Skip to content

Cache

Clear Caches

The --clear-cache option removes caches.

The scan is not performed.

$ trivy image --clear-cache
Result
2019-11-15T15:13:26.209+0200    INFO    Reopening vulnerability DB
2019-11-15T15:13:26.209+0200    INFO    Removing image caches...

Cache Directory

Specify where the cache is stored with --cache-dir.

$ trivy --cache-dir /tmp/trivy/ image python:3.4-alpine3.9

Cache Backend

EXPERIMENTAL

This feature might change without preserving backwards compatibility.

Trivy supports local filesystem and Redis as the cache backend. This option is useful especially for client/server mode.

Two options:

  • fs
    • the cache path can be specified by --cache-dir
  • redis://
    • redis://[HOST]:[PORT]
    • TTL can be configured via --cache-ttl
$ trivy server --cache-backend redis://localhost:6379

Trivy also support for connecting to Redis using TLS, you only need to specify --redis-ca , --redis-cert , and --redis-key option.

$ trivy server --cache-backend redis://localhost:6379 \
  --redis-ca /path/to/ca-cert.pem \
  --redis-cert /path/to/cert.pem \
  --redis-key /path/to/key.pem

TLS option for redis is hidden from Trivy command-line flag, but you still can use it.