Codefresh Steps: Reusable Code for Common Operations

This page provides code you can use to perform common operations in the Codefresh CI/CD platform.

Run a Clair security scan paclair

Scan a Docker image with Clair Security scanner.

arguments

API_PREFIX - Prefix for API to Docker Registry

CLAIR_URL - https://clair.domain.com:6060

IMAGE - Docker Image Name

PROTOCOL - Docker Registry Protocol

REGISTRY - For ECR use `ecr` else use domain name for Docker Registry

REGISTRY_PASSWORD - Docker Registry Password

REGISTRY_USERNAME - Docker Registry Username

SEVERITY_THRESHOLD - critical, high, medium, low, negligible, unknown

TAG - Docker Image Tag

TOKEN - Docker Registry Auth Token

TOKEN_TYPE - Docker Registry Auth Token Type

TOKEN_URL - Docker Registry Auth Token URL

    run:
  type: paclair
  arguments:
    API_PREFIX: '${{API_PREFIX}}'
    CLAIR_URL: '${{CLAIR_URL}}'
    IMAGE: '${{IMAGE}}'
    PROTOCOL: '${{PROTOCOL}}'
    REGISTRY: '${{REGISTRY}}'
    REGISTRY_PASSWORD: '${{REGISTRY_PASSWORD}}'
    REGISTRY_USERNAME: '${{REGISTRY_USERNAME}}'
    SEVERITY_THRESHOLD: '${{SEVERITY_THRESHOLD}}'
    TOKEN: '${{TOKEN}}'
    TOKEN_TYPE: '${{TOKEN_TYPE}}'
    TOKEN_URL: '${{TOKEN_URL}}'
    TAG: '${{TAG}}'

    run:
  type: paclair
  arguments:
    REGISTRY_USERNAME: username
    REGISTRY_PASSWORD: password
    CLAIR_URL: 'http://my-clair.com:6060'
    IMAGE: paclair-test
    TAG: master

github.com

Dustin Van Buskirk

Jul 4, 2021

source