steampipe-plugin-trivy

command module

v0.3.0 Latest Latest Go to latest Published: Oct 2, 2023 License: Apache-2.0 Imports: 2 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/turbot/steampipe-plugin-trivy

Links

Open Source Insights

README ¶

Trivy Plugin for Steampipe

Use SQL to query advisories, vulnerabilities for containers, code and more with Trivy.

Get started →
Documentation: Table definitions & examples
Community: Join #steampipe on Slack →
Get involved: Issues

Quick start

Install the plugin with Steampipe:

steampipe plugin install trivy

Run steampipe:

steampipe query

Scan images or files for vulnerabilities using a query:

select
  vulnerability_id,
  package_name,
  installed_version,
  title
from
  trivy_scan_vulnerability
where
  artifact_type = 'container_image'
  and artifact_name = 'turbot/steampipe';

+------------------+--------------+-------------------+----------------------------+
| vulnerability_id | package_name | installed_version | title                      |
+------------------+--------------+-------------------+----------------------------+
| CVE-2011-3374    | apt          | 1.8.2.3           | It was found that apt-key… |
| CVE-2022-23218   | libc-bin     | 2.28-10+deb10u1   | glibc: Stack-based buffer… |
| CVE-2022-1304    | e2fsprogs    | 1.44.5-1+deb10u3  | e2fsprogs: out-of-bounds … |
| CVE-2017-18018   | coreutils    | 8.30-3            | coreutils: race condition… |
| CVE-2022-0563    | bsdutils     | 2.33.1-0.1        | util-linux: partial discl… |
+------------------+--------------+-------------------+----------------------------+

Or, query the database of vulnerability definitions:

select
  name,
  published_date,
  title
from
  trivy_vulnerability
where
  name like 'CVE-2022-%'
order by
  name;

+---------------+---------------------------+------------------------------------+
| name          | published_date            | title                              |
+---------------+---------------------------+------------------------------------+
| CVE-2022-0001 | 2022-03-11T13:15:00-05:00 | hw: cpu: intel: Branch History In… |
| CVE-2022-0002 | 2022-03-11T13:15:00-05:00 | hw: cpu: intel: Intra-Mode BTI   … |
| CVE-2022-0005 | 2022-05-12T13:15:00-04:00 | hw: cpu: information disclosure v… |
| CVE-2022-0070 | 2022-04-19T19:15:00-04:00 | <null>                             |
| CVE-2022-0079 | 2022-01-02T22:15:00-05:00 | showdoc is vulnerable to Generati… |
| CVE-2022-0080 | 2022-01-02T07:15:00-05:00 | mruby is vulnerable to Heap-based… |
+---------------+---------------------------+------------------------------------+

Developing

Prerequisites:

Clone:

git clone https://github.com/turbot/steampipe-plugin-trivy.git
cd steampipe-plugin-trivy

Build, which automatically installs the new version to your ~/.steampipe/plugins directory:

make

Configure the plugin:

cp config/* ~/.steampipe/config
vi ~/.steampipe/config/trivy.spc

Try it!

steampipe query
> .inspect trivy

Contributing

Please see the contribution guidelines and our code of conduct. All contributions are subject to the Apache 2.0 open source license.

help wanted issues:

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
trivy

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL