paclair

Scan docker images with Clair - https://github.com/coreos/clair

Arguments

  • API_PREFIX - Prefix for API to Docker Registry
  • CLAIR_URL * - https://clair.domain.com:6060
  • IMAGE * - Docker Image Name
  • PROTOCOL - Docker Registry Protocol
  • REGISTRY - For ECR use `ecr` else use domain name for Docker Registry
  • REGISTRY_PASSWORD - Docker Registry Password
  • REGISTRY_USERNAME - Docker Registry Username
  • SEVERITY_THRESHOLD - critical, high, medium, low, negligible, unknown
  • TAG * - Docker Image Tag
  • TOKEN - Docker Registry Auth Token
  • TOKEN_TYPE - Docker Registry Auth Token Type
  • TOKEN_URL - Docker Registry Auth Token URL
    version: '1.0'
steps:
  run:
    type: paclair
    arguments:
      API_PREFIX: '${{API_PREFIX}}'
      CLAIR_URL: '${{CLAIR_URL}}'
      IMAGE: '${{IMAGE}}'
      PROTOCOL: '${{PROTOCOL}}'
      REGISTRY: '${{REGISTRY}}'
      REGISTRY_PASSWORD: '${{REGISTRY_PASSWORD}}'
      REGISTRY_USERNAME: '${{REGISTRY_USERNAME}}'
      SEVERITY_THRESHOLD: '${{SEVERITY_THRESHOLD}}'
      TOKEN: '${{TOKEN}}'
      TOKEN_TYPE: '${{TOKEN_TYPE}}'
      TOKEN_URL: '${{TOKEN_URL}}'
      TAG: '${{TAG}}'

  
github.com
Dustin Van Buskirk
Sep 18, 2019