| # View all report types available | |
| kubectl get crds | grep aquasecurity | |
| # Get vulnerability reports | |
| kubectl get vulnerabilityreports -A -o table | |
| # Get compliance report configs | |
| kubectl get clustercompliancereports -o wide -n trivy-system | |
| kubectl get clusterconfigauditreports -o wide -n trivy-system | |
| kubectl get clusterinfraassessmentreports -o wide -n trivy-system |
| # Create the security_reports directory if it doesn't exist | |
| mkdir -p security_reports | |
| # Vulnerability summary | |
| kubectl get vulnerabilityreports -A -o wide | \ | |
| awk 'NR==1{print $0} | |
| NR>1{ | |
| critical+=$7; high+=$8; medium+=$9; low+=$10; unknown+=$11; | |
| print $0 | |
| } |
| # Enable compliance reports every hour | |
| # - `serviceMonitor.enabled=true` | |
| helm repo add aqua https://aquasecurity.github.io/helm-charts/ | |
| helm repo update | |
| helm install aqua/trivy-operator \ | |
| --generate-name \ | |
| --create-namespace \ | |
| --namespace trivy-system \ | |
| --set="compliance.reportType=all" \ | |
| --set="compliance.cron=* 1 * * *" \ |
| git lfs install \ | |
| && git lfs track \ | |
| "*.bmp" \ | |
| "*.doc" \ | |
| "*.docx" \ | |
| "*.drawio" \ | |
| "*.gif" \ | |
| "*.jpg" \ | |
| "*.pdf" \ | |
| "*.png" \ |
| # Pre-commit rules | |
| # | |
| # Notes | |
| # ----- | |
| # - Ensure you have installed the hooks, see the README for instructions. | |
| # - When you add a new hook you must run: | |
| # - `pre-commit run --all-files` | |
| # | |
| # References | |
| # ---------- |
People
 :bowtie: |
π :smile: |
π :laughing: |
|---|---|---|
π :blush: |
π :smiley: |
:relaxed: |
π :smirk: |
π :heart_eyes: |
π :kissing_heart: |
π :kissing_closed_eyes: |
π³ :flushed: |
π :relieved: |
π :satisfied: |
π :grin: |
π :wink: |
π :stuck_out_tongue_winking_eye: |
π :stuck_out_tongue_closed_eyes: |
π :grinning: |
π :kissing: |
π :kissing_smiling_eyes: |
π :stuck_out_tongue: |
People
:bowtie: |
π :smile: |
π :laughing: |
|---|---|---|
π :blush: |
π :smiley: |
:relaxed: |
π :smirk: |
π :heart_eyes: |
π :kissing_heart: |
π :kissing_closed_eyes: |
π³ :flushed: |
π :relieved: |
π :satisfied: |
π :grin: |
π :wink: |
π :stuck_out_tongue_winking_eye: |
π :stuck_out_tongue_closed_eyes: |
π :grinning: |
π :kissing: |
π :kissing_smiling_eyes: |
π :stuck_out_tongue: |
| # Use envFrom to load Secrets and ConfigMaps into environment variables | |
| apiVersion: apps/v1beta2 | |
| kind: Deployment | |
| metadata: | |
| name: mans-not-hot | |
| labels: | |
| app: mans-not-hot | |
| spec: | |
| replicas: 1 |
apk-tools 2.8.2, compiled for x86_64.
usage: apk COMMAND [-h|--help] [-p|--root DIR] [-X|--repository REPO] [-q|--quiet] [-v|--verbose] [-i|--interactive] [-V|--version] [-f|--force]
[--force-binary-stdout] [--force-broken-world] [--force-non-repository] [--force-old-apk] [--force-overwrite] [--force-refresh] [-U|--update-cache]
[--progress] [--progress-fd FD] [--no-progress] [--purge] [--allow-untrusted] [--wait TIME] [--keys-dir KEYSDIR] [--repositories-file REPOFILE]
[--no-network] [--no-cache] [--cache-dir CACHEDIR] [--arch ARCH] [--print-arch] [ARGS]...