semaphore-demo-ruby-kubernetes
trivy-plugin-kubectl
semaphore-demo-ruby-kubernetes | trivy-plugin-kubectl | |
---|---|---|
3 | 1 | |
19 | 23 | |
- | - | |
5.0 | 0.0 | |
3 months ago | 8 months ago | |
Ruby | Shell | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
semaphore-demo-ruby-kubernetes
trivy-plugin-kubectl
-
Continuous Container Vulnerability Testing With Trivy
Let me close up this post by mentioning that Trivy can be extended with plugins and custom policies. For example, Aqua provides the kubectl plugin to better integrate Trivy with Kubectl. The plugin lets us scan images running in a Kubernetes pod or deployment:
What are some alternatives?
trivy-ci-test
appshield - Security configuration checks for popular cloud native applications and infrastructure.
trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
semaphore-demo-ruby-kubernetespipeline.png
cuber-gem - An automation tool that simplify the deployment of your apps on Kubernetes.
kubeconform - A FAST Kubernetes manifests validator, with support for Custom Resources!
kube-score - Kubernetes object analysis with recommendations for improved reliability and security. kube-score actively prevents downtime and bugs in your Kubernetes YAML and Charts. Static code analysis for Kubernetes.
kubernetes-extension-fortosi - 'Fortosi' Kubernetes extension is meant to address a fundamental requirement of any project team running their applications on Kubernetes - which is to quickly provision CI/CD pipelines (on demand) for their various private/public GitHub projects/organisation using simple kubectl commands. Basically, implementing the concept of No Ops. It is agnostic of cloud platform, be it AWS (EKS) or Azure (AKS), and agnostic of application technology framework.
container-structure-test - validate the structure of your container images