k8sgpt integration with aquasec Trivy
In the previous article, I covered the basic functionality of k8sgpt and in this post I will take you through a recent enhancement on the CLI, which is the integration with Trivy CLI scanner. Let’s check it out.
Disclaimer : Below steps are written based on an assumption that you have workloads running on Kubernetes cluster and k8sgpt CLI installed on the machine and also have access to the running cluster with at least read/query permission.
Steps
- After installing the k8sgpt CLI, we need to do an activation of additional filters
k8sgpt filter list
To activate trivy scanner filter, execute the below command
k8sgpt filter add VulnerabilityReport
2. Let's do a check within the cluster.
k8sgpt analyze --filter=VulnerabilityReport
We can see the results in the console after execution, providing the CVE ID and a reference for additional info and mitigations plan in the Aquasec site.
Convenient right? We hope that additional integration with other tools will be available in the subsequent k8gpt version. That's all for now, and thanks for reading.
In case of any queries, please feel free to connect with me via the below social links