Giters

gbvanrenswoude / local-container-scanning

Local Container Scanning without needing to host Clair server or maintaining CVE Database

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

claircvedockergitlabciklarlocallocalscanscanning

Container Scanning without setting up Clair server

What

This repository contains a working example of local container scanning using arminc's prefilled CVE database and Clair. Using this, you won't need to have to setup a whole Clair server, or fill and maintain a CVE database. The bash code is pretty universally applicable, the example is written for gitlabCI and does not require Gitlab Ultimate subscription.

Scan subject

Subject of the scan is a kube-toolbox container I use for K8S work mainly on AWS.

Requirements

Requirements are:

  • Docker

Requirements using the GitlabCI setup:

  • docker-executor --privileged

About

Local Container Scanning without needing to host Clair server or maintaining CVE Database

claircvedockergitlabciklarlocallocalscanscanning

Languages

Language:Dockerfile 100.0%