -28,7 +65,7 @@ In this section you will find an aggregation of the different ways to install Tr
rpm -ivh https://github.com/aquasecurity/trivy/releases/download/{{ git.tag }}/trivy_{{ git.tag[1:] }}_Linux-64bit.rpm
```
### Debian/Ubuntu (Official)
## Debian/Ubuntu (Official)
=== "Repository"
Add repository setting to `/etc/apt/sources.list.d`.
@@ -48,22 +85,20 @@ In this section you will find an aggregation of the different ways to install Tr
sudo dpkg -i trivy_{{ git.tag[1:] }}_Linux-64bit.deb
```
### Homebrew (Official)
## Homebrew (Official)
Homebrew for MacOS and Linux.
Homebrew for macOS and Linux.
```bash
brew install trivy
```
### Windows (Official)
## Windows (Official)
1. Download trivy_x.xx.x_windows-64bit.zip file from [releases page](https://github.com/aquasecurity/trivy/releases/).
2. Unzip file and copy to any folder.
3. Ensure PATH environment variable is configured to folder trivy installed.
### Arch Linux (Community)
## Arch Linux (Community)
Arch Linux Package Repository.
@@ -76,9 +111,9 @@ References:
- <https://gitlab.archlinux.org/archlinux/packaging/packages/trivy/-/blob/main/PKGBUILD>
### MacPorts (Community)
## MacPorts (Community)
[MacPorts](https://www.macports.org) for MacOS.
[MacPorts](https://www.macports.org) for macOS.
```bash
sudo port install trivy
@@ -87,9 +122,9 @@ sudo port install trivy
References:
- <https://ports.macports.org/port/trivy/details/>
### Nix/NixOS (Community)
## Nix/NixOS (Community)
Nix package manager for Linux and MacOS.
Nix package manager for Linux and macOS.
=== "Command line"
`nix-env --install -A nixpkgs.trivy`
@@ -116,15 +151,15 @@ References:
- https://github.com/NixOS/nixpkgs/blob/master/pkgs/tools/admin/trivy/default.nix
### FreeBSD (Official)
## FreeBSD (Official)
[Pkg](https://freebsd.org) for FreeBSD.
Pkg package manager for FreeBSD.
```bash
pkg install trivy
```
### asdf/mise (Community)
## asdf/mise (Community)
[asdf](https://github.com/asdf-vm/asdf) and [mise](https://github.com/jdx/mise) are quite similar tools you can use to install trivy.
See their respective documentation for more information of how to install them and use them:
@@ -165,50 +200,3 @@ The plugin used by both tools is developped [here](https://github.com/zufardhiya
# Now trivy commands are available
trivy --version
```
## Install from GitHub Release (Official)
### Download Binary
1. Download the file for your operating system/architecture from [GitHub Release assets](https://github.com/aquasecurity/trivy/releases/tag/{{ git.tag }}).
2. Unpack the downloaded archive (`tar -xzf ./trivy.tar.gz`).
3. Make sure the binary has execution bit turned on (`chmod +x ./trivy`).
4. Put the binary somewhere in your `$PATH` (e.g `sudo mv ./trivy /usr/local/bin/`).
### Install Script
The process above can be automated by the following script:
```bash
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sudo sh -s -- -b /usr/local/bin {{ git.tag }}
```
### Install from source
```bash
git clone --depth 1 --branch {{ git.tag }} https://github.com/aquasecurity/trivy
cd trivy
go install ./cmd/trivy
```
## Use container image
1. Pull Trivy image (`docker pull aquasec/trivy:{{ git.tag[1:] }}`)
2. It is advisable to mount a consistent [cache dir](../docs/configuration/cache.md) on the host into the Trivy container.
3. For scanning container images with Trivy, mount `docker.sock` from the host into the Trivy container.
Example:
``` bash
docker run -v /var/run/docker.sock:/var/run/docker.sock -v $HOME/Library/Caches:/root/.cache/ aquasec/trivy:{{ git.tag[1:] }} image python:3.4-alpine
```
| Registry | Repository | Link | Supportability |
|--------------------------------------|-------------------------------------|-----------------------------------------------------------------------|----------------|
| Docker Hub | `docker.io/aquasec/trivy` | https://hub.docker.com/r/aquasec/trivy | Official |
| GitHub Container Registry (GHCR) | `ghcr.io/aquasecurity/trivy` | https://github.com/orgs/aquasecurity/packages/container/package/trivy | Official |
| AWS Elastic Container Registry (ECR) | `public.ecr.aws/aquasecurity/trivy` | https://gallery.ecr.aws/aquasecurity/trivy | Official |
## Other Tools to use and deploy Trivy
For additional tools and ways to install and use Trivy in different environments such as in IDE, Kubernetes or CI/CD, see [Ecosystem section](../ecosystem/index.md).

145
docs/getting-started/signature-verification.md
View File

@@ -1,60 +1,47 @@
# Signature Verification
## Verifying a Cosign signature
All binaries and container images are signed by [Cosign](https://github.com/sigstore/cosign).
You need the following tool:
## Verifying container image
- [Cosign](https://docs.sigstore.dev/cosign/installation/)
### Verifying signed container images
1. Use the following command for keyless [verification](https://docs.sigstore.dev/cosign/verify/):
```shell
cosign verify aquasec/trivy:<version> \
--certificate-identity-regexp 'https://github\.com/aquasecurity/trivy/\.github/workflows/.+' \
--certificate-oidc-issuer "https://token.actions.githubusercontent.com"
```
2. You should get the following output
```shell
Verification for index.docker.io/aquasec/trivy:latest --
The following checks were performed on each of these signatures:
- The cosign claims were validated
- Existence of the claims in the transparency log was verified offline
- The code-signing certificate was verified using trusted certificate authority certificates
....
```
### Verifying signed binaries
1. Download the required tarball, associated signature and certificate files
2. Use the following command for keyless verification:
```shell
cosign verify-blob <path to binray> \
--certificate <path to cert> \
--signature <path to sig> \
--certificate-identity-regexp 'https://github\.com/aquasecurity/trivy/\.github/workflows/.+' \
--certificate-oidc-issuer "https://token.actions.githubusercontent.com"
```
3. You should get the following output
```
Verified OK
```
For example:
Use the following command for keyless [verification](https://docs.sigstore.dev/cosign/verify/):
```shell
$ wget "https://github.com/aquasecurity/trivy/releases/download/v0.45.0/trivy_0.45.0_Linux-32bit.tar.gz"
$ wget "https://github.com/aquasecurity/trivy/releases/download/v0.45.0/trivy_0.45.0_Linux-32bit.tar.gz.pem"
$ wget "https://github.com/aquasecurity/trivy/releases/download/v0.45.0/trivy_0.45.0_Linux-32bit.tar.gz.sig"
$ cosign verify-blob trivy_0.45.0_Linux-32bit.tar.gz \
--certificate trivy_0.45.0_Linux-32bit.tar.gz.pem \
--signature trivy_0.45.0_Linux-32bit.tar.gz.sig \
--certificate-identity-regexp 'https://github\.com/aquasecurity/trivy/\.github/workflows/.+' \
--certificate-oidc-issuer "https://token.actions.githubusercontent.com"
Vetified OK
cosign verify aquasec/trivy:<version> \
--certificate-identity-regexp 'https://github\.com/aquasecurity/trivy/\.github/workflows/.+' \
--certificate-oidc-issuer "https://token.actions.githubusercontent.com"
```
You should get the following output
```
Verification for index.docker.io/aquasec/trivy:latest --
The following checks were performed on each of these signatures:
- The cosign claims were validated
- Existence of the claims in the transparency log was verified offline
- The code-signing certificate was verified using trusted certificate authority certificates
....
```
## Verifying binary
Download the required tarball, associated signature and certificate files from the [GitHub Release](https://github.com/aquasecurity/trivy/releases).
Use the following command for keyless verification:
```shell
cosign verify-blob <path to binray> \
--certificate <path to cert> \
--signature <path to sig> \
--certificate-identity-regexp 'https://github\.com/aquasecurity/trivy/\.github/workflows/.+' \
--certificate-oidc-issuer "https://token.actions.githubusercontent.com"
```
You should get the following output
```
Verified OK
```
## Verifying a GPG signature
@@ -63,37 +50,33 @@ RPM and Deb packages are also signed by GPG.
### Verifying RPM
The public key downloaded [here](https://aquasecurity.github.io/trivy-repo/rpm/public.key).
The public key is available at <https://aquasecurity.github.io/trivy-repo/rpm/public.key>.
1. Download the public key
```shell
curl https://aquasecurity.github.io/trivy-repo/rpm/public.key \
--output pub.key
```
2. Import the key
```shell
rpm --import pub.key
```
3. Verify that the key has been imported
```shell
rpm -q --queryformat "%{SUMMARY}\n" $(rpm -q gpg-pubkey)
```
You should get the following output
```shell
gpg(trivy)
```
First, download and import the key:
```shell
curl https://aquasecurity.github.io/trivy-repo/rpm/public.key \
--output pub.key
rpm --import pub.key
rpm -q --queryformat "%{SUMMARY}\n" $(rpm -q gpg-pubkey)
```
You should get the following output:
```
gpg(trivy)
```
4. Download the required binary
```shell
curl -L https://github.com/aquasecurity/trivy/releases/download/<version>/<file name>.rpm \
--output trivy.rpm
```
5. Check the binary with the following command
```shell
rpm -K trivy.rpm
```
You should get the following output
```shell
trivy.rpm: digests signatures OK
```
Then you can verify the signature:
```shell
curl -L https://github.com/aquasecurity/trivy/releases/download/<version>/<file name>.rpm \
--output trivy.rpm
rpm -K trivy.rpm
```
You should get the following output
```
trivy.rpm: digests signatures OK
```

142
docs/index.md
View File

@@ -1,140 +1,10 @@
---
template: home.html
hide:
- toc
---
![logo](imgs/logo.png){ align=right }
# Trivy Documentation
👋 Welcome to Trivy Documentation! To help you get around, please notice the different sections at the top global menu:
- You are currently in the [Getting Started] section where you can find general information and help with first steps.
- In the [Tutorials] section you can find step-by-step guides that help you accomplish specific tasks.
- In the [Docs] section you can find the complete reference documentation for all of the different features and settings that Trivy has to offer.
- In the [Ecosystem] section you can find how Trivy works together with other tools and applications that you might already use.
- In the [Contributing] section you can find technical developer documentation and contribution guidelines.
# About Trivy
Trivy ([pronunciation][pronunciation]) is a comprehensive and versatile security scanner. Trivy has *scanners* that look for security issues, and *targets* where it can find those issues.
Targets (what Trivy can scan):
- Container Image
- Filesystem
- Git Repository (remote)
- Virtual Machine Image
- Kubernetes
- AWS
Scanners (what Trivy can find there):
- OS packages and software dependencies in use (SBOM)
- Known vulnerabilities (CVEs)
- IaC issues and misconfigurations
- Sensitive information and secrets
- Software licenses
Trivy supports most popular programming languages, operating systems, and platforms. For a complete list, see the [Scanning Coverage] page.
To learn more, go to the [Trivy homepage][homepage] for feature highlights, or to the [Documentation site][Docs] for detailed information.
## Quick Start
### Get Trivy
Trivy is available in most common distribution channels. The complete list of installation options is available in the [Installation] page. Here are a few popular examples:
- `brew install trivy`
- `docker run aquasec/trivy`
- Download binary from <https://github.com/aquasecurity/trivy/releases/latest/>
- See [Installation] for more
Trivy is integrated with many popular platforms and applications. The complete list of integrations is available in the [Ecosystem] page. Here are a few popular options examples:
- [GitHub Actions](https://github.com/aquasecurity/trivy-action)
- [Kubernetes operator](https://github.com/aquasecurity/trivy-operator)
- [VS Code plugin](https://github.com/aquasecurity/trivy-vscode-extension)
- See [Ecosystem] for more
### General usage
```bash
trivy <target> [--scanners <scanner1,scanner2>] <subject>
```
Examples:
```bash
trivy image python:3.4-alpine
```
<details>
<summary>Result</summary>
<figure style="text-align: center">
<video width="1000" autoplay muted controls loop>
<source src="https://user-images.githubusercontent.com/1161307/171013513-95f18734-233d-45d3-aaf5-d6aec687db0e.mov" type="video/mp4" />
</video>
<figcaption>Demo: Vulnerability Detection</figcaption>
</figure>
</details>
```bash
trivy fs --scanners vuln,secret,misconfig myproject/
```
<details>
<summary>Result</summary>
<figure style="text-align: center">
<video width="1000" autoplay muted controls loop>
<source src="https://user-images.githubusercontent.com/1161307/171013917-b1f37810-f434-465c-b01a-22de036bd9b3.mov" type="video/mp4" />
</video>
<figcaption>Demo: Misconfiguration Detection</figcaption>
</figure>
</details>
```bash
trivy k8s --report summary cluster
```
<details>
<summary>Result</summary>
<figure style="text-align: center">
<img src="imgs/secret-demo.gif" width="1000">
<figcaption>Demo: Secret Detection</figcaption>
</figure>
</details>
# Want more? Check out Aqua
If you liked Trivy, you will love Aqua which builds on top of Trivy to provide even more enhanced capabilities for a complete security management offering.
You can find a high level comparison table specific to Trivy users [here](https://github.com/aquasecurity/resources/blob/main/trivy-aqua.md).
In addition check out the <https://aquasec.com> website for more information about our products and services.
If you'd like to contact Aqua or request a demo, please use this form: <https://www.aquasec.com/demo>
- navigation
- toc
- path
- tags
---
Trivy is an [Aqua Security][aquasec] open source project.
Learn about our open source work and portfolio [here][oss].
Contact us about any matter by opening a GitHub Discussion [here][discussions]
[Ecosystem]: ./ecosystem/index.md
[Installation]: getting-started/installation.md
[pronunciation]: getting-started/faq.md#how-to-pronounce-the-name-trivy
[Scanning Coverage]: ./docs/coverage/index.md
[aquasec]: https://aquasec.com
[oss]: https://www.aquasec.com/products/open-source-projects/
[discussions]: https://github.com/aquasecurity/trivy/discussions
[homepage]: https://trivy.dev
[Tutorials]: ./tutorials/overview
[Docs]: ./docs
[Getting Started]: ./
[Contributing]: ./community/contribute/issue
<!-- the home page is fully customized and implemented in the "home.html" template -->

244
docs/overrides/home.html Normal file
View File

@@ -0,0 +1,244 @@
{% extends "main.html" %}
{% block content %}
<!-- don't render markdown content in the homepage -->
{% endblock %}
{% block hero %}
<link rel='stylesheet' id='main-style-css' href='assets/css/trivy_v1_homepage.min.css' type='text/css' media='all' />
<script type='text/javascript' src='assets/javascripts/trivy_v1_homepage.js' id='trivy_v1_homepage-js'></script>
<div class="trivy_v1_homepage_wrap">
<!-- hero starts -->
<div class="hero_wrap">
<div class="hero header_wrap">
<div class="hero-body">
<div class="clearboth container">
<div class="header_title_wrap">
<div class="header_title_content_wrap">
<div class="page_logo">
<img src="assets/images/trivy_logo_horizontal_white.svg" height="100" alt="Trivy Logo">
</div>
<h1 class="title page_title is-spaced fadeInUp">
The all-in-one open source security scanner
</h1>
<h2 class="subtitle page_subtitle fadeInUp animationDelay_1">
Use Trivy to find vulnerabilities (CVE) & misconfigurations (IaC) across code repositories, binary artifacts, container images, Kubernetes clusters, and more. All in one tool!
</h2>
<a href="./getting-started" class="button is-seafoam large_btn">Get started</a>
<a href="./docs" class="button is-seafoam is-outlined large_btn">Read the Docs</a>
</div><!-- header_title_content_wrap -->
</div><!-- header_title_wrap -->
</div><!-- container -->
</div><!-- hero-body -->
</div><!-- hero -->
<div class="homepage_background_image_wrap">
<div class="stars_wrap">
<div class="stars_bg"></div>
</div>
<div class="terrain_wrap"></div>
<div class="beams_wrap">
<div class="beam"></div>
<div class="beam num2"></div>
<div class="beam num3"></div>
<div class="beam num4"></div>
<div class="sphere"></div>
</div>
<div class="person_wrap"></div>
</div><!-- homepage_background_image_wrap -->
</div><!-- hero_wrap -->
<!-- hero ends -->
<!-- homepage_community starts -->
<div class="homepage_community_wrap">
<div class="container wide_container">
<div class="community_titles_column">
<div class="title is-spaced community_title fadeInUp animationDelay_1">It's all about the community!</div>
<div class="subtitle is-spaced community_subtitle fadeInUp animationDelay_2">Trivy is praised by professionals worldwide. Are you a Trivy fan as well? We'd love to hear from you!
</div>
<div class="community_cta_wrap fadeInUp animationDelay_3">
<a href="https://github.com/aquasecurity/trivy/discussions/categories/adopters" target="_blank" class="button is-seafoam">Share your story</a>
<a href="https://github.com/aquasecurity/trivy/discussions/" target="_blank" class="button is-seafoam is-outlined">Discuss on GitHub</a>
</div>
</div><!-- community_titles_column -->
<div class="community_slider_column">
<div class="community_quotes_wrap">
<!-- quotes page 1 -->
<div class="community_quotes">
<div class="quote_item_wrap">
<div class="quote_item is_tweet has_avatar">
<div class="quote_name">Sam White, GitLab</div>
<div class="quote_twitter_handle"><a href="https://www.aquasec.com/blog/trivy-scanner-gitlab-case-study/" target="_blank">Case Study</a></div>
<div class="quote_text">"Trivy was a clear leader in the market as far as features, functionality, and capabilities"</div>
<div class="quote_avatar" style="background-image:url('https://media.licdn.com/dms/image/v2/C5603AQEeHph5FWOpTw/profile-displayphoto-shrink_800_800/profile-displayphoto-shrink_800_800/0/1601489956361?e=1736380800&v=beta&t=lqBO9XE4rmgn_jOBD4E3YCyxZyWtBZ33eLh7kHJJBfo');"></div>
</div><!-- quote_item is_quote -->
</div><!-- quote_item_wrap -->
<div class="quote_item_wrap">
<div class="quote_item is_tweet has_avatar">
<div class="quote_name">Ariadne Conill, Alpine Security</div>
<div class="quote_twitter_handle">@ariadneconill</div>
<div class="quote_text">...the tl;dr is basicallyAqua's Trivy is the best one, all of the other ones are a waste of time </div>
<div class="quote_avatar" style="background-image:url('https://pbs.twimg.com/profile_images/1584412202945093632/UaXJmOMy_400x400.jpg');"></div>
</div><!-- quote_item is_tweet -->
</div><!-- quote_item_wrap -->
<div class="quote_item_wrap">
<div class="quote_item is_tweet has_avatar">
<div class="quote_name">Harbor Team</div>
<div class="quote_twitter_handle"><a href="https://goharbor.io/blog/harbor-2.0/" target="_blank">Harbor blog</a></div>
<div class="quote_text">"Trivy takes container image scanning to higher levels of usability and performance."</div>
<div class="quote_avatar" style="background-image:url('https://www.jpaul.me/wp-content/uploads/2020/09/harbor-icon-color.png');"></div>
</div><!-- quote_item is_quote -->
</div><!-- quote_item_wrap -->
<div class="quote_item_wrap">
<div class="quote_item is_tweet has_avatar">
<div class="quote_name">Milind Gadre, Mirantis</div>
<div class="quote_twitter_handle"><a href="https://www.aquasec.com/news/trivy-vulnerability-scanner-aqua-security-adopted-by-leading-cloud-native-platforms/" target="_blank">Mirantis</a></div>
<div class="quote_text">"After evaluating several leading options for open source vulnerability scanning, Trivy really stood out"</div>
<div class="quote_avatar" style="background-image:url('https://media.licdn.com/dms/image/v2/C5103AQHKRwg19TMyjQ/profile-displayphoto-shrink_800_800/profile-displayphoto-shrink_800_800/0/1567694195920?e=1736380800&v=beta&t=tn7utvMY__6lyJSWWFDQApvikQAOep-5Sxwx_op7t5c');"></div>
</div><!-- quote_item is_quote -->
</div><!-- quote_item_wrap -->
<div class="quote_item_wrap">
<div class="quote_item is_tweet has_avatar">
<div class="quote_name">Jerry Gambli</div>
<div class="quote_twitter_handle">@JGamblin</div>
<div class="quote_text">The way the @AquaSecTeam team has turned Trivy into the best open-source vulnerability scanner in such a short time is really amazing.</div>
<div class="quote_avatar" style="background-image:url('https://pbs.twimg.com/profile_images/1490086716568395777/mDaSylm1_400x400.jpg');"></div>
</div><!-- quote_item is_tweet -->
</div><!-- quote_item_wrap -->
</div><!-- community_quotes (break) -->
<!-- quotes page 2 -->
<div class="community_quotes">
<div class="quote_item_wrap">
<div class="quote_item is_tweet has_avatar">
<div class="quote_name">Yaney</div>
<div class="quote_twitter_handle"><a href="https://github.com/aquasecurity/trivy/discussions/4738#discussioncomment-6335342" target="_blank">y4ney</a></div>
<div class="quote_text">"Trivy is, by far, the best open-source tool for cloud-native security that I have ever used"</div>
<div class="quote_avatar" style="background-image:url('https://avatars.githubusercontent.com/u/44939500?v=4');"></div>
</div><!-- quote_item is_quote -->
</div><!-- quote_item_wrap -->
<div class="quote_item_wrap">
<div class="quote_item is_tweet has_avatar">
<div class="quote_name">Ulises Galeano, MasterCard</div>
<div class="quote_twitter_handle"><a href="https://www.linkedin.com/posts/ulises-galeano_aqua-securitys-trivy-adds-cspm-capabilities-activity-6965797718019502080-8ah_?utm_source=share&utm_medium=member_desktop" target="_blank">ulises-galeano</a></div>
<div class="quote_text">"This tool just keeps getting better and better..."</div>
<div class="quote_avatar" style="background-image:url('https://media.licdn.com/dms/image/v2/D5603AQFkCipQMhfD6g/profile-displayphoto-shrink_400_400/profile-displayphoto-shrink_400_400/0/1698769096426?e=1736380800&v=beta&t=BF7ZacfGdzO7E70vZOIxKrEsPvUQUkzH9dvlXCHp364');"></div>
</div><!-- quote_item is_tweet -->
</div><!-- quote_item_wrap -->
<div class="quote_item_wrap">
<div class="quote_item is_tweet has_avatar">
<div class="quote_name">Damian Naprawa</div>
<div class="quote_twitter_handle"><a href="https://x.com/DamianNaprawa/status/1469229068419842049" target="_blank">@DamianNaprawa</a></div>
<div class="quote_text">"So happy to see collaboration between @Azure and @AquaSecTeam on scanning container images in Azure Container Registry CI/CD workflows using such a great tool - Trivy."</div>
<div class="quote_avatar" style="background-image:url('https://pbs.twimg.com/profile_images/1348967860945747971/LFtYvPTm_400x400.jpg');"></div>
</div><!-- quote_item is_tweet -->
</div><!-- quote_item_wrap -->
<div class="quote_item_wrap">
<div class="quote_item is_tweet has_avatar">
<div class="quote_name">Mustafa Akin, Resmo</div>
<div class="quote_twitter_handle"><a href="https://github.com/aquasecurity/trivy/discussions/5898#discussioncomment-8257890" target="_blank">mustafaakin</a></div>
<div class="quote_text">"I love how Trivy democratized dependency scanning to the masses as a free and extremely easy to use tool, with also a permissive license. This used to be a gated community with predatory security vendors charging premium, and they were not half as good as Trivy."</div>
<div class="quote_avatar" style="background-image:url('https://avatars.githubusercontent.com/u/803763?v=4');"></div>
</div><!-- quote_item is_quote -->
</div><!-- quote_item_wrap -->
<div class="quote_item_wrap">
<div class="quote_item is_tweet has_avatar">
<div class="quote_name">dynaptik, Deutsche Bahn</div>
<div class="quote_twitter_handle"><a href="https://x.com/dynaptik/status/1760063329941291098?s=20" target="_blank">@dynaptik</a></div>
<div class="quote_text">"Trivy easily for what it brings to the table (secret scanning, vuln scan, license check) and little effort required. Bang for the buck it's pretty amazing"</div>
<div class="quote_avatar" style="background-image:url('https://pbs.twimg.com/profile_images/1520351613839417347/cX0be6tB_400x400.jpg');"></div>
</div><!-- quote_item is_tweet -->
</div><!-- quote_item_wrap -->
</div><!-- community_quotes (break) -->
<!-- quotes page 3 -->
<div class="community_quotes">
<div class="quote_item_wrap">
<div class="quote_item is_tweet has_avatar">
<div class="quote_name">Cristiano Corrado, Wise</div>
<div class="quote_twitter_handle"><a href="https://medium.com/wise-engineering/our-application-security-journey-part-1-fb7d449a7126" target="_blank">wise-engineering</a></div>
<div class="quote_text">"The discovery process led us to evaluate multiple open-source tools ... The final decision was to use Trivy"</div>
<div class="quote_avatar" style="background-image:url('https://miro.medium.com/v2/da:true/resize:fill:176:176/0*RFJEFPwmqPoJk0_Q');"></div>
</div><!-- quote_item is_tweet -->
</div><!-- quote_item_wrap -->
<div class="quote_item_wrap">
<div class="quote_item is_tweet has_avatar">
<div class="quote_name">Saim Safdar</div>
<div class="quote_twitter_handle"><a href="https://x.com/cloudnativeboy/status/1538840080873291777" target="_blank">@cloudnativeboy</a></div>
<div class="quote_text">"my favorite @Docker extension. (Trivy)"</div>
<div class="quote_avatar" style="background-image:url('https://pbs.twimg.com/profile_images/1852731741263298560/j82MEKDC_400x400.jpg');"></div>
</div><!-- quote_item is_tweet -->
</div><!-- quote_item_wrap -->
<div class="quote_item_wrap">
<div class="quote_item is_tweet has_avatar">
<div class="quote_name">Jonathan Gonzalez V., CloudNativePG</div>
<div class="quote_twitter_handle"><a href="https://x.com/sxd/status/1555688296092672000" target="_blank">@sxd</a></div>
<div class="quote_text">"Thanks @AquaSecTeam for creating Trivy and help us to improve @CloudNativePg security"</div>
<div class="quote_avatar" style="background-image:url('https://pbs.twimg.com/profile_images/724741714867445760/4neP98k7_400x400.jpg');"></div>
</div><!-- quote_item is_tweet -->
</div><!-- quote_item_wrap -->
<div class="quote_item_wrap">
<div class="quote_item is_tweet has_avatar">
<div class="quote_name">Andy Roberts, Vista</div>
<div class="quote_twitter_handle"><a href="https://x.com/andyr8939/status/1523402643397562368" target="_blank">@andyr8939</a></div>
<div class="quote_text">"I've tried a few and all have pros/cons but I found that Trivy is the best of them"</div>
<div class="quote_avatar" style="background-image:url('https://pbs.twimg.com/profile_images/1384815728201588736/5uQfnSPb_400x400.jpg');"></div>
</div><!-- quote_item is_tweet -->
</div><!-- quote_item_wrap -->
<div class="quote_item_wrap">
<div class="quote_item is_tweet has_avatar">
<div class="quote_name">Ali Faraj, Antigen Security</div>
<div class="quote_twitter_handle"><a href="https://www.linkedin.com/posts/activity-6932020213307625472-zWs8/" target="_blank">@andyr8939</a></div>
<div class="quote_text">"Trivy from Aqua Security is my new favorite tool... It's such a powerful tool with the ability to generate SBOMs, find vulnerabilities, misconfigurations, and secrets!"</div>
<div class="quote_avatar" style="background-image:url('https://media.licdn.com/dms/image/v2/C4D03AQEwMCBM6uAGdQ/profile-displayphoto-shrink_800_800/profile-displayphoto-shrink_800_800/0/1599152832090?e=1736380800&v=beta&t=2negMF6o75BjLkIM3iz6gkl-5Aqk4jv7rGnO_sbMKf4');"></div>
</div><!-- quote_item is_tweet -->
</div><!-- quote_item_wrap -->
</div><!-- community_quotes -->
</div><!-- community_quotes_wrap -->
</div><!-- community_slider_column -->
</div><!-- container -->
</div><!-- homepage_community_wrap -->
<script type="text/javascript">
var $j_hpcom = jQuery.noConflict();
$j_hpcom(document).ready(function () {
$j_hpcom('.community_quotes_wrap').slick({
arrows: false,
dots: true,
centerMode: false,
infinite: true,
slidesToShow: 1,
focusOnSelect: true,
autoplay: true,
autoplaySpeed: 11000
});
});
</script>
<!-- homepage_community ends -->
</div><!-- trivy_v1_homepage_wrap -->
{% endblock %}

30
docs/overrides/main.html
View File

@@ -1,7 +1,35 @@
{% extends "base.html" %}
{% block extrahead %}
{% set title = config.site_name %}
{% if page and page.title and not page.is_homepage %}
{% set title = config.site_name ~ " - " ~ page.title | striptags %}
{% endif %}
{% set image = config.site_url ~ 'assets/images/illustrations/banner.png' %}
<meta property="og:type" content="website" />
<meta property="og:title" content="{{ title }}" />
<meta property="og:description" content="{{ config.site_description }}" />
<meta property="og:url" content="{{ page.canonical_url }}" />
<meta property="og:image" content="{{ image }}" />
<meta property="og:image:type" content="image/png" />
<meta property="og:image:width" content="1080" />
<meta property="og:image:height" content="568" />
<style>
:root{
--md-primary-fg-color:#0a0b23;
}
.md-typeset a{
color:#10147e;
}
</style>
{% endblock %}
{% block outdated %}
You're not viewing the latest version.
You're not viewing the latest version of the documentation.
<a href="{{ '../' ~ base_url }}">
<strong>Click here to go to latest.</strong>
</a>

48
magefiles/magefile.go
View File

@@ -75,6 +75,22 @@ func (Tool) Wire() error {
return sh.Run("go", "install", "github.com/google/wire/cmd/wire@v0.5.0")
}
// Sass installs saas if not installed. npm is assumed to be available
func (Tool) Sass() error {
if installed("sass") {
return nil
}
return sh.Run("npm", "install", "-g", "saas")
}
// PipTools installs PipTools if not installed. python is assumed to be available and relevant environment to have been activated
func (Tool) PipTools() error {
if installed("pip-compile") {
return nil
}
return sh.Run("python", "-m", "pip", "install", "pip-tools")
}
// GolangciLint installs golangci-lint
func (t Tool) GolangciLint() error {
const version = "v1.61.0"
@@ -420,13 +436,41 @@ func Label() error {
type Docs mg.Namespace
// Prepare CSS
func (Docs) Css() error {
const (
homepageSass = "docs/assets/css/trivy_v1_homepage.scss"
)
homepageCss := strings.TrimSuffix(homepageSass, ".scss") + ".min.css"
if updated, err := target.Path(homepageCss, homepageSass); err != nil {
return err
} else if !updated {
return nil
}
return sh.Run("sass", "--no-source-map", "--style=compressed", homepageSass, homepageCss)
}
// Prepare python requirements
func (Docs) Pip() error {
const (
requirementsIn = "docs/build/requirements.in"
)
requirementsTxt := strings.TrimSuffix(requirementsIn, ".in") + ".txt"
if updated, err := target.Path(requirementsTxt, requirementsIn); err != nil {
return err
} else if !updated {
return nil
}
return sh.Run("pip-compile", requirementsIn, "--output-file", requirementsTxt)
}
// Serve launches MkDocs development server to preview the documentation page
func (Docs) Serve() error {
const (
mkdocsImage = "aquasec/mkdocs-material:dev"
mkdocsImage = "trivy-docs:dev"
mkdocsPort = "8000"
)
if err := sh.Run("docker", "build", "-t", mkdocsImage, "-f", "docs/build/Dockerfile", "docs/build"); err != nil {
if err := sh.Run("docker", "build", "-t", mkdocsImage, "docs/build"); err != nil {
return err
}
return sh.Run("docker", "run", "--name", "mkdocs-serve", "--rm", "-v", "${PWD}:/docs", "-p", mkdocsPort+":8000", mkdocsImage)

27
mkdocs.yml
View File

@@ -1,14 +1,15 @@
site_name: Trivy
site_url: https://aquasecurity.github.io/trivy/
site_description: A Simple and Comprehensive Vulnerability Scanner for Containers and other Artifacts, Suitable for CI
site_description: Trivy - All-in-one open source security scanner
docs_dir: docs/
repo_name: GitHub
repo_url: https://github.com/aquasecurity/trivy
edit_uri: "blob/main/docs/"
nav:
- Getting Started:
- Overview: index.md
- Home: index.md
- Getting Started:
- First steps: getting-started/index.md
- Installation: getting-started/installation.md
- Signature Verification: getting-started/signature-verification.md
- FAQ: getting-started/faq.md
@@ -218,6 +219,7 @@ nav:
- Backporting: community/maintainer/backporting.md
- Help Wanted: community/maintainer/help-wanted.md
- Triage: community/maintainer/triage.md
theme:
name: material
custom_dir: docs/overrides
@@ -232,24 +234,27 @@ theme:
- content.tabs.link
- content.code.annotate
- content.code.copy
font:
text: Inter
markdown_extensions:
- abbr
- admonition
- attr_list
- def_list
- footnotes
- md_in_html
- toc:
permalink: true
- pymdownx.highlight
- pymdownx.details
- pymdownx.superfences:
custom_fences:
- name: mermaid
class: mermaid
format: !!python/name:pymdownx.superfences.fence_code_format
- admonition
- footnotes
- attr_list
- pymdownx.tabbed:
alternate_style: true
- def_list
- pymdownx.details
- pymdownx.emoji:
emoji_index: !!python/name:materialx.emoji.twemoji
emoji_generator: !!python/name:materialx.emoji.to_svg
extra:
generator: false