-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathplugin.yaml
More file actions
46 lines (42 loc) · 2.39 KB
/
plugin.yaml
File metadata and controls
46 lines (42 loc) · 2.39 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
name: "gitlab-codequality"
repository: github.com/your-username/gitlab-trivy-checks
version: "1.18.0"
summary: "Trivy plugin to generate GitLab Code Quality reports"
description: |
This plugin converts Trivy scan results into GitLab Code Quality format for integration
with GitLab CI/CD pipelines and merge request reports.
Usage:
trivy image --format json --output report.json --output plugin=gitlab-codequality <image>
trivy fs --format json --output report.json --output plugin=gitlab-codequality <path>
Usage with plugin options (all options must be passed within --output-plugin-arg):
trivy image --format json --output report.json \
--output plugin=gitlab-codequality \
--output-plugin-arg "--severity UNKNOWN,CRITICAL,HIGH --severity-misconfig UNKNOWN,CRITICAL --output codequality.json" \
<image>
Available plugin options (to be used within --output-plugin-arg):
--severity <SEVERITIES> Global severity filter (comma-separated)
--severity-license <SEVERITIES> License-specific severity filter
--severity-vuln <SEVERITIES> Vulnerability-specific severity filter
--severity-misconfig <SEVERITIES> Misconfiguration-specific severity filter
--severity-secret <SEVERITIES> Secret-specific severity filter
--pkg-types <TYPES> Global package types filter (comma-separated)
--pkg-types-license <TYPES> License-specific package types filter
--pkg-types-vuln <TYPES> Vulnerability-specific package types filter
--pkg-types-misconfig <TYPES> Misconfiguration-specific package types filter
--pkg-types-secret <TYPES> Secret-specific package types filter
--debug Enable debug output
--output <FILE> Output file path
--input <FILE> Input file path
platforms:
- selector:
os: linux
uri: https://github.com/ambient-innovation/trivy-plugin-gitlab-codequality/releases/download/v1.18.0/plugin.tar.gz
bin: trivy-gitlab-codequality-linux
- selector:
os: darwin
uri: https://github.com/ambient-innovation/trivy-plugin-gitlab-codequality/releases/download/v1.18.0/plugin.tar.gz
bin: trivy-gitlab-codequality-darwin
- selector:
os: windows
uri: https://github.com/ambient-innovation/trivy-plugin-gitlab-codequality/releases/download/v1.18.0/plugin.tar.gz
bin: trivy-gitlab-codequality-windows.exe