| # View all report types available | |
| kubectl get crds | grep aquasecurity | |
| # Get vulnerability reports | |
| kubectl get vulnerabilityreports -A -o table | |
| # Get compliance report configs | |
| kubectl get clustercompliancereports -o wide -n trivy-system | |
| kubectl get clusterconfigauditreports -o wide -n trivy-system | |
| kubectl get clusterinfraassessmentreports -o wide -n trivy-system |
| # Create the security_reports directory if it doesn't exist | |
| mkdir -p security_reports | |
| # Vulnerability summary | |
| kubectl get vulnerabilityreports -A -o wide | \ | |
| awk 'NR==1{print $0} | |
| NR>1{ | |
| critical+=$7; high+=$8; medium+=$9; low+=$10; unknown+=$11; | |
| print $0 | |
| } |
| # Enable compliance reports every hour | |
| # - `serviceMonitor.enabled=true` | |
| helm repo add aqua https://aquasecurity.github.io/helm-charts/ | |
| helm repo update | |
| helm install aqua/trivy-operator \ | |
| --generate-name \ | |
| --create-namespace \ | |
| --namespace trivy-system \ | |
| --set="compliance.reportType=all" \ | |
| --set="compliance.cron=* 1 * * *" \ |
| git lfs track \ | |
| "*.jpg" \ | |
| "*.png" \ | |
| "*.pdf" \ | |
| "*.xls" \ | |
| "*.xlsx" |
| # https://github.com/pre-commit/pre-commit/issues/761#issuecomment-394167542 | |
| - repo: local | |
| hooks: | |
| - id: pytest | |
| name: pytest | |
| entry: venv/bin/pytest | |
| language: script | |
| pass_filenames: false | |
| # alternatively you could `types: [python]` so it only runs when python files change | |
| # though tests might be invalidated if you were to say change a data file |
People
 :bowtie: |
😄 :smile: |
😆 :laughing: |
|---|---|---|
😊 :blush: |
😃 :smiley: |
:relaxed: |
😏 :smirk: |
😍 :heart_eyes: |
😘 :kissing_heart: |
😚 :kissing_closed_eyes: |
😳 :flushed: |
😌 :relieved: |
😆 :satisfied: |
😁 :grin: |
😉 :wink: |
😜 :stuck_out_tongue_winking_eye: |
😝 :stuck_out_tongue_closed_eyes: |
😀 :grinning: |
😗 :kissing: |
😙 :kissing_smiling_eyes: |
😛 :stuck_out_tongue: |
People
:bowtie: |
😄 :smile: |
😆 :laughing: |
|---|---|---|
😊 :blush: |
😃 :smiley: |
:relaxed: |
😏 :smirk: |
😍 :heart_eyes: |
😘 :kissing_heart: |
😚 :kissing_closed_eyes: |
😳 :flushed: |
😌 :relieved: |
😆 :satisfied: |
😁 :grin: |
😉 :wink: |
😜 :stuck_out_tongue_winking_eye: |
😝 :stuck_out_tongue_closed_eyes: |
😀 :grinning: |
😗 :kissing: |
😙 :kissing_smiling_eyes: |
😛 :stuck_out_tongue: |
| # Use envFrom to load Secrets and ConfigMaps into environment variables | |
| apiVersion: apps/v1beta2 | |
| kind: Deployment | |
| metadata: | |
| name: mans-not-hot | |
| labels: | |
| app: mans-not-hot | |
| spec: | |
| replicas: 1 |
apk-tools 2.8.2, compiled for x86_64.
usage: apk COMMAND [-h|--help] [-p|--root DIR] [-X|--repository REPO] [-q|--quiet] [-v|--verbose] [-i|--interactive] [-V|--version] [-f|--force]
[--force-binary-stdout] [--force-broken-world] [--force-non-repository] [--force-old-apk] [--force-overwrite] [--force-refresh] [-U|--update-cache]
[--progress] [--progress-fd FD] [--no-progress] [--purge] [--allow-untrusted] [--wait TIME] [--keys-dir KEYSDIR] [--repositories-file REPOFILE]
[--no-network] [--no-cache] [--cache-dir CACHEDIR] [--arch ARCH] [--print-arch] [ARGS]...