Let's Learn Together
posts about categories
Let's Learn Together

Contents

Amazon Linux 2 Container Scan with Trivy [2022-19-12]

 included in container
   310 words   2 minutes 
Contents

Amazon Linux 2 Container Security Scan with Trivy [ December 12 2022]

Step 1/2 : FROM public.ecr.aws/amazonlinux/amazonlinux:latest
latest: Pulling from amazonlinux/amazonlinux
a803d5fd9f1b: Pulling fs layer
a803d5fd9f1b: Verifying Checksum
a803d5fd9f1b: Download complete
a803d5fd9f1b: Pull complete
Digest: sha256:6fef13bccd69e4e70a257ba03c6476e8c8007510478d574f69ce9f80751ee9be
Status: Downloaded newer image for public.ecr.aws/amazonlinux/amazonlinux:latest
 ---> 50f423d86258
Step 2/2 : RUN yum -y update
 ---> Running in 84f05abe2de3
Loaded plugins: ovl, priorities
No packages marked for update
Info

amazon:scan (amazon 2 (Karoo))

Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0)

[Aquasec Trivy] Searching for all files in '/var/lib/jenkins/workspace/trivy-amazon-linux' that match the pattern 'results.json'
[Aquasec Trivy] Traversing of symbolic links: enabled
[Aquasec Trivy] -> found 1 file
[Aquasec Trivy] Successfully parsed file /var/lib/jenkins/workspace/trivy-amazon-linux/results.json
[Aquasec Trivy] -> found 0 issues (skipped 0 duplicates)
[Aquasec Trivy] Successfully processed file 'results.json'
[Aquasec Trivy] Skipping post processing
[Aquasec Trivy] No filter has been set, publishing all 0 issues
[Aquasec Trivy] Repository miner is not configured, skipping repository mining
[Aquasec Trivy] Reference build recorder is not configured
[Aquasec Trivy] Obtaining reference build from same job (trivy-amazon-linux)
[Aquasec Trivy] Using reference build 'trivy-amazon-linux #3' to compute new, fixed, and outstanding issues
[Aquasec Trivy] Issues delta (vs. reference build): outstanding: 0, new: 0, fixed: 0
[Aquasec Trivy] No quality gates have been set - skipping
[Aquasec Trivy] Health report is disabled - skipping
[Aquasec Trivy] Created analysis result for 0 issues (found 0 new issues, fixed 0 issues)
[Aquasec Trivy] Attaching ResultAction with ID 'trivy' to build 'trivy-amazon-linux #4'.
[Checks API] No suitable checks publisher found.
[Pipeline] sh
+ trivy image amazon:scan
2022-12-18T11:02:13.745-0500	INFO	Vulnerability scanning is enabled
2022-12-18T11:02:13.745-0500	INFO	Secret scanning is enabled
2022-12-18T11:02:13.745-0500	INFO	If your scanning is slow, please try '--security-checks vuln' to disable secret scanning
2022-12-18T11:02:13.745-0500	INFO	Please see also https://aquasecurity.github.io/trivy/v0.34/docs/secret/scanning/#recommendation for faster secret detection
2022-12-18T11:02:13.788-0500	INFO	Detected OS: amazon
2022-12-18T11:02:13.789-0500	INFO	Detecting Amazon Linux vulnerabilities...
2022-12-18T11:02:13.793-0500	INFO	Number of language-specific files: 0
Updated on 2022-12-19
 amazon linux 2containertrivyCVE
Back | Home