add Trivy and "docker scan" (aka 

Struggling to get Clair to work effectively.
Other docker image vulnerability assessment tools exist.

* [Trivy](https://github.com/aquasecurity/trivy)
* [Snyk](https://snyk.io/product/container-vulnerability-management/) (via [```docker scan```](https://docs.docker.com/engine/scan/))

Given the above let's morph ```clair-cicd``` to have non-clair options.

Some potentially useful references
* [docker: Best practices for scanning images](https://docs.docker.com/develop/scan-images/)
* [26 May '21 - How to Use Docker Scan to Find Vulnerabilities in Your Images](https://www.cloudsavvyit.com/11176/how-to-use-docker-scan-to-find-vulnerabilities-in-your-images/)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

add Trivy and "docker scan" (aka #13

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

add Trivy and "docker scan" (aka #13

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions