My objective is to have Trivy available for my Jenkins pipeline. I have tried so much from installing Trivy on bare metal, to executing into the Jenkins container itself and installing the Trivy and finally installing Trivy as a separate container using docker compose(followed Trivy documentation) nothing works, my pipeline keeps reporting Trivy not found. Here's my Docker-Compose:
version: '3'
services:
# Jenkins Service
jenkins:
build:
context: .
dockerfile: Dockerfile
ports:
- "8080:8080"
environment:
- JENKINS_HOME=/var/jenkins_home
- JENKINS_ADMIN_ID=admin
- JENKINS_ADMIN_PASSWORD=password
- SERVER_IP=${server_ip}
- DOCKER_USERNAME=${docker_username}
- DOCKER_PASSWORD=${docker_password}
- GITHUB_USERNAME=${github_username}
- GITHUB_PASSWORD=${github_password}
- GITHUB_ACCESS_TOKEN=${github_access_token}
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- jenkins_home:/var/jenkins_home
- /usr/bin/docker:/usr/bin/docker
# Trivy Service
trivy:
image: aquasec/trivy:latest
volumes:
- trivy-cache:/root/.cache/
- /var/run/docker.sock:/var/run/docker.sock
# SonarQube Service
sonarqube:
image: sonarqube:latest
ports:
- "9000:9000"
- "9092:9092"
volumes:
- sonarqube_data:/opt/sonarqube/data
volumes:
# Jenkins Home Volume
jenkins_home:
# SonarQube Data Volume
sonarqube_data:
# Trivy Cache Volume
trivy-cache:
Any help is appreciated, what I'm I doing wrong?
EDIT: It finally worked using Trivy as a Docker Agent, but is this the best way to do it? Is there a downside to doing this?