Commit 3627b5ee authored by Bertrand Goareguer's avatar Bertrand Goareguer
Browse files

fix(trivy): disable telemetry and version check

parent ee0260c7

README.md

+1 −1
Original line number Diff line number Diff line
@@ -495,7 +495,7 @@ The template uses GitLab registries and authentication defaults. See the Docker 
| `sbom-image` / `MAVEN_SBOM_IMAGE` | The image used to perform and complete the Security Bill of Materials | `docker.io/anchore/syft:debug` |

| `sbom-opts` / `MAVEN_SBOM_OPTS` | SBOM options to complete the Security Bill of Materials  | `--override-default-catalogers rpm-db-cataloger,alpm-db-cataloger,apk-db-cataloger,dpkg-db-cataloger,portage-cataloger,nix-store-cataloger,java`          |

| `trivy-image` / `MAVEN_TRIVY_IMAGE` | The image to perform container security scanning  | `docker.io/aquasec/trivy:latest` |

| `trivy-args` / `MAVEN_TRIVY_ARGS` | Additional [`trivy image` options](https://aquasecurity.github.io/trivy/latest/docs/references/configuration/cli/trivy_image/#options) | `--ignore-unfixed --pkg-types os` |

| `trivy-args` / `MAVEN_TRIVY_ARGS` | Additional [`trivy image` options](https://aquasecurity.github.io/trivy/latest/docs/references/configuration/cli/trivy_image/#options) | `--ignore-unfixed --pkg-types os --disable-telemetry --skip-version-check` |



Other Trivy parameters shall be configured using [Trivy environment variables](https://aquasecurity.github.io/trivy/latest/docs/references/configuration/cli/trivy_image/#options).

Examples:

kicker.json

+1 −1
Original line number Diff line number Diff line
@@ -237,7 +237,7 @@ 
            {

              "name": "MAVEN_TRIVY_ARGS",

              "description": "Additional [`trivy image` options](https://aquasecurity.github.io/trivy/latest/docs/references/configuration/cli/trivy_image/#options)",

              "default": "--ignore-unfixed --pkg-types os",

              "default": "--ignore-unfixed --pkg-types os --disable-telemetry --skip-version-check",

              "advanced": true

            }

          ]

templates/gitlab-ci-maven-jib.yml

+1 −1
Original line number Diff line number Diff line
@@ -34,7 +34,7 @@ spec: 
      default: docker.io/aquasec/trivy:latest

    trivy-args:

      description: Additional [`trivy image` options](https://aquasecurity.github.io/trivy/latest/docs/references/configuration/cli/trivy_image/#options)

      default: --ignore-unfixed --pkg-types os

      default: --ignore-unfixed --pkg-types os --disable-telemetry --skip-version-check

    sbom-image:

      default: docker.io/anchore/syft:debug

    sbom-opts: