v13s (vulnerabilities) is a workload centric API which monitors Kubernetes workloads across multiple clusters and tracks container image vulnerabilities.
- Watches Kubernetes Deployments and Jobs across clusters
- Fetches and verifies container image attestations (SBOMs)
- Syncs vulnerability data from external sources
- Provides gRPC API and CLI for querying vulnerability information
- Tracks vulnerability history and calculates metrics such as Mean Time to Fix (MTTF)
- Architecture - System components and data flow
- API - gRPC service documentation
- Development - Local setup, building, and testing
- CLI Usage - Command-line interface usage
- River Job Queue - Job queue system and schema updates
# Start dependencies
docker compose up -d
# Configure
cp .env.sample .env
# Edit .env with your settings
# Build and run
make localAPI available at:
- gRPC:
localhost:50051
Metrics and RiverUI available at:
- Internal HTTP (metrics, RiverUI):
localhost:8000
See development documentation for detailed setup instructions.
go get github.com/nais/v13s/pkg/api@mainimport "github.com/nais/v13s/pkg/api/vulnerabilities"