Skip to main content

Pierre Ozoux

Test the security of your images in CoreOS with #clair

1 min read

You may have heard of the amazing clair project! I wanted to try it out to see if we were secured!

There is no README yet, but this project comes handy!

 doesn't have golang, but well, golang image has golang :)
docker run -it -v /opt/bin:/opt/bin golang go get -u && mv bin/analyze-local-images /opt/bin/
mkdir /etc/clair
cd /etc/clair/
docker run -it -v /tmp:/tmp -p 6060:6060 -p 6061:6061 -v /etc/clair:/config:ro --config=/config/config.example.yaml
 for: 2016-02-14 18:29:44.863164 I | updater: update finished

 an other shell and start to have fun:
docker images -q | xargs -L 1 analyze-local-images

This is pretty scary actually, we have to find better ways to pull more regularly our images.