Kubernetes Yaml deployment files are available on GitHub in https://github.com/aquasecurity/trivy-operator under
Example - Deploy from GitHub
This will install the operator in the
trivy-system namespace and configure it to scan all namespaces, except
kubectl apply -f https://raw.githubusercontent.com/aquasecurity/trivy-operator/v0.2.0/deploy/static/trivy-operator.yaml
To confirm that the operator is running, check that the
trivy-operator Deployment in the
namespace is available and all its containers are ready:
$ kubectl get deployment -n trivy-system NAME READY UP-TO-DATE AVAILABLE AGE trivy-operator 1/1 1 1 11m
If for some reason it's not ready yet, check the logs of the
trivy-operator Deployment for errors:
kubectl logs deployment/trivy-operator -n trivy-system
You can configure Trivy-Operator to control it's behavior and adapt it to your needs. Aspects of the operator machinery are configured using environment variables on the operator Pod, while aspects of the scanning behavior are controlled by ConfigMaps and Secrets. To learn more, please refer to the Configuration documentation.
Uninstalling the operator and deleting custom resource definitions will also delete all generated security reports.
You can uninstall the operator with the following command:
kubectl delete -f https://raw.githubusercontent.com/aquasecurity/trivy-operator/v0.2.0/deploy/static/trivy-operator.yaml