> For the complete CircleCI developer hub index, see [llms.txt](https://circleci.com/developer/llms.txt)

# iamanonymous419/trivy

A reusable CircleCI orb that simplifies security scanning of Docker images using Trivy.


## Commands

### install

Install the latest version of Trivy CLI (non-sudo)

### scan

Scan a Docker image using Trivy and save the report as an artifact

| Parameter | Type | Default | Description |
|---|---|---|---|
| `format` | string | table | Report format: table, json, sarif, etc. |
| `image` | string |  | Docker image to scan (e.g., nginx:latest) |
| `output` | string | trivy-report.txt | Path to store the Trivy scan result |
| `severity` | string | HIGH,CRITICAL | Comma-separated list of severities to report |

## Examples

### example

Example workflow using the Trivy orb's commands to install Trivy and scan a Docker image for vulnerabilities.


```yaml
version: '2.1'
orbs:
  trivy: iamanonymous419/trivy@1.0.0
jobs:
  trivy-full-scan:
    machine: true
    steps:
      - checkout
      - trivy/install
      - trivy/scan:
          format: table
          image: yourdockerhubuser/chat-client:build-123
          output: client-report.txt
          severity: HIGH,CRITICAL
      - store_artifacts:
          destination: trivy-client-report
          path: trivy-reports/client-report.txt
workflows:
  use-trivy-orb:
    jobs:
      - trivy-full-scan
```