Skip to content

otms61/old-trivy-plugin-referrer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
.github/workflows
.github/workflows
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
goreleaser.yml
goreleaser.yml
 
 
main.go
main.go
 
 
plugin.yaml
plugin.yaml
 
 

Repository files navigation

trivy-plugin-push-referrer

Trivy plugin for the OCI referrer

Install

$ trivy plugin install github.com/aquasecurity/trivy-plugin-referrer

Usage

Putting the SBOM into the OCI registry

Put the SBOM into the OCI registry as a referrer. You need the write permission for the target repository.

# CycloneDX
$ trivy image -q -f cyclonedx YOUR_IMAGE | trivy referrer put

# SPDX
$ trivy image -q -f spdx-json YOUR_IMAGE | trivy referrer put

You can also upload by specifying a file.

$ trivy image -q -f cyclonedx YOUR_IMAGE > sbom.cdx.json
$ trivy referrer put -f sbom.cdx.json

Putting the Vulnerability info into the OCI registry

Put the vulnerability into the OCI registry as a referrer. You need the write permission for the target repository.

$ trivy image -q -f cosign-vuln YOUR_IMAGE | trivy referrer put

About

No description, website, or topics provided.

Resources

Readme

License

Apache-2.0 license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases 3

v0.1.2 Latest
Apr 4, 2023
+ 2 releases

Packages

 
 
 

Languages