Skip to content

keaaa/k8s-vulnerability-scanner

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
api
api
 
 
charts
charts
 
 
image-scanner
image-scanner
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
docker-compose.yaml
docker-compose.yaml
 
 

Repository files navigation

k8s-vulnerability-scanner

Based on a scheduler, runs vulnerability scan of all active pods and collect the result in an SQL DB. The latest result is also exposed as an metric on /metrics endpoint, ready to be picked up by a monitoring tool (as prometheus). Vulnerability scan is done through aquasecurity/trivy

Deploy

deploy using helm chart:

helm upgrade --install image-vulnerability-scanner \
	./charts \
	--set private_image_hub.username="<a_user>" \
	--set private_image_hub.password="<a_password>" \
	--set private_image_hub.name="<a_private_container_registry>" \
	--set db.user="<sql_user>" \
	--set db.server="<sql_server>" \
	--set db.database="<database>" \
	--set db.password="<password>" \
	--set scan_vulnerabilities_job.schedule="50 * * * *" \
	--set api.image="<image_ref_built_from_app_folder>" \

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages