Installing Trivy
In this section you will find an aggregation of the different ways to install Trivy. installations are listed as either "official" or "community". Official integrations are developed by the core Trivy team and supported by it. Community integrations are integrations developed by the community, and collected here for your convenience. For support or questions about community integrations, please contact the original developers.
Install using Package Manager
RHEL/CentOS (Official)
Add repository setting to /etc/yum.repos.d
.
RELEASE_VERSION=$(grep -Po '(?<=VERSION_ID=")[0-9]' /etc/os-release)
cat << EOF | sudo tee -a /etc/yum.repos.d/trivy.repo
[trivy]
name=Trivy repository
baseurl=https://aquasecurity.github.io/trivy-repo/rpm/releases/$RELEASE_VERSION/\$basearch/
gpgcheck=1
enabled=1
gpgkey=https://aquasecurity.github.io/trivy-repo/rpm/public.key
EOF
sudo yum -y update
sudo yum -y install trivy
rpm -ivh https://github.com/aquasecurity/trivy/releases/download/v0.42.1/trivy_0.42.1_Linux-64bit.rpm
Debian/Ubuntu (Official)
Add repository setting to /etc/apt/sources.list.d
.
sudo apt-get install wget apt-transport-https gnupg lsb-release
wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | gpg --dearmor | sudo tee /usr/share/keyrings/trivy.gpg > /dev/null
echo "deb [signed-by=/usr/share/keyrings/trivy.gpg] https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main" | sudo tee -a /etc/apt/sources.list.d/trivy.list
sudo apt-get update
sudo apt-get install trivy
wget https://github.com/aquasecurity/trivy/releases/download/v0.42.1/trivy_0.42.1_Linux-64bit.deb
sudo dpkg -i trivy_0.42.1_Linux-64bit.deb
Homebrew (Official)
Homebrew for MacOS and Linux.
brew install trivy
Arch Linux (Community)
Arch Community Package Manager.
pacman -S trivy
References: - https://archlinux.org/packages/community/x86_64/trivy/ - https://github.com/archlinux/svntogit-community/blob/packages/trivy/trunk/PKGBUILD
MacPorts (Community)
MacPorts for MacOS.
sudo port install trivy
References: - https://ports.macports.org/port/trivy/details/
Nix/NixOS (Community)
Nix package manager for Linux and MacOS.
nix-env --install -A nixpkgs.trivy
# your other config ...
environment.systemPackages = with pkgs; [
# your other packages ...
trivy
];
# your other config ...
home.packages = with pkgs; [
# your other packages ...
trivy
];
References: - https://github.com/NixOS/nixpkgs/blob/master/pkgs/tools/admin/trivy/default.nix
Install from GitHub Release (Official)
Download Binary
- Download the file for your operating system/architecture from GitHub Release assets (
curl -LO https://url.to/trivy.tar.gz
). - Unpack the downloaded archive (
tar -xzf ./trivy.tar.gz
). - Put the binary somewhere in your
$PATH
(e.gmv ./trivy /usr/local/bin/
). - Make sure the binary has execution bit turned on (
chmod +x ./trivy
).
Install Script
The process above can be automated by the following script:
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.42.1
Install from source
git clone --depth 1 --branch v0.42.1 https://github.com/aquasecurity/trivy
cd trivy
go install ./cmd/trivy
Use container image
- Pull Trivy image (
docker pull aquasec/trivy:0.42.1
) - It is advisable to mount a consistent cache dir on the host into the Trivy container.
- For scanning container images with Trivy, mount
docker.sock
from the host into the Trivy container.
Example:
docker run -v /var/run/docker.sock:/var/run/docker.sock -v $HOME/Library/Caches:/root/.cache/ aquasec/trivy:0.42.1 image python:3.4-alpine
Registry | Repository | Link | Supportability
Docker Hub | docker.io/aquasec/trivy
| https://hub.docker.com/r/aquasec/trivy | Official
GitHub Container Registry (GHCR) | ghcr.io/aquasecurity/trivy
| https://github.com/orgs/aquasecurity/packages/container/package/trivy | Official
AWS Elastic Container Registry (ECR) | public.ecr.aws/aquasecurity/trivy
| https://gallery.ecr.aws/aquasecurity/trivy | Official
Other Tools to use and deploy Trivy
For additional tools and ways to install and use Trivy in different environments such as in IDE, Kubernetes or CI/CD, see Ecosystem section.