Codefresh Steps: Reusable Code for Common Operations
This page provides code you can use to perform common operations in the Codefresh CI/CD platform.
1

Run a Clair security scan paclair

Scan a Docker image with Clair Security scanner.

arguments

  • API_PREFIX - Prefix for API to Docker Registry
  • CLAIR_URL - https://clair.domain.com:6060
  • IMAGE - Docker Image Name
  • PROTOCOL - Docker Registry Protocol
  • REGISTRY - For ECR use `ecr` else use domain name for Docker Registry
  • REGISTRY_PASSWORD - Docker Registry Password
  • REGISTRY_USERNAME - Docker Registry Username
  • SEVERITY_THRESHOLD - critical, high, medium, low, negligible, unknown
  • TAG - Docker Image Tag
  • TOKEN - Docker Registry Auth Token
  • TOKEN_TYPE - Docker Registry Auth Token Type
  • TOKEN_URL - Docker Registry Auth Token URL
    run:
  type: paclair
  arguments:
    API_PREFIX: '${{API_PREFIX}}'
    CLAIR_URL: '${{CLAIR_URL}}'
    IMAGE: '${{IMAGE}}'
    PROTOCOL: '${{PROTOCOL}}'
    REGISTRY: '${{REGISTRY}}'
    REGISTRY_PASSWORD: '${{REGISTRY_PASSWORD}}'
    REGISTRY_USERNAME: '${{REGISTRY_USERNAME}}'
    SEVERITY_THRESHOLD: '${{SEVERITY_THRESHOLD}}'
    TOKEN: '${{TOKEN}}'
    TOKEN_TYPE: '${{TOKEN_TYPE}}'
    TOKEN_URL: '${{TOKEN_URL}}'
    TAG: '${{TAG}}'

  
    run:
  type: paclair
  arguments:
    REGISTRY_USERNAME: username
    REGISTRY_PASSWORD: password
    CLAIR_URL: 'http://my-clair.com:6060'
    IMAGE: paclair-test
    TAG: master

  
github.com
Dustin Van Buskirk
Jul 4, 2021