Trivy - Installation (original) (raw)
Installing Trivy¶
In this section you will find an aggregation of the different ways to install Trivy. Installation options are labeled as either "Official" or "Community". Official installations are developed by the Trivy team and supported by it. Community installations could be developed by anyone from the Trivy community, and collected here for your convenience. For support or questions about community installations, please contact the original developers.
Note
If you are looking to integrate Trivy into another system, such as CI/CD, IDE, Kubernetes, etc, please see Ecosystem section to explore integrations of Trivy with other tools.
Container image (Official)¶
Use one of the official Trivy images:
Registry | Repository | Link |
---|---|---|
Docker Hub | docker.io/aquasec/trivy | https://hub.docker.com/r/aquasec/trivy |
GitHub Container Registry (GHCR) | ghcr.io/aquasecurity/trivy | https://github.com/orgs/aquasecurity/packages/container/package/trivy |
AWS Elastic Container Registry (ECR) | public.ecr.aws/aquasecurity/trivy | https://gallery.ecr.aws/aquasecurity/trivy |
Tip
It is advisable to mount a persistent cache dir on the host into the Trivy container.
Tip
For scanning container images with Trivy, mount the container engine socket from the host into the Trivy container.
Example:
docker run -v /var/run/docker.sock:/var/run/docker.sock -v $HOME/Library/Caches:/root/.cache/ aquasec/trivy:0.63.0-13-ge1beba2f2 image python:3.4-alpine
GitHub Release (Official)¶
- Download the file for your operating system/architecture from GitHub Release assets.
- Unpack the downloaded archive (
tar -xzf ./trivy.tar.gz
). - Make sure the binary has execution bit turned on (
chmod +x ./trivy
).
Install Script (Official)¶
For convenience, you can use the install script to download and install Trivy from GitHub Release.
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sudo sh -s -- -b /usr/local/bin v0.63.0-13-ge1beba2f2
RHEL/CentOS (Official)¶
RepositoryRPM
Add repository setting to /etc/yum.repos.d
.
cat << EOF | sudo tee -a /etc/yum.repos.d/trivy.repo [trivy] name=Trivy repository baseurl=https://aquasecurity.github.io/trivy-repo/rpm/releases/\$basearch/ gpgcheck=1 enabled=1 gpgkey=https://aquasecurity.github.io/trivy-repo/rpm/public.key EOF sudo yum -y update sudo yum -y install trivy
rpm -ivh https://github.com/aquasecurity/trivy/releases/download/v0.63.0-13-ge1beba2f2/trivy_0.63.0-13-ge1beba2f2_Linux-64bit.rpm
Debian/Ubuntu (Official)¶
RepositoryDEB
Add repository setting to /etc/apt/sources.list.d
.
sudo apt-get install wget gnupg wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | gpg --dearmor | sudo tee /usr/share/keyrings/trivy.gpg > /dev/null echo "deb [signed-by=/usr/share/keyrings/trivy.gpg] https://aquasecurity.github.io/trivy-repo/deb generic main" | sudo tee -a /etc/apt/sources.list.d/trivy.list sudo apt-get update sudo apt-get install trivy
wget https://github.com/aquasecurity/trivy/releases/download/v0.63.0-13-ge1beba2f2/trivy_0.63.0-13-ge1beba2f2_Linux-64bit.deb sudo dpkg -i trivy_0.63.0-13-ge1beba2f2_Linux-64bit.deb
Homebrew (Official)¶
Homebrew for macOS and Linux.
Windows (Official)¶
- Download trivy_x.xx.x_windows-64bit.zip file from releases page.
- Unzip file and copy to any folder.
Arch Linux Package Repository.
References: - https://archlinux.org/packages/extra/x86_64/trivy/- https://gitlab.archlinux.org/archlinux/packaging/packages/trivy/-/blob/main/PKGBUILD
OpenSUSE Package Repository.
sudo zypper install trivy
References: - https://software.opensuse.org/package/trivy
MacPorts for macOS.
References: - https://ports.macports.org/port/trivy/details/
Nix package manager for Linux and macOS.
Command lineConfigurationHome Manager
nix-env --install -A nixpkgs.trivy
`# your other config ... environment.systemPackages = with pkgs; [
your other packages ...
trivy ]; `
`# your other config ... home.packages = with pkgs; [
your other packages ...
trivy ]; `
References:
FreeBSD (Official)¶
Pkg package manager for FreeBSD.
asdf and mise are quite similar tools you can use to install trivy. See their respective documentation for more information of how to install them and use them:
The plugin used by both tools is developed here
asdfmise
A basic global installation is shown below, for specific version or/and local version to a directory see "asdf" documentation.
`# Install plugin asdf plugin add trivy https://github.com/zufardhiyaulhaq/asdf-trivy.git
Install latest version
asdf install trivy latest
Set a version globally (on your ~/.tool-versions file)
asdf global trivy latest
Now trivy commands are available
trivy --version `
A basic global installation is shown below, for specific version or/and local version to a directory see "mise" documentation.
`# Install plugin and install latest version mise install trivy@latest
Set a version globally (on your ~/.tool-versions file)
mise use -g trivy@latest
Now trivy commands are available
trivy --version `