Skip to content

Commit

Permalink
feat(cli): rename trivy auth to trivy registry (#7727)
Browse files Browse the repository at this point in the history
Signed-off-by: knqyf263 <knqyf263@gmail.com>
knqyf263 authored Oct 15, 2024

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.
1 parent 31aa20a commit 633a7ab
Showing 10 changed files with 31 additions and 31 deletions.
2 changes: 1 addition & 1 deletion contrib/Trivy.gitlab-ci.yml
Original file line number Diff line number Diff line change
@@ -14,7 +14,7 @@ Trivy_container_scanning:
- apk add --no-cache curl docker-cli
- curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin ${TRIVY_VERSION}
- curl -sSL -o /tmp/trivy-gitlab.tpl https://github.com/aquasecurity/trivy/raw/${TRIVY_VERSION}/contrib/gitlab.tpl
- trivy auth login --username "$CI_REGISTRY_USER" --password "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
- trivy registry login --username "$CI_REGISTRY_USER" --password "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
script:
- trivy --exit-code 0 --cache-dir .trivycache/ --no-progress --format template --template "@/tmp/trivy-gitlab.tpl" -o gl-container-scanning-report.json $IMAGE
cache:
6 changes: 3 additions & 3 deletions docs/docs/advanced/private-registries/index.md
Original file line number Diff line number Diff line change
@@ -2,11 +2,11 @@ Trivy can download images from a private registry without the need for installin
This makes it easy to run within a CI process.

## Login
You can log in to a private registry using the `trivy auth login` command.
You can log in to a private registry using the `trivy registry login` command.
It uses the Docker configuration file (`~/.docker/config.json`) to store the credentials under the hood, and the configuration file path can be configured by `DOCKER_CONFIG` environment variable.

```shell
$ cat ~/my_password.txt | trivy auth login --username foo --password-stdin ghcr.io
$ cat ~/my_password.txt | trivy registry login --username foo --password-stdin ghcr.io
$ trivy image ghcr.io/your/private_image
```

@@ -23,7 +23,7 @@ $ TRIVY_USERNAME=YOUR_USERNAME TRIVY_PASSWORD=YOUR_PASSWORD trivy image YOUR_PRI
To mitigate this risk:

1. Set credentials cautiously and only when necessary.
2. Prefer using `trivy auth config` to pre-configure credentials with specific registries, which ensures credentials are only sent to appropriate registries.
2. Prefer using `trivy registry login` to pre-configure credentials with specific registries, which ensures credentials are only sent to appropriate registries.

Trivy also supports providing credentials through CLI flags:

2 changes: 1 addition & 1 deletion docs/docs/references/configuration/cli/trivy.md
Original file line number Diff line number Diff line change
@@ -43,7 +43,6 @@ trivy [global flags] command [flags] target

### SEE ALSO

* [trivy auth](trivy_auth.md) - Authentication
* [trivy clean](trivy_clean.md) - Remove cached files
* [trivy config](trivy_config.md) - Scan config files for misconfigurations
* [trivy convert](trivy_convert.md) - Convert Trivy JSON report into a different format
@@ -52,6 +51,7 @@ trivy [global flags] command [flags] target
* [trivy kubernetes](trivy_kubernetes.md) - [EXPERIMENTAL] Scan kubernetes cluster
* [trivy module](trivy_module.md) - Manage modules
* [trivy plugin](trivy_plugin.md) - Manage plugins
* [trivy registry](trivy_registry.md) - Manage registry authentication
* [trivy repository](trivy_repository.md) - Scan a repository
* [trivy rootfs](trivy_rootfs.md) - Scan rootfs
* [trivy sbom](trivy_sbom.md) - Scan SBOM for vulnerabilities and licenses
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
## trivy auth
## trivy registry

Authentication
Manage registry authentication

### Options

```
-h, --help help for auth
-h, --help help for registry
```

### Options inherited from parent commands
@@ -24,6 +24,6 @@ Authentication
### SEE ALSO

* [trivy](trivy.md) - Unified security scanner
* [trivy auth login](trivy_auth_login.md) - Log in to a registry
* [trivy auth logout](trivy_auth_logout.md) - Log out of a registry
* [trivy registry login](trivy_registry_login.md) - Log in to a registry
* [trivy registry logout](trivy_registry_logout.md) - Log out of a registry

Original file line number Diff line number Diff line change
@@ -1,16 +1,16 @@
## trivy auth login
## trivy registry login

Log in to a registry

```
trivy auth login SERVER [flags]
trivy registry login SERVER [flags]
```

### Examples

```
# Log in to reg.example.com
cat ~/my_password.txt | trivy auth login --username foo --password-stdin reg.example.com
cat ~/my_password.txt | trivy registry login --username foo --password-stdin reg.example.com
```

### Options
@@ -37,5 +37,5 @@ trivy auth login SERVER [flags]

### SEE ALSO

* [trivy auth](trivy_auth.md) - Authentication
* [trivy registry](trivy_registry.md) - Manage registry authentication

Original file line number Diff line number Diff line change
@@ -1,16 +1,16 @@
## trivy auth logout
## trivy registry logout

Log out of a registry

```
trivy auth logout SERVER [flags]
trivy registry logout SERVER [flags]
```

### Examples

```
# Log out of reg.example.com
trivy auth logout reg.example.com
trivy registry logout reg.example.com
```

### Options
@@ -34,5 +34,5 @@ trivy auth logout SERVER [flags]

### SEE ALSO

* [trivy auth](trivy_auth.md) - Authentication
* [trivy registry](trivy_registry.md) - Manage registry authentication

2 changes: 1 addition & 1 deletion docs/docs/target/container_image.md
Original file line number Diff line number Diff line change
@@ -297,7 +297,7 @@ Trivy supports registries that comply with the following specifications.
- [Docker Registry HTTP API V2](https://docs.docker.com/registry/spec/api/)
- [OCI Distribution Specification](https://github.com/opencontainers/distribution-spec)

You can configure credentials with `trivy auth login`.
You can configure credentials with `trivy registry login`.
See [here](../advanced/private-registries/index.md) for the detail.

### Tar Files
4 changes: 2 additions & 2 deletions integration/registry_test.go
Original file line number Diff line number Diff line change
@@ -184,7 +184,7 @@ func TestRegistry(t *testing.T) {
golden: "testdata/alpine-310.json.golden",
},
{
name: "authenticate with 'trivy auth login'",
name: "authenticate with 'trivy registry login'",
imageName: "alpine:3.10",
imageFile: "testdata/fixtures/images/alpine-310.tar.gz",
os: "alpine 3.10.2",
@@ -295,7 +295,7 @@ func setupEnv(t *testing.T, imageRef name.Reference, baseDir string, opt registr
case opt.AuthLogin:
t.Setenv("DOCKER_CONFIG", t.TempDir())
err := execute([]string{
"auth",
"registry",
"login",
"--username",
opt.Username,
8 changes: 4 additions & 4 deletions mkdocs.yml
Original file line number Diff line number Diff line change
@@ -158,10 +158,6 @@ nav:
- Configuration:
- CLI:
- Overview: docs/references/configuration/cli/trivy.md
- Auth:
- Auth: docs/references/configuration/cli/trivy_auth.md
- Auth Login: docs/references/configuration/cli/trivy_auth_login.md
- Auth Logout: docs/references/configuration/cli/trivy_auth_logout.md
- Clean: docs/references/configuration/cli/trivy_clean.md
- Config: docs/references/configuration/cli/trivy_config.md
- Convert: docs/references/configuration/cli/trivy_convert.md
@@ -182,6 +178,10 @@ nav:
- Plugin Update: docs/references/configuration/cli/trivy_plugin_update.md
- Plugin Upgrade: docs/references/configuration/cli/trivy_plugin_upgrade.md
- Plugin Search: docs/references/configuration/cli/trivy_plugin_search.md
- Registry:
- Registry: docs/references/configuration/cli/trivy_registry.md
- Registry Login: docs/references/configuration/cli/trivy_registry_login.md
- Registry Logout: docs/references/configuration/cli/trivy_registry_logout.md
- Repository: docs/references/configuration/cli/trivy_repository.md
- Rootfs: docs/references/configuration/cli/trivy_rootfs.md
- SBOM: docs/references/configuration/cli/trivy_sbom.md
12 changes: 6 additions & 6 deletions pkg/commands/app.go
Original file line number Diff line number Diff line change
@@ -100,7 +100,7 @@ func NewApp() *cobra.Command {
NewVersionCommand(globalFlags),
NewVMCommand(globalFlags),
NewCleanCommand(globalFlags),
NewAuthCommand(globalFlags),
NewRegistryCommand(globalFlags),
NewVEXCommand(globalFlags),
)

@@ -1235,11 +1235,11 @@ func NewCleanCommand(globalFlags *flag.GlobalFlagGroup) *cobra.Command {
return cmd
}

func NewAuthCommand(globalFlags *flag.GlobalFlagGroup) *cobra.Command {
func NewRegistryCommand(globalFlags *flag.GlobalFlagGroup) *cobra.Command {
cmd := &cobra.Command{
Use: "auth [flags]",
Use: "registry [flags]",
GroupID: groupUtility,
Short: "Authentication",
Short: "Manage registry authentication",
SilenceErrors: true,
SilenceUsage: true,
}
@@ -1255,7 +1255,7 @@ func NewAuthCommand(globalFlags *flag.GlobalFlagGroup) *cobra.Command {
SilenceErrors: true,
SilenceUsage: true,
Example: ` # Log in to reg.example.com
cat ~/my_password.txt | trivy auth login --username foo --password-stdin reg.example.com`,
cat ~/my_password.txt | trivy registry login --username foo --password-stdin reg.example.com`,
Args: cobra.ExactArgs(1),
PreRunE: func(cmd *cobra.Command, args []string) error {
if err := loginFlags.Bind(cmd); err != nil {
@@ -1277,7 +1277,7 @@ func NewAuthCommand(globalFlags *flag.GlobalFlagGroup) *cobra.Command {
SilenceErrors: true,
SilenceUsage: true,
Example: ` # Log out of reg.example.com
trivy auth logout reg.example.com`,
trivy registry logout reg.example.com`,
Args: cobra.ExactArgs(1),
RunE: func(cmd *cobra.Command, args []string) error {
return auth.Logout(cmd.Context(), args[0])

0 comments on commit 633a7ab

Please sign in to comment.