After installing the Trivy Operator, an open-source security scanner, into my Kubernetes cluster, I noticed the reports could get pretty big and would need some tool to parse them.

My preference was to view the data in Argo CD, largely out of requiring visibility into the report data in Argo CD, which is an almost default Kubernetes interface for cluster admins and developers.

To vizualize and get better search for the vulnerability data generated by Trivy for Pods, I wrote an Argo CD UI extension, argocd-trivy-extension.

The UI extension comprises two React components, a searchable, sortable, grid and a dashboard made using Grid.js and recharts respectively. Vulnerability data is pulled into the components via the Argo CD API- This simplified the extension by avoiding using the Kubernetes API.

Detailed installation instructions are in the project README and involves loading the extension into the Argo CD server pods via an init container using the argocd-extension-installer.

A quick but dirty test can be achieved by copying the extension via kubectl cp into the Argo CD servers /tmp/extension/ path.

TIP: If you run into issues with installation check the init-container logs of the argocd-extension-installer e.g. if the extension does not render in the Argo CD UI. If it does render however, check the Dev Tools on your browser.

What’s next? Try the extension out and log an issue or contribute. This is in essence a quality of life extension for a security minded engineer to allow quick search, sorting and visualization of vulnerability data at the granular level of a Pod or ReplicaSet.