Скачать или смотреть Automated Docker Image Scanning with Trivy and GitHub Actions!

Tutorial on automating Trivy security scans of Docker Images using GitHub Actions. Learn about the process of setting up a CI/CD workflow in GitHub, configuring a YAML file, and using Trivy to scan for vulnerabilities in container images. Additionally, learn how to securely store and use personal access tokens, interpret workflow results, and commit scan outputs to a GitHub repository.

YAML Script can be found in the following GitHub Repo: https://github.com/ad17171717/YouTube...

GitHub Actions Tutorial:    • Automation with GitHub Actions!  

GitHub Actions Documentation: https://docs.github.com/en/actions
Trivy Documentation: https://trivy.dev/latest/
Docker Documentation: https://docs.docker.com/

CONNECT:
LinkedIn:   / adrian-dolinay-frm-96a289106  
GitHub: https://github.com/ad17171717
X:   / dolinayg  
Odysee: https://odysee.com/@adriandolinay:0
Medium:   / adriandolinay  

PODCAST:
Apple Podcasts: https://podcasts.apple.com/us/podcast...
Audible: https://www.audible.com/podcast/The-A...
iHeart Radio: https://iheart.com/podcast/202676097/
Spotify: https://open.spotify.com/show/60dPNJb...

|-Video Chapters-|
0:00 - Intro
0:14 - Overview of GitHub Actions
0:25 - Overview of Trivy
0:36 - Tutorial Overview
0:47 - Creating a GitHub Actions Workflow
1:14 - Setting Workflow Name and Triggers
1:57 - Defining Jobs in the Workflow
2:30 - Step 1: Checkout Action
2:56 - Step 2: Retrieve Current Date
3:14 - Step 3: Create Directory for Results
3:38 - Step 4: Install Trivy
3:57 - Step 5: Authenticate with GitHub Container Registry (GHCR)
4:20 - How to Generate a Personal Access Token (PAT)
6:38 - Step 6: Download Vulnerability Database
6:49 - Step 7: Run Trivy Vulnerability Scan
7:27 - Step 8: Verify Scan Results
7:36 - Step 9: Commit Results to Repository
8:03 - Pushing Changes to GitHub
8:40 - Viewing Workflow Execution
9:29 - Checking Scan Results
9:49 - Conclusion