Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/mziyabo/argocd-trivy-extension

An Argo CD extension to enable visualization of Trivy generated vulnerability reports in Argo CD UI.
https://github.com/mziyabo/argocd-trivy-extension

argocd kubernetes trivy-operator vulnerability-assessment

Last synced: 3 months ago
JSON representation

An Argo CD extension to enable visualization of Trivy generated vulnerability reports in Argo CD UI.

Host: GitHub
URL: https://github.com/mziyabo/argocd-trivy-extension
Owner: mziyabo
License: other
Created: 2024-04-05T20:11:28.000Z (7 months ago)
Default Branch: main
Last Pushed: 2024-04-13T13:26:21.000Z (7 months ago)
Last Synced: 2024-04-23T20:52:52.528Z (6 months ago)
Topics: argocd, kubernetes, trivy-operator, vulnerability-assessment
Language: JavaScript
Homepage:
Size: 1.17 MB
Stars: 44
Watchers: 2
Forks: 5
Open Issues: 1
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE

Awesome Lists containing this project

awesome-argo - argocd-trivy-extension

README

# argocd-trivy-extension

Argo CD UI extension that displays vulnerability report data from [Trivy](https://aquasecurity.github.io/trivy), an open source security scanner.

`Trivy` creates a vulnerability report Kubernetes resource with the results of a security scan. The UI extension then parses the report data and displays it as a grid and dashboard viewable in Pod resources within the Argo CD UI.

vulnerabilities dashboard

## Prerequisites

- Argo CD version 2.6+
- [Trivy Operator](https://aquasecurity.github.io/trivy-operator/v0.3.0/operator/)

## Install UI extension

The UI extension needs to be installed by mounting the React component in Argo CD API server. This process can be automated by using the argocd-extension-installer. This installation method will run an init container that will download, extract and place the file in the correct location.

### Helm

To install the UI extension with the [Argo CD Helm chart](https://artifacthub.io/packages/helm/argo/argo-cd) add the following to the values file:

```yaml
server:
extensions:
enabled: true
extensionList:
- name: extension-trivy
env:
- name: EXTENSION_URL
value: https://github.com/mziyabo/argocd-trivy-extension/releases/download/v0.2.0/extension-trivy.tar
- name: EXTENSION_CHECKSUM_URL
value: https://github.com/mziyabo/argocd-trivy-extension/releases/download/v0.2.0/extension-trivy_checksums.txt
```

### Kustomize

Alternatively, the yaml file below can be used as an example of how to define a kustomize patch to install this UI extension:

```yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: argocd-server
spec:
template:
spec:
initContainers:
- name: extension-trivy
image: quay.io/argoprojlabs/argocd-extension-installer:v0.0.1
env:
- name: EXTENSION_URL
value: https://github.com/mziyabo/argocd-trivy-extension/releases/download/v0.2.0/extension-trivy.tar
- name: EXTENSION_CHECKSUM_URL
value: https://github.com/mziyabo/argocd-trivy-extension/releases/download/v0.2.0/extension-trivy_checksums.txt
volumeMounts:
- name: extensions
mountPath: /tmp/extensions/
securityContext:
runAsUser: 1000
allowPrivilegeEscalation: false
containers:
- name: argocd-server
volumeMounts:
- name: extensions
mountPath: /tmp/extensions/
volumes:
- name: extensions
emptyDir: {}
```

## Release Notes

WIP, contributions welcome

## License

Apache-2.0