Trivy
AvailableTrivy is a comprehensive security scanner by Aqua Security. Integrate vulnerability findings from container images, filesystems, and IaC directly into tapioca tasks.
What you can do
Setup Instructions
Install Trivy
If you haven't already, install Trivy on your system or CI/CD pipeline:
brew install trivy # macOS
apt-get install trivy # Debian/UbuntuConfigure tapioca webhook
In tapioca, navigate to Settings → Integrations → Trivy and copy your webhook URL.
Set up Trivy output
Configure Trivy to send results to tapioca:
trivy image --format json --output trivy-results.json myimage:latest
curl -X POST -H "Content-Type: application/json" -d @trivy-results.json YOUR_WEBHOOK_URLConfigure task creation rules
Set up which severity levels should create tasks automatically. By default, HIGH and CRITICAL vulnerabilities create tasks.
Configuration Reference
| Option | Type | Required | Description |
|---|---|---|---|
| webhook_url | string | Yes | The webhook URL for receiving Trivy results |
| severity_threshold | enum | No | Minimum severity to create tasks Default: HIGH |
| auto_assign | boolean | No | Automatically assign to security team Default: false |
| project_id | string | No | Default project for vulnerability tasks |
| labels | string[] | No | Labels to apply to created tasks Default: ["security", "vulnerability"] |
Troubleshooting
Check that your severity threshold is set correctly. By default, only HIGH and CRITICAL create tasks. Also verify your webhook URL is correct and accessible.
Enable deduplication in the integration settings. tapioca will check CVE IDs before creating new tasks.
Regenerate your webhook URL in the integration settings. The old URL may have been invalidated.
Related Integrations
Need help with this integration?
Our team is here to help you get set up and running.