gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-23 07:29:00 -08:00
Code Issues Packages Projects Releases Wiki Activity
Files
467b159e68bbb114c22dee1e6181bfe89a629acd
trivy/docs/guide/coverage/iac/kubernetes.md
Owen Rumney 9da33b5aed docs: restructure docs for new hosting (#9799)
2025-11-18 15:45:49 +00:00

31 lines
1017 B
Markdown
Raw Blame History

# Kubernetes
Trivy supports the scanners listed in the table below.
| Scanner | Supported |
| :----------------: | :-------: |
| [Misconfiguration] | ✓ |
| [Secret] | ✓ |
In addition to raw YAML and JSON, it supports the following templates:
| Template | Supported |
| :-------------: | :-------: |
| [Helm](helm.md) | ✓ |
| Kustomize | ✓[^1] |
!!! note
Trivy does not support Kustomize overlays, so it scans files defined in the base.
Or, you can scan the output of `kustomize build`.
## Misconfiguration
Trivy recursively searches directories and scans all found Kubernetes files.
## Secret
The secret scan is performed on plain text files, with no special treatment for Kubernetes.
This means that Base64 encoded secrets are not scanned, and only secrets written in plain text are detected.
[Misconfiguration]: ../../scanner/misconfiguration/index.md
[Secret]: ../../scanner/secret.md
[^1]: Kustomize is not natively supported.
Reference in New Issue View Git Blame Copy Permalink