Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

tag trivy-db image with timestamp #3123

Open
itaysk opened this issue Nov 2, 2022 · 1 comment · May be fixed by aquasecurity/trivy-db#251
Open

tag trivy-db image with timestamp #3123

itaysk opened this issue Nov 2, 2022 · 1 comment · May be fixed by aquasecurity/trivy-db#251
Labels
kind/feature Categorizes issue or PR as related to a new feature. priority/backlog Higher priority than priority/awaiting-more-evidence.

Comments

@itaysk
Copy link
Contributor

itaysk commented Nov 2, 2022

from aquasecurity/trivy-db#251:

There does not currently appear to be any way to run Trivy using an older version of the DB.
Example use case: check how many vulnerabilities would have been detected by Trivy in a given image 30 days ago.
There is additional work to do in the CLI to change the tag to something other that "2" (for example --db-tag=2022091512). However, until these tags start to be published, there is no reliable way to obtain this data other than by scrubbing through the GitHub Actions logs, locating the digest published by oras, and following the air-gap instructions.
@itaysk itaysk added the kind/feature Categorizes issue or PR as related to a new feature. label Nov 2, 2022
@itaysk itaysk linked a pull request Nov 2, 2022 that will close this issue
Publish tag containing the build date to locate old DB aquasecurity/trivy-db#251
Open
@github-actions
Copy link

github-actions bot commented Jan 2, 2023

This issue is stale because it has been labeled with inactivity.

@github-actions github-actions bot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and will be auto-closed. label Jan 2, 2023
@knqyf263 knqyf263 added priority/backlog Higher priority than priority/awaiting-more-evidence. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and will be auto-closed. labels Jan 2, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/feature Categorizes issue or PR as related to a new feature. priority/backlog Higher priority than priority/awaiting-more-evidence.
Projects
Trivy Roadmap
Status: No status
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Publish tag containing the build date to locate old DB jdolitsky/trivy-db
2 participants
@itaysk @knqyf263