Quayio::Scanner
Quayio Scanner translates critical vulnerabilities in running docker containers into Sensu check results to transform vulnerability scans into actionable alerts.
Installation
Add this line to your application's Gemfile:
gem 'quayio-scanner'
And then execute:
$ bundle
Or install it yourself as:
$ gem install quayio-scanner
USAGE
This plugin attempts to fetch vulnerabilities for all running containers
Parameters
Parameter | Description |
---|---|
-d URL | Docker URL |
-t TOKEN | Quay.io oauth token |
-w WHITELIST[,WHITELIST] | Vulnerability whitelist |
-n NAMESPACE[,NAMESPACE] | Namespaces (quay.io scanners) to ignore |
Example
$ check-container-vulnerabilities.rb --docker-url unix:///var/run/docker.sock --quayio-token AccessTokenGoesHere
Contributing
Bug reports and pull requests are welcome on GitHub at https://github.com/aboutsource/quayio-scanner.
License
The gem is available as open source under the terms of the MIT License.
json
Copyright 2019 - present Florian Frank - The gem json is distributed under the Ruby License.