https://socake.github.io/tags/trivy/Recent content in Trivy on 黄文卓 | DevOps EngineerHugo -- gohugo.iozh-CN17691281867@163.com (Wenzhuo Huang)17691281867@163.com (Wenzhuo Huang)© 2026 Wenzhuo HuangSat, 06 Sep 2025 13:50:00 +0800https://socake.github.io/posts/trivy-cosign-supply-chain/Sat, 06 Sep 2025 13:50:00 +080017691281867@163.com (Wenzhuo Huang)https://socake.github.io/posts/trivy-cosign-supply-chain/你的镜像安全吗？本文梳理容器供应链的主要攻击面，手把手演示 Trivy 扫描、Cosign 签名、K8s 准入控制三层防护的搭建过程，并给出 GitLab CI 集成示例。