Trivy - Installation (original) (raw)

Installing Trivy

In this section you will find an aggregation of the different ways to install Trivy. Installation options are labeled as either "Official" or "Community". Official installations are developed by the Trivy team and supported by it. Community installations could be developed by anyone from the Trivy community, and collected here for your convenience. For support or questions about community installations, please contact the original developers.

Note

If you are looking to integrate Trivy into another system, such as CI/CD, IDE, Kubernetes, etc, please see Ecosystem section to explore integrations of Trivy with other tools.

Container image (Official)

Use one of the official Trivy images:

Registry Repository Link
Docker Hub docker.io/aquasec/trivy https://hub.docker.com/r/aquasec/trivy
GitHub Container Registry (GHCR) ghcr.io/aquasecurity/trivy https://github.com/orgs/aquasecurity/packages/container/package/trivy
AWS Elastic Container Registry (ECR) public.ecr.aws/aquasecurity/trivy https://gallery.ecr.aws/aquasecurity/trivy

Tip

It is advisable to mount a persistent cache dir on the host into the Trivy container.

Tip

For scanning container images with Trivy, mount the container engine socket from the host into the Trivy container.

Example:

docker run -v /var/run/docker.sock:/var/run/docker.sock -v $HOME/Library/Caches:/root/.cache/ aquasec/trivy:0.63.0-13-ge1beba2f2 image python:3.4-alpine

GitHub Release (Official)

  1. Download the file for your operating system/architecture from GitHub Release assets.
  2. Unpack the downloaded archive (tar -xzf ./trivy.tar.gz).
  3. Make sure the binary has execution bit turned on (chmod +x ./trivy).

Install Script (Official)

For convenience, you can use the install script to download and install Trivy from GitHub Release.

curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sudo sh -s -- -b /usr/local/bin v0.63.0-13-ge1beba2f2

RHEL/CentOS (Official)

RepositoryRPM

Add repository setting to /etc/yum.repos.d.

cat << EOF | sudo tee -a /etc/yum.repos.d/trivy.repo [trivy] name=Trivy repository baseurl=https://aquasecurity.github.io/trivy-repo/rpm/releases/\$basearch/ gpgcheck=1 enabled=1 gpgkey=https://aquasecurity.github.io/trivy-repo/rpm/public.key EOF sudo yum -y update sudo yum -y install trivy

rpm -ivh https://github.com/aquasecurity/trivy/releases/download/v0.63.0-13-ge1beba2f2/trivy_0.63.0-13-ge1beba2f2_Linux-64bit.rpm

Debian/Ubuntu (Official)

RepositoryDEB

Add repository setting to /etc/apt/sources.list.d.

sudo apt-get install wget gnupg wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | gpg --dearmor | sudo tee /usr/share/keyrings/trivy.gpg > /dev/null echo "deb [signed-by=/usr/share/keyrings/trivy.gpg] https://aquasecurity.github.io/trivy-repo/deb generic main" | sudo tee -a /etc/apt/sources.list.d/trivy.list sudo apt-get update sudo apt-get install trivy

wget https://github.com/aquasecurity/trivy/releases/download/v0.63.0-13-ge1beba2f2/trivy_0.63.0-13-ge1beba2f2_Linux-64bit.deb sudo dpkg -i trivy_0.63.0-13-ge1beba2f2_Linux-64bit.deb

Homebrew (Official)

Homebrew for macOS and Linux.

Windows (Official)

  1. Download trivy_x.xx.x_windows-64bit.zip file from releases page.
  2. Unzip file and copy to any folder.

Arch Linux Package Repository.

References: - https://archlinux.org/packages/extra/x86_64/trivy/- https://gitlab.archlinux.org/archlinux/packaging/packages/trivy/-/blob/main/PKGBUILD

OpenSUSE Package Repository.

sudo zypper install trivy

References: - https://software.opensuse.org/package/trivy

MacPorts for macOS.

References: - https://ports.macports.org/port/trivy/details/

Nix package manager for Linux and macOS.

Command lineConfigurationHome Manager

nix-env --install -A nixpkgs.trivy

`# your other config ... environment.systemPackages = with pkgs; [

your other packages ...

trivy ]; `

`# your other config ... home.packages = with pkgs; [

your other packages ...

trivy ]; `

References:

FreeBSD (Official)

Pkg package manager for FreeBSD.

asdf and mise are quite similar tools you can use to install trivy. See their respective documentation for more information of how to install them and use them:

The plugin used by both tools is developed here

asdfmise

A basic global installation is shown below, for specific version or/and local version to a directory see "asdf" documentation.

`# Install plugin asdf plugin add trivy https://github.com/zufardhiyaulhaq/asdf-trivy.git

Install latest version

asdf install trivy latest

Set a version globally (on your ~/.tool-versions file)

asdf global trivy latest

Now trivy commands are available

trivy --version `

A basic global installation is shown below, for specific version or/and local version to a directory see "mise" documentation.

`# Install plugin and install latest version mise install trivy@latest

Set a version globally (on your ~/.tool-versions file)

mise use -g trivy@latest

Now trivy commands are available

trivy --version `