Trivy Multiple Container Scan
Requirements:-
Windows is not use for trivy install
Install trivy and make a script for multiple container scan
How to install trivy in ubuntu
Just run these 2 command with sudo permission
wget https://github.com/aquasecurity/trivy/releases/download/v0.18.3/trivy_0.18.3_Linux-64bit.deb
sudo dpkg -i trivy_0.18.3_Linux-64bit.deb
i need to scan more then 100+ images do you have any idea how to do it at once and get a report for that
You can scan multiple Docker images at once and generate reports using a loop in a bash script. Here's a step-by-step guide to help you scan over 100+ images and generate a report:
Step 1: Create a File with Image Names
Create a text file that contains the names of all the Docker images you want to scan, one per line. For example, create a file named images.txt
:
nano images.txt
Add the image names in the file:
nginx:latest
alpine:3.12
ubuntu:20.04
# Add more images here
Save and close the file.
Step 2: Write a Bash Script to Scan All Images
Create a bash script that reads the image names from images.txt
and scans each image using Trivy, saving the reports.
Create the script:
nano trivy-scan.sh
Add the following code:
#!/bin/bash # Create a directory for the reports mkdir -p trivy-reports # Loop through each image in images.txt while IFS= read -r image; do echo "Scanning $image ..." # Run Trivy and save the report as a text file trivy image "$image" > "trivy-reports/$(echo $image | sed 's/\//_/g' | sed 's/:/_/g').txt" done < images.txt echo "Scanning completed. Reports are saved in the trivy-reports directory."
Save and close the file.
Step 3: Make the Script Executable
Make your script executable by running:
chmod +x trivy-scan.sh
Step 4: Run the Script
Run the script to scan all images:
./trivy-scan.sh
Step 5: Review the Reports
Each image will have a report saved in the trivy-reports
directory, with the file names based on the image names. For example, the report for nginx:latest
will be saved as trivy-reports/nginx_latest.txt
.