diff --git a/docs/docs/references/configuration/cli/trivy_kubernetes.md b/docs/docs/references/configuration/cli/trivy_kubernetes.md index 47c61a5b2288..8accf7d19909 100644 --- a/docs/docs/references/configuration/cli/trivy_kubernetes.md +++ b/docs/docs/references/configuration/cli/trivy_kubernetes.md @@ -79,7 +79,7 @@ trivy kubernetes [flags] { cluster | all | specific resources like kubectl. eg: --reset remove all caches and database --reset-policy-bundle remove policy bundle --sbom-sources strings [EXPERIMENTAL] try to retrieve SBOM from the specified sources (oci,rekor) - --scanners string comma-separated list of what security issues to detect (vuln,config,secret,license) (default "vuln,config,secret,rbac") + --scanners strings comma-separated list of what security issues to detect (vuln,config,secret,rbac) (default [vuln,config,secret,rbac]) --secret-config string specify a path to config file for secret scanning (default "trivy-secret.yaml") -s, --severity strings severities of security issues to be displayed (UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL) (default [UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL]) --skip-db-update skip updating vulnerability database diff --git a/pkg/commands/app.go b/pkg/commands/app.go index 36dc8be3d38a..c01d76b80896 100644 --- a/pkg/commands/app.go +++ b/pkg/commands/app.go @@ -862,13 +862,14 @@ func NewModuleCommand(globalFlags *flag.GlobalFlagGroup) *cobra.Command { func NewKubernetesCommand(globalFlags *flag.GlobalFlagGroup) *cobra.Command { scanFlags := flag.NewScanFlagGroup() scanners := flag.ScannersFlag - scanners.Default = fmt.Sprintf( // overwrite the default value - "%s,%s,%s,%s", + // overwrite the default scanners + scanners.Values = xstrings.ToStringSlice(types.Scanners{ types.VulnerabilityScanner, types.MisconfigScanner, types.SecretScanner, types.RBACScanner, - ) + }) + scanners.Default = scanners.Values scanFlags.Scanners = &scanners scanFlags.IncludeDevDeps = nil // disable '--include-dev-deps'