Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docs(misconf): Add reference info on internals of Trivy IaC scanning #8272

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

docs(misconf): Add reference info on internals of Trivy IaC scanning #8272

wants to merge 1 commit into from
+2,146 −0

Conversation

simar7
Copy link
Member

@simar7 simar7 commented Jan 22, 2025
edited
Loading

Description

Add reference info on internals of Trivy IaC scanning

Checklist

  • I've read the guidelines for contributing to this repository.
  • I've followed the conventions in the PR title.
  • I've added tests that prove my fix is effective or that my feature works.
  • I've updated the documentation with the relevant information (if needed).
  • I've added usage information (if the PR introduces new options)
  • I've included a "before" and "after" example to the description (if the PR is a user interface change).

@simar7 simar7 changed the title chore(docs): Add reference info on internal of Trivy IaC scanning chore(docs): Add reference info on internals of Trivy IaC scanning Jan 22, 2025
@simar7 simar7 requested a review from nikpivkin January 22, 2025 04:34
@simar7 simar7 changed the title chore(docs): Add reference info on internals of Trivy IaC scanning docs(misconf): Add reference info on internals of Trivy IaC scanning Jan 22, 2025
nikpivkin
nikpivkin reviewed Jan 23, 2025
View reviewed changes
docs/docs/references/misconfiguration.md

![misconfig-code-org](../../imgs/misconfig-code-org.jpg)

Trivy is able to obtain input from both IaC and Live Clouds when it comes to misconfiguration scanning.
Copy link
Contributor

@nikpivkin nikpivkin Jan 23, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is the term Live Clouds common?

nikpivkin
nikpivkin reviewed Jan 23, 2025
View reviewed changes
docs/docs/references/misconfiguration.md
![misconfig-code-org](../../imgs/misconfig-code-org.jpg)

Trivy is able to obtain input from both IaC and Live Clouds when it comes to misconfiguration scanning.
In the case of IaC scanning, language models such as Terraform and CloudFormation are used to build the common model.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

language models can be confused with LLM :)

@nikpivkin
Copy link
Contributor

Left a couple of comments. BTW, why did this document become necessary?

@itaysk
Copy link
Contributor

itaysk commented Jan 24, 2025

as discussed, since this isn't user-facing documentation, I suggested to put this (and other developer-facing documentation) either in raw readme files in relevant places in the source code, and link to them from ARCHITECUTRE.md in the root (like TOC), or to move this to the "contributing" section of the docs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nikpivkin nikpivkin nikpivkin left review comments

@knqyf263 knqyf263 Awaiting requested review from knqyf263 knqyf263 will be requested when the pull request is marked ready for review knqyf263 is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@simar7 @nikpivkin @itaysk