{"id":22018396,"url":"https://github.com/flavienbwk/trivy-docker-compose","last_synced_at":"2026-04-18T17:04:20.774Z","repository":{"id":124243417,"uuid":"451107587","full_name":"flavienbwk/trivy-docker-compose","owner":"flavienbwk","description":"Deployment-ready docker configuration and instructions to use Trivy on your infrastructure and CIs.","archived":false,"fork":false,"pushed_at":"2022-06-29T20:14:03.000Z","size":127,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-03-23T09:35:23.997Z","etag":null,"topics":["ci","docker","docker-compose","gitlab","offline-capable","trivy","vulnerability-scanners"],"latest_commit_sha":null,"homepage":"","language":"Dockerfile","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/flavienbwk.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-01-23T13:10:53.000Z","updated_at":"2024-08-12T06:21:31.000Z","dependencies_parsed_at":null,"dependency_job_id":"aae6eb6c-21af-4779-9aec-2c5390a6dcf1","html_url":"https://github.com/flavienbwk/trivy-docker-compose","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/flavienbwk/trivy-docker-compose","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/flavienbwk%2Ftrivy-docker-compose","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/flavienbwk%2Ftrivy-docker-compose/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/flavienbwk%2Ftrivy-docker-compose/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/flavienbwk%2Ftrivy-docker-compose/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/flavienbwk","download_url":"https://codeload.github.com/flavienbwk/trivy-docker-compose/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/flavienbwk%2Ftrivy-docker-compose/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31976806,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-18T16:27:12.723Z","status":"ssl_error","status_checked_at":"2026-04-18T16:27:11.140Z","response_time":103,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ci","docker","docker-compose","gitlab","offline-capable","trivy","vulnerability-scanners"],"created_at":"2024-11-30T05:12:06.208Z","updated_at":"2026-04-18T17:04:20.715Z","avatar_url":"https://github.com/flavienbwk.png","language":"Dockerfile","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Trivy docker-compose\n\nDeployment-ready docker compose configuration and instructions to use Trivy on your infrastructure and CIs.\n\n## Installation\n\n### Download latest vulnerabilities\n\nRun the following commands :\n\n```bash\nmkdir trivy-data\ndocker run --rm -v \"$(pwd)/trivy-data:/root/.cache\" aquasec/trivy:0.29.2 image --download-db-only\n```\n\n### Run Trivy server\n\n```bash\ndocker-compose up -d\n```\n\n## Run scan (local)\n\n```bash\n# Install client\nwget https://github.com/aquasecurity/trivy/releases/download/v0.29.2/trivy_0.29.2_Linux-64bit.deb\nsudo dpkg -i trivy_0.29.2_Linux-64bit.deb\n\n# Run\ntrivy client --offline-scan --remote http://172.17.0.1:4030 \"$FULL_IMAGE_NAME\"\n```\n\n- Image avec vulnérabilité : `node:10-alpine`\n- Image sans vulnérabilité : `alpine:3.12`\n\nThis will look like this :\n\n![Screenshot scan example](scan_example.png)\n\n## Run scan (CI)\n\nTrivy can be [integrated to a GitLab CI](https://aquasecurity.github.io/trivy/v0.29.2/advanced/integrations/gitlab-ci/).\n\n### GitLab CE\n\n1. Download Trivy client binaries\n\n    ```bash\n    wget https://github.com/aquasecurity/trivy/releases/download/v0.29.2/trivy_0.29.2_Linux-64bit.tar.gz\n    ```\n\n2. In a `docker:dind` image CI run\n\n    ```bash\n    mkdir trivy_bin \u0026\u0026 tar xf trivy_0.29.2_Linux-64bit.tar.gz -C trivy_bin/\n\n    ./trivy_bin/trivy --exit-code 1 --cache-dir .trivycache/ --severity CRITICAL --no-progress \"$FULL_IMAGE_NAME\"\n    ```\n\n    This command will make the container exit 1 on CRITICAL vulnerabillity found.\n\n### GitLab EE\n\nCheck the [template from the official documentation](https://aquasecurity.github.io/trivy/v0.29.2/advanced/integrations/gitlab-ci/) so you can benefit of a nice report formating.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fflavienbwk%2Ftrivy-docker-compose","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fflavienbwk%2Ftrivy-docker-compose","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fflavienbwk%2Ftrivy-docker-compose/lists"}