Our great sponsors
-
trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
- task: Bash@3 displayName: Trivvy Scan for vunerabilties in both docker image and repository condition: succeeded() continueOnError: true inputs: targetType: inLine script: | set +x wget https://github.com/aquasecurity/trivy/releases/download/v0.18.3/trivy_0.18.3_Linux-64bit.deb sudo dpkg -i trivy_0.18.3_Linux-64bit.deb trivy fs --exit-code 1 --security-checks vuln,config $(System.DefaultWorkingDirectory) trivy image --exit-code 1 --timeout 15m $(imageRepo):$(imageTag)