Trivy-Operator Lens Extension

Related tags

Learning resource kubernetes lens kubernetes-dashboard lens-extension trivy-operator
Overview

Trivy-Operator Lens Extension

This is a Lens extension for trivy-operator which provides visibility into vulnerability,misconfiguration and secrets assessments reports for Kubernetes workloads stored as custom security resources.

GitHub Release GitHub Build Actions License GitHub All Releases

Installation

This guide shows how to install the extension either from pre-built binary releases or source.

Prerequisites

  • Lens >= 4.0 should first be installed.
  • Follow trivy-operator Getting Started guide to understand how trivy-operator is initialized and how it generates security reports, which are then stored as custom resources.

Compatibility Matrix

The following matrix indicates versions of this extension and compatible Lens releases.

Lens Extension
4.0 0.0.3

From the Binary Releases

Every release of Lens extension for trivy-operator provides the tarball-file that can be manually downloaded and installed. Alternatively, you can copy the download URL of the release artifact to paste it in the Manage Lens Extensions page.

  1. Download your desired version from GitHub releases page or GitHub package registry. Alternatively, just copy the download URL of the release artifact.
  2. Open Lens application and select Lens menu, and then click Extensions item, or press Shift + Command + E to open the Manage Lens Extensions page.
  3. Specify the path (.tar, .tgz) or download URL to the extension package and click Install.
  4. If everything is fine, you'll see the @aquasecurity/trivy-operator-lens-extension extension listed under Installed Extensions. Click Enable to enable it.
  5. Close the Manage Lens Extensions page and verify that the trivy-operator menu item shows up in the main menu.

From Source (Linux, macOS)

Building from source is slightly more involved, but it's the best way to go if you want to test the latest (pre-release) version of the extension.

You must have a working Node.js environment.

  1. Clone the source code: 
    git clone https://github.com/aquasecurity/trivy-operator-lens-extension.git
cd trivy-operator-lens-extensions
  2. Build the extension's package: 
    npm install && npm run build
  3. Create a tarball from a package: 
    npm pack
    This will create the aquasecurity-trivy-operator-lens-extension-$VERSION.tgz tarball in the root directory.
  4. Open Lens application and select Lens menu, and then click Extensions item, or press Shift + Command + E to open the Manage Lens Extensions page.
  5. Specify the path the aquasecurity-trivy-operator-lens-extension-$VERSION.tgz extension package and click Install.
  6. If everything goes fine, you'll see the @aquasecurity/trivy-operator-lens-extension extension listed under Installed Extensions.

Getting Started

NOTE: As the source code of the extension is evolving very fast, some screenshots shown below may be outdated. We'll also update this section with more examples.

  • VulnerabilityReports

  • ConfigAuditReports and ClusterConfigAuditReports

You might also like...

Eth-explorers-extension - Chrome extension to open Ethereum addresses & transaction hash from any page on popular explorers + dashboards

Eth-explorers-extension - Chrome extension to open Ethereum addresses & transaction hash from any page on popular explorers + dashboards

eth-explorers-extension(s) This repository contains two folders with two extensions that work for address and transactions respectively. 1. eth-addres

Jan 6, 2023

Reddit Wherever Chrome Extension

Reddit Wherever Chrome Extension

Reddit Wherever Reddit Wherever adds Reddit comments to Youtube Videos and also allows you to view Reddit comments of any webpage. By default YouTube

Jan 3, 2022

Chrome extension to save and keep track of problems from different platforms(codeforces, codechef, atcoder, leetcode etc.)

Chrome extension to save and keep track of problems from different platforms(codeforces, codechef, atcoder, leetcode etc.)

Keep Problems A Browser extension which helps to save and keep track of problems from different platforms(codeforces, codechef, atcoder, leetcode etc.

Aug 13, 2022

A VS Code extension to practice and improve your typing speed right inside your code editor. Practice with simple words or code snippets.

A VS Code extension to practice and improve your typing speed right inside your code editor. Practice with simple words or code snippets.

Warm Up 🔥 👨‍💻 A VS Code extension to practice and improve your typing speed right inside your code editor. Practice with simple words or code snipp

Dec 12, 2022

Chrome extension to simulate cryptoblades fights, giving you the win rate % against all enemies with just one click

Chrome extension to simulate cryptoblades fights, giving you the win rate % against all enemies with just one click

CryptoBlades fight simulator This is a Chrome extension that will help you to know the exact win rate percentage you have on each cryptoblades fight.

Aug 7, 2022

Nami Wallet is a browser based wallet extension to interact with the Cardano blockchain.

Nami Wallet Nami Wallet is a browser based wallet extension to interact with the Cardano blockchain. It's an open-source project and built by Berry Po

Dec 29, 2022

A Browser extension that not only makes your browsing experience safe but makes it optimized

A Browser extension that not only makes your browsing experience safe but makes it optimized

Sia Sia is a browser extension that not only makes your browsing experience safe but makes it optimized Table of Contents About The Project Built With

Feb 23, 2022

⚡Chrome extension allows you to create lists of Google and Github dork to open multiple tabs with one click, import "scope/out of scope" from #HackerOne #Bugcrowd #Intigriti ...

⚡Chrome extension allows you to create lists of Google and Github dork to open multiple tabs with one click, import

FastDork v0.1 This chrome extension allows you to create lists of Google and Github dork to open multiple tabs with one click, import "scope/out of sc

Dec 31, 2022

A lexical analyzer based on DFA that made by JS and supports multi-language extension

A lexical analyzer based on DFA that made by JS and supports multi-language extension

lexer 一个基于DFA法的支持多语言扩展的JS版开源词法分析器,快速了解与体验请查看线上网站 It is a lexical analyzer based on DFA that made by JS and supports multi-language extension. For quic

Dec 21, 2022
Comments
  • configaudit reports do not show summary data

    configaudit reports do not show summary data

    configaudit reports do not show summary data The wrong fields are mapped Summary data should be:

    "summary": {
      "criticalCount": 0,
      "highCount": 0,
      "lowCount": 0,
      "mediumCount": 0
    },
    bug 
    opened by chen-keinan 0
  • extension not showing anything

    extension not showing anything

    I've installed the extension and it seems to be enabled. Screenshot 2022-08-18 at 17 05 54

    However, I can't see the "trivy-operator" menu item. Screenshot 2022-08-18 at 17 07 28

    If I query kubernetes for vulnerabilityreports, I get results:

    ➜  ~/ws/trivy-operator git:(main) ✗     kubectl get vulnerabilityreports --all-namespaces -o wide
NAMESPACE          NAME                                                            REPOSITORY                              TAG       SCANNER   AGE    CRITICAL   HIGH   MEDIUM   LOW   UNKNOWN
networking         replicaset-5b5d79cdb                                            jetstack/cert-manager-webhook           v1.8.0    Trivy     22d    0          3      2        0     0
networking         replicaset-5f654bd746                                           ingress-nginx/controller                          Trivy     22d    3          14     13       0     0
networking         replicaset-5ffc85d65                                            jetstack/cert-manager-webhook           v1.5.3    Trivy     22d    0          0      0        0     0

    Versions used:

    Lens: 6.0.1-latest.20220810.2
Electron: 15.5.7
Chrome: 94.0.4606.81
Node: 16.5.0
MacOS: 12.4

    helm.sh/chart: trivy-operator-0.1.6
Kubernetes-Version: 1.22.11

    Any help appreciated.

    opened by dkarnutsch 8
Owner
Aqua Security
Next-generation cloud native security
Aqua Security
GitHub
Dark theme for VSCode with italics support (good for Dank Mono, Operator Mono)

Omni Owl for Visual Studio Code Dark theme for Visual Studio Code (with Italics) Install • Team • Imitate Preview • License Install All instructions c

Guilherme Rodz 59 Dec 23, 2022
Lenster is a decentralized, and permissionless social media app built with Lens Protocol 🌿

Lenster Decentralized, and permissionless social media app ?? lenster.xyz » Discord • Issues ?? About Lenster Lenster is a decentralized, and permissi

Lenster 11.8k Jan 7, 2023
A Kubernates Cloud-Shell (Web Terminal) Operator

A Kubernates Cloud-Shell (Web Terminal) Operator. English | Simplified_Chinese Why cloudtty ? Existing project ttyd already provides great feature to

cloudtty-io 307 Dec 27, 2022
The operator CLI for CDK apps.

cdk-app The operator CLI for CDK apps. Experimental. cdk-app lets you associate commands with CDK constructs so that you can quickly invoke functions,

CDK Labs at AWS 42 Dec 8, 2022
A Hacker News style forum, built on the Lens Protocol.

Refract A Hacker News style forum, built on the Lens Protocol This starter kit is composed of Next.js and Tailwind CSS, with RainbowKit, ethers, & wag

Miguel Piedrafita 65 Dec 2, 2022
This Lens Protocol module allows you to create a Transparent Promotion system in which the post creator can add a reward for who (ex: influencers) mirror it.

promote-module (in progress) This Lens Protocol module allows you to create a Transparent Promotion system in which the post creator can add a reward

Alessandro Manfredi 9 Oct 2, 2022
🦕 An opposite function of nullish coalescing operator

unnullish unnullish returns undefined if value is nullish, otherwise it executes callback and returns the result. It is an opposite function of the nu

Alisue 15 Dec 15, 2022
Decentralized video-sharing social media platform, built using Lens protocol. 🌿

Lenstube Decentralized video-sharing social media platform. lenstube.xyz About Lenstube is a decentralized video-sharing social media platform, built

Lenstube 2.4k Jan 1, 2023
ESLint plugin to disallow the optional-call operator

ESLint Plugin: no-optional-call Overview The no-optional-call ESLint plugin provides a single rule (non-configurable) that disallows any usage of the

Kyle Simpson 15 Sep 24, 2022
Decentralized Social Media. Built using Next.js. Web3 integration with Moralis, Metamask and Ethers.js. Also uses Lens Protofcol to get the profile data.

DecentraGram Decentralized Social Media. Built using Next.js. Web3 integration with Moralis, Metamask and Ethers.js. Also uses Lens Protofcol to get t

Didier Peran Ganthier 8 Dec 20, 2022