added Trivy scan to docker image

akannan1087 · Jan 9, 2025 · b49ca28 · b49ca28
1 parent 7456301
commit b49ca28
Showing 1 changed file with 21 additions and 0 deletions.
diff --git a/azure-pipelines.yml b/azure-pipelines.yml
@@ -36,3 +36,24 @@ stages:
         containerRegistry: $(dockerRegistryServiceConnection)
         tags: |
           $(tag)
+   #Publish Build Information
+    - task: Bash@3
+      displayName: "Log Image Details"
+      inputs:
+        targetType: inline
+        script: |
+          echo "Pushed Image: $(containerRegistry)/$(imageRepository):$(tag)"
+    # Install Trivy Scanner on Agent
+    - task: Bash@3
+      displayName: "Install Trivy"
+      inputs:
+        targetType: inline
+        script: |
+          curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh
+    # Run Trivy Scan
+    - task: Bash@3
+      displayName: "Run Trivy Scan"
+      inputs:
+        targetType: inline
+        script: |
+          ./bin/trivy image --severity HIGH,CRITICAL,MEDIUM --ignore-unfixed $(containerRegistry)/$(imageRepository):$(tag)