Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

docs: Add Dagger integration section and cleanup Ecosystem CICD docs page #5608

Merged
merged 3 commits into from
Nov 20, 2023
Merged

docs: Add Dagger integration section and cleanup Ecosystem CICD docs page #5608

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
1b9cb33
docs: Move Azure DevOps out of GH Actions section
jpadams Nov 12, 2023
164f6e6
docs: Add Dagger Trivy integration section
jpadams Nov 12, 2023
d8136dd
docs: Make Buildkite section H2 ## like rest
jpadams Nov 17, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 16 additions & 8 deletions docs/ecosystem/cicd.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,12 @@
# CI/CD Integrations

## Azure DevOps (Official)
[Azure Devops](https://azure.microsoft.com/en-us/products/devops/#overview) is Microsoft Azure cloud native CI/CD service.

Trivy has a "Azure Devops Pipelines Task" for Trivy, that lets you easily introduce security scanning into your workflow, with an integrated Azure Devops UI.

👉 Get it at: <https://github.com/aquasecurity/trivy-azure-pipelines-task>

## GitHub Actions
[GitHub Actions](https://github.com/features/actions) is GitHub's native CI/CD and job orchestration service.

Expand All @@ -9,13 +16,6 @@ GitHub Action for integrating Trivy into your GitHub pipeline

👉 Get it at: <https://github.com/aquasecurity/trivy-action>

## Azure DevOps (Official)
[Azure Devops](https://azure.microsoft.com/en-us/products/devops/#overview) is Microsoft Azure cloud native CI/CD service.

Trivy has a "Azure Devops Pipelines Task" for Trivy, that lets you easily introduce security scanning into your workflow, with an integrated Azure Devops UI.

👉 Get it at: <https://github.com/aquasecurity/trivy-azure-pipelines-task>

### trivy-action (Community)

GitHub Action to scan vulnerability using Trivy. If vulnerabilities are found by Trivy, it creates a GitHub Issue.
Expand All @@ -28,12 +28,20 @@ In this action, Trivy scans the dependency files such as package-lock.json and g

👉 Get it at: <https://github.com/marketplace/actions/trivy-github-issues>

### Buildkite Plugin (Community)
## Buildkite Plugin (Community)

The trivy buildkite plugin provides a convenient mechanism for running the open-source trivy static analysis tool on your project.

👉 Get it at: https://github.com/equinixmetal-buildkite/trivy-buildkite-plugin

## Dagger (Community)
[Dagger](https://dagger.io/) is CI/CD as code that runs anywhere.

The Dagger module for Trivy provides functions for scanning container images from registries as well as Dagger Container objects from any Dagger SDK (e.g. Go, Python, Node.js, etc).

👉 Get it at: <https://daggerverse.dev/mod/github.com/jpadams/daggerverse/trivy>


## Semaphore (Community)
[Semaphore](https://semaphoreci.com/) is a CI/CD service.

Expand Down
Loading