Source: factory.deploy/ObjAudit.py
Security audit via Trivy.
Modes:
deps — CVEs in Python dependencies
config — Dockerfile/Helm misconfigurations
...
| Method | Signature | Description |
|---|---|---|
| audit_deps | audit_deps(build_guid: str = '', requirements: str = 'resource.config/requirements.txt') -> dict |
|
| audit_config | audit_config(build_guid: str = '', target: str = 'resource.docker/') -> dict |
|
| audit_secrets | audit_secrets(build_guid: str = '', target: str = '.') -> dict |
|
| audit_image | audit_image(image_tag: str, build_guid: str = '') -> dict |
|
| audit_all | audit_all(build_guid: str = '', image_tag: str = '') -> List[dict] |
Scan dependencies for CVEs.
Scan Dockerfiles and Helm charts for misconfigurations.
Scan source for leaked credentials.
Scan a Docker image for CVEs.
Run all audit modes.