1 min read
You may have heard of the amazing clair project! I wanted to try it out to see if we were secured!
#CoreOS doesn't have golang, but well, golang image has golang :) docker run -it -v /opt/bin:/opt/bin golang go get -u github.com/coreos/clair/contrib/analyze-local-images && mv bin/analyze-local-images /opt/bin/ exit mkdir /etc/clair cd /etc/clair/ wget https:/
/ raw.githubusercontent.com/ coreos/ clair/ master/ config.example.yaml docker run -it -v /tmp:/tmp -p 6060:6060 -p 6061:6061 -v /etc/clair:/config:ro quay.io/coreos/clair:latest --config=/config/config.example.yaml #wait for: 2016-02-14 18:29:44.863164 I | updater: update finished #open an other shell and start to have fun: docker images -q | xargs -L 1 analyze-local-images
This is pretty scary actually, we have to find better ways to pull more regularly our images.