A production-ready Prometheus exporter that retrieves and exposes vulnerability information for container images deployed in Kubernetes clusters. VulnRelay supports multiple cloud providers and vulnerability sources with extensible architecture.
| Topic | Description | Quick Links |
|---|---|---|
| Getting Started | Installation, configuration, and first steps | Mock Mode • Local Mode • Kubernetes |
| Configuration | Complete configuration reference | Environment Variables • AWS Auth • Examples |
| API Reference | Endpoints, metrics, and API documentation | Health Check • Metrics • Vulnerabilities |
| Deployment | Kubernetes, Helm, and production deployment | Helm Chart • AWS IAM • Docker Compose |
| Development | Contributing, testing, and extending VulnRelay | Setup • Testing • Adding Providers |
- Multi-Cloud Support: Amazon EKS (GKE/AKS planned)
- Multi-Source: AWS ECR scanning (Trivy/Grype planned)
- Prometheus Integration: Comprehensive metrics and alerts
- Production Ready: Security hardened, health checks, caching
- Mock Mode: Local testing without external dependencies
- Extensible: Pluggable architecture for new providers
┌─────────────────┐ ┌──────────────────┐ ┌─────────────────┐
│ Kubernetes │ │ VulnRelay │ │ Vulnerability │
│ Cluster(s) │◄───┤ ├───►│ Sources │
│ │ │ Cloud Providers │ │ │
│ - EKS │ │ Vuln Engine │ │ - AWS ECR │
│ - GKE (planned) │ │ HTTP Server │ │ - Trivy (plan.) │
│ - AKS (planned) │ │ /metrics │ │ - Grype (plan.) │
└─────────────────┘ │ /health │ └─────────────────┘
└──────────────────┘
# Vulnerability counts by severity
ecr_image_vulnerability_count{severity="CRITICAL",image_uri="...",namespace="production"} 2
# Detailed CVE information
ecr_vulnerability_info{cve_name="CVE-2024-12345",severity="CRITICAL"} 1
# Fix availability
ecr_vulnerability_fix_available{fix_status="YES"} 1
- Container Images:
ghcr.io/jfeddern/vulnrelay:latest - Helm Charts:
oci://ghcr.io/jfeddern/vulnrelay/charts/vulnrelay - Issues: GitHub Issues
- Discussions: GitHub Discussions
See the LICENSE file for details.