T

trivy

Trivy is the most popular open source security scanner

GitLab CI component for Trivy scanning

Cloud-native DevOps portfolio project with Docker, Kubernetes, GitLab CI/CD, Terraform, AWS and Trivy.

The purpose of this project is to improve pipeline performance when scanning for vulnerabilities in containers by providing a prebuilt Docker container where the vulnerability database is already downloaded

Gitlab CI/CD template that facilitates scan targets against security issues

Automate your GitLab CI/CD release process with gitlab-semantic-release, leveraging semantic versioning to manage version bumps, changelog updates, and GitLab releases. Built with Node.js and Docker, it includes security scanning for robust and secure deployments.

This repository provides a comprehensive, production-grade blueprint for a modern DevSecOps pipeline. It showcases the integration of GitLab CI/CD, Terraform, HashiCorp Vault, and various security tools to build, test, and deploy a containerized Python application to AWS securely and efficiently.

An end to end DevSecOps pipeline with features including SAST Scanning of the Source code, SBOM management, and Container image scan, before pushing to EKS.

Automate docker images analysis by Trivy and manage related Gitlab issues

Implemented Jenkins for automated code checkout, Maven builds, and test execution. Integrated SonarQube for code quality analysis and configured Docker for consistent container deployments, with Trivy used for vulnerability scanning.

DevSecOps Pipeline

Examples of gitlab-ci jobs, pytest slack integration, pylint-check jobs, gitlab-artifacts, parametrization-tests, multithread using inside test, sitemap checking links status. Mirrored to github https://github.com/aleksandr-kotlyar/python_and_gitlab

Use for a demonstration of GitLab CI/CD/Security Dashboard integration with Trivy: https://gitlab.com/aquasecurity/trivy-ci-test

Test aquasecurity/trivy on GitLab CI (https://github.com/aquasecurity/trivy)