This plugin executes the
trivy CLI - it lets you easily analyze your code so you could find misconfigurations and enforce built-in rules.
This plugin will install the
trivy binary and execute a
config command on the given directory.
For more information, check out the Trivy Plugin git repository.
To use the Trivy plugin, you need to pass the following inputs:
version(Required) - the specific version of Trivy you wish to use
directory(Required) - the path to the directory with the IaC code to analyze (the root folder is your project's root folder)
global-flags(Optional) - a string containing global flags as one string, read more here
flags(Optional) - a string containing additional flags as one string, read more here
In this example, we will run trivy analysis on your root folder before the
terraform plan step of the deployment. We will call that step "Execute Trivy":
version: 2 deploy: steps: terraformPlan: before: - name: Execute Trivy # The name that will be presented in the UI for this step use: https://github.com/env0/env0-trivy-plugin inputs: version: v0.36.1 directory: . global-flags: --format table flags: --exit-code 1
Updated 10 months ago