How can I scan a running pod or /proc directory with Trivy?

[pohanhuangtw]

Question

Goal

I’d like to scan my running pod in Kubernetes for vulnerabilities, or scan the /proc directory specifically.

What You’ve Tried:

• trivy fs /proc
• trivy rootfs /proc

Both of them get nothing (I am scanning the nginx pod, I am not try to run trivy image, but just run the scan running pod)

Target

Container Image

Scanner

Vulnerability

Output Format

None

Mode

None

Operating System

No response

Version

No response

[itaysk]

Trivy can scan the Pod's image (even automatically with trivy k8s command) but if I understand correctly that's not what you're looking for ("I am not try to run trivy image, but just run the scan running pod").
If you want to scan the live filesystem of the pod, you would need to find a way to run trivy in that pod (or mount it's filesystem).
If you want to scan the entire host you can run trivy on the filesystem root.
You can't scan /proc since Trivy doesn't follow symlinks at the moment.