trivy config
Scan config files
Subcommands
| Name | Description |
|---|---|
--template, -t | Output template [$TRIVY_TEMPLATE] |
--format, -f | Format (table, json, sarif, template) (default: "table") [$TRIVY_FORMAT] |
--severity, -s | Severities of vulnerabilities to be displayed (comma separated) (default: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL") [$TRIVY_SEVERITY] |
--output, -o | Output file name [$TRIVY_OUTPUT] |
--exit-code | Exit code when vulnerabilities were found (default: 0) [$TRIVY_EXIT_CODE] |
--skip-policy-update | Skip updating built-in policies [$TRIVY_SKIP_POLICY_UPDATE] |
--reset | Remove all caches and database [$TRIVY_RESET] |
--clear-cache, -c | Clear image caches without scanning [$TRIVY_CLEAR_CACHE] |
--ignorefile | Specify .trivyignore file (default: ".trivyignore") [$TRIVY_IGNOREFILE]] |
--timeout | Timeout (default: 5m0s) [$TRIVY_TIMEOUT] |
--skip-files | Specify the file paths to skip traversal [$TRIVY_SKIP_FILES] |
--skip-dirs | Allow insecure server connections when using SSL [$TRIVY_INSECURE] |
--config-policy | Specify paths to the Rego policy files directory, applying config files [$TRIVY_CONFIG_POLICY] |
--config-data | Specify paths from which data for the Rego policies will be recursively loaded [$TRIVY_CONFIG_DATA] |
--policy-namespaces, --namespaces | Rego namespaces (default: "users") [$TRIVY_POLICY_NAMESPACES] |
--file-patterns | Specify file patterns [$TRIVY_FILE_PATTERNS |
--include-non-failures | Enable more verbose trace output for custom queries [$TRIVY_TRACE] |
--trace | Enable more verbose trace output for custom queries [$TRIVY_TRACE] |