Hello,
I implemented small nexus-trivy integration for docker images vunlerability scans. The flow looks like this:
- nexus send json payload every time new image is pushed to docker repository (via Capability repository webhook) to given endpoint
- endpoint (covered by
goexpose) get the payload from nexus and save it as a file to scan - crontab job run every minute to check if there is a new files to scan, if yes then ->
- run
trivytool and save the results of scan in 3 formats: raw table (txt), json, and html - reports are served by
apache httpd
In html file we save the URL to my nexus repository url, with some search params, so everytime user click on this URL, he is moved directly to this particular docker image in nexus repo manager.
Now I’m trying to implement similar thing, but the oposite direction, to open some html reports served by apache from nexus. Is there any known by you plugin, which extend regular nexus images view, where we can put some custom information/tag/label like for example URL to our external vulnerabililty report page?
Nexus repository manager in verion 3.16.2-01.
Thank you for help.