cve-count
Max allowed violations for a given severity level.
| Provider | Level | Tags |
|---|---|---|
| trivy | Warning | security |
Parameters
| Name | Default Value | Description |
|---|---|---|
level | critical | n/a |
max_count | 0 | n/a |
Messages
| Type | Message |
|---|---|
| Pass | Number of ${rule.params.level} vulnerabilities is within limits. |
| Fail | Image has ${results.trivy.${rule.params.level}_count} ${rule.params.level} CVEs (max allowed: ${rule.params.max_count}). |
Playbook Example
rules:
- provider: trivy
rule: cve-count
options:
level: critical
max_count: 0
Condition
{
"<=": [
{
"get": [
{
"var": "results.trivy"
},
{
"cat": [
{
"var": "rule.params.level"
},
"_count"
]
}
]
},
{
"var": "rule.params.max_count"
}
]
}