-
trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
I recently discovered the trivy-operator which is the follow-up project of aquasec starboard. It scans the running workload for images and stores the vulnerability reports and other results as CRDs.
Hello, tbh i dont know anything about trivy operator but my guess would be to try to parse those crd reports with a trivy template (https://github.com/aquasecurity/trivy/blob/main/contrib/html.tpl) then expose them on a nginx pod via or somehting. I recently did a similar thing(with trivy as service) in jenkins using html publisher plugin. This ( https://foreops.com/blog/trivy-intro/) was my inspiration. I hope it helps you. Good luck! Off-topic what are the advantages of having those crd reports in k8s ?