Monday, January 1, 2024

Ubuntu - Install trivy image scanner

How to Install Trivy Image Scanner on Ubuntu (Step-by-Step Guide)

Trivy is a popular open-source vulnerability scanner used in DevSecOps pipelines to scan container images, file systems, and Kubernetes clusters. This guide shows how to install Trivy on Ubuntu using the official APT repository and run image vulnerability scans.

Table of Contents

What is Trivy?

Trivy is a simple and comprehensive vulnerability scanner for containers. It detects vulnerabilities in OS packages and application dependencies before deployment.

Why Use Trivy on Ubuntu?

  • Easy installation
  • Fast vulnerability scanning
  • Widely used in CI/CD pipelines
  • Supports Docker, Kubernetes, and filesystems

Remove Snap-installed Trivy (Recommended)

If Trivy was installed using Snap, remove it to avoid conflicts: 


sudo snap remove trivy
which trivy

Install Trivy on Ubuntu Using Official APT Repository


sudo apt-get install -y wget gnupg lsb-release

wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | \
sudo gpg --dearmor -o /usr/share/keyrings/trivy.gpg

echo "deb [signed-by=/usr/share/keyrings/trivy.gpg] \
https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main" | \
sudo tee /etc/apt/sources.list.d/trivy.list

sudo apt update
sudo apt install -y trivy

Verify Trivy Installation


trivy --version
/usr/bin/trivy --version

Scan Docker Image Using Trivy

Full Vulnerability Scan


/usr/bin/trivy image sparkaks2:latest

Only Vulnerability Scan


/usr/bin/trivy image --scanners vuln --timeout 15m sparkaks2:latest

Only OS Package Scan


/usr/bin/trivy image --vuln-type os sparkaks2:latest

Frequently Asked Questions (FAQ)

Is Trivy free to use?

Yes, Trivy is open-source and free for vulnerability scanning.

Does Trivy support Kubernetes?

Yes, Trivy can scan Kubernetes clusters and manifests.

Which Ubuntu versions are supported?

Ubuntu 18.04, 20.04, 22.04, and newer.

Related Guides:
More DevOps & Azure Tutorials

at
Labels: , ,
Subscribe to: Comments (Atom)

Ubuntu - Install trivy image scanner

How to Install Trivy Image Scanner on Ubuntu (Step-by-Step Guide) Trivy is a popular open-source vulnerability scanner used in DevSecOps ...

  • Install htop in Oracle Linux 7
    Install htop in Oracle Linux 7 htop is not default install and it's not part of default repo so when we try to install htop it throw...
  • How to Stop Firewall on Oracle Linux 7
    How to Stop Firewall on Oracle Linux 7 [root@ebs121db1 ~]# iptables -L Chain INPUT (policy ACCEPT) target prot opt source ...
  • Oracle DB Connection with Sybase
    Oracle DB Connect to Sybase database steps: 1. Install Oracle Gateway software in Oracle database 2. Configure Sybase server details $ORA...