trivy-plugin-push-referrer

Trivy plugin for the OCI referrer

Install

$ trivy plugin install github.com/aquasecurity/trivy-plugin-referrer

Usage

Putting the SBOM into the OCI registry

Put the SBOM into the OCI registry as a referrer. You need the write permission for the target repository.

# CycloneDX
$ trivy image -q -f cyclonedx YOUR_IMAGE | trivy referrer put

# SPDX
$ trivy image -q -f spdx-json YOUR_IMAGE | trivy referrer put

You can also upload by specifying a file.

$ trivy image -q -f cyclonedx YOUR_IMAGE > sbom.cdx.json
$ trivy referrer put -f sbom.cdx.json

Putting the Vulnerability info into the OCI registry

Put the vulnerability into the OCI registry as a referrer. You need the write permission for the target repository.

$ trivy image -q -f cosign-vuln YOUR_IMAGE | trivy referrer put

Name		Name	Last commit message	Last commit date
Latest commit History 13 Commits
.github/workflows		.github/workflows
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
go.mod		go.mod
go.sum		go.sum
goreleaser.yml		goreleaser.yml
main.go		main.go
plugin.yaml		plugin.yaml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

.github/workflows

.github/workflows

.gitignore

.gitignore

LICENSE

LICENSE

README.md

README.md

go.mod

go.mod

go.sum

go.sum

goreleaser.yml

goreleaser.yml

main.go

main.go

plugin.yaml

plugin.yaml

Repository files navigation

trivy-plugin-push-referrer

Install

Usage

Putting the SBOM into the OCI registry

Putting the Vulnerability info into the OCI registry

About

Releases 3

Packages 1

Languages

License

otms61/old-trivy-plugin-referrer

Folders and files

Latest commit

History

Repository files navigation

trivy-plugin-push-referrer

Install

Usage

Putting the SBOM into the OCI registry

Putting the Vulnerability info into the OCI registry

About

Resources

License

Stars

Watchers

Forks

Languages