{"id":22308426,"url":"https://github.com/42bytelabs/konarr","last_synced_at":"2025-06-10T13:35:56.503Z","repository":{"id":260679692,"uuid":"821815595","full_name":"42ByteLabs/konarr","owner":"42ByteLabs","description":"Konarr: A free and open source SCA platform for your containers","archived":false,"fork":false,"pushed_at":"2025-06-04T11:27:35.000Z","size":1468,"stargazers_count":7,"open_issues_count":1,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-06-04T19:06:48.294Z","etag":null,"topics":["container-security","containers","homelab","rust","supply-chain","supply-chain-security"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/42ByteLabs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2024-06-29T14:10:57.000Z","updated_at":"2025-06-04T11:27:36.000Z","dependencies_parsed_at":"2024-11-01T20:11:58.198Z","dependency_job_id":"6d4988a0-9fba-46df-999a-e39f78f66b3b","html_url":"https://github.com/42ByteLabs/konarr","commit_stats":null,"previous_names":["42bytelabs/konarr"],"tags_count":13,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/42ByteLabs%2Fkonarr","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/42ByteLabs%2Fkonarr/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/42ByteLabs%2Fkonarr/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/42ByteLabs%2Fkonarr/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/42ByteLabs","download_url":"https://codeload.github.com/42ByteLabs/konarr/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/42ByteLabs%2Fkonarr/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":259085469,"owners_count":22803207,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["container-security","containers","homelab","rust","supply-chain","supply-chain-security"],"created_at":"2024-12-03T20:14:00.145Z","updated_at":"2025-06-10T13:35:56.487Z","avatar_url":"https://github.com/42ByteLabs.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003c!-- markdownlint-disable --\u003e\n\u003cdiv align=\"center\"\u003e\n\u003ch1\u003eKonarr\u003c/h1\u003e\n\n\u003cimg src=\"./assets/konar-logo.png\" width=\"250\" title=\"Konarr Logo\"\u003e\n\n[![GitHub](https://img.shields.io/badge/github-%23121011.svg?style=for-the-badge\u0026logo=github\u0026logoColor=white)][github]\n[![Crates.io Version](https://img.shields.io/crates/v/konarr?style=for-the-badge)][crates-io]\n[![Crates.io Downloads (recent)](https://img.shields.io/crates/dr/konarr?style=for-the-badge)][crates-io]\n[![Docs.rs](https://img.shields.io/badge/docs.rs-konarr-66c2a5?style=for-the-badge)][docs]\n[![GitHub Stars](https://img.shields.io/github/stars/42ByteLabs/konarr?style=for-the-badge)][github]\n[![GitHub Issues](https://img.shields.io/github/issues/42ByteLabs/konarr?style=for-the-badge)][github-issues]\n[![Licence](https://img.shields.io/github/license/42ByteLabs/konarr?style=for-the-badge)][license]\n\n⚠️  Work in progress and early stages of development ⚠️\n\n\u003c/div\u003e\n\u003c!-- markdownlint-restore --\u003e\n\n## Overview\n\n[Konarr][konarr] is a simple, easy-to-use web interface for monitoring your servers, clusters, and containers supply chain for dependencies and vulnerabilities.\nIt is designed to be lightweight and fast, with minimal resource usage. \n\nIt is written in [Rust][rust-lang], uses [Rocker][rocket] for the web server, and [Vue.js](https://vuejs.org/) for the front-end.\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eOrigin Story\u003c/strong\u003e\u003c/summary\u003e\n\nThis project came out of the need to monitor my homelab for insecure dependencies / components.\nAll the products that offer this are proprietary and cost money to use.\n\n[In December 2021, Log4Shell (CVE-2021-44228)](https://en.wikipedia.org/wiki/Log4Shell) came dropped and like most of the world I was running around trying to find if I had a service using it.\nTurned out I was but it was a painful process in finding if I was even using it.\n\n**Name Origin:**\n\nKonarr is from the name [Konar quo Maten](https://oldschool.runescape.wiki/w/Konar_quo_Maten) (translated as Konar the Hunter) from the game [Old School Runescape](https://oldschool.runescape.com/).\n\n\u003c/details\u003e\n\n## 🖼️ Screenshots\n\n\u003cdiv align=\"center\"\u003e\n\n![project-view](./assets/screenshots/projects-view.png)\n\n![project-view-dark](./assets/screenshots/dark-mode.png)\n\n\u003cdetails\u003e\n\u003csummary\u003eMore screenshots\u003c/summary\u003e\n\n**Single Project Summary** \n![server-view](./assets/screenshots/server-view.png)\n\n**Container Summary**\n![container-view](./assets/screenshots/container-view.png)\n\n**Dependencies View**\n![dependencies-view](./assets/screenshots/dependencies-view.png)\n\n\u003c/details\u003e\n\n\u003c/div\u003e\n\n## ✨ Features\n\n- Simple, easy-to-use web interface\n- Blazing fast performance with minimal resource usage (written in [Rust][rust-lang] 🦀)\n- Real-time monitoring of your containers\n  - Uses [Syft][syft] for image scanning (with more scanners to come)\n- Orchestration support\n  - Docker / Podman\n  - Docker Compose / Docker Swarm\n  - 🚧 Kubernetes support is planned\n- Software Bill of Materials (SBOM) for your containers\n- 🚧 Supply chain attack monitoring\n\n## 🚀 Quick Start\n\nThis small script will install the Konarr server and agent on your machine using containers.\n\n```bash\ncurl https://raw.githubusercontent.com/42ByteLabs/konarr/refs/heads/main/install.sh | bash -s\n```\n\n## 📚 Documentation\n\n\u003cdiv align=\"center\"\u003e\n🚧 Work in progress 🚧\n\u003c/div\u003e\n\n## 🛠️ Installation\n\nKonarr can be installed using Docker, Podman, or Cargo (native).\n\n### Konarr using Compose\n\nWhen using Docker/Podman Compose, the Konarr server and agent will be installed on your machine using containers.\n\n\u003cdetails\u003e\n\u003csummary\u003eCloning the repository\u003c/summary\u003e\n\n```bash\n# Clone the Konarr repository from GitHub\ngit clone https://github.com/42ByteLabs/konarr.git \u0026\u0026 cd konarr\n# Update submodules\ngit submodule update --init --recursive\n```\n\n\u003c/details\u003e\n\n**Starting the server and agent:**\n\n```bash\ndocker-compose up -d\n```\n\n### 💻 Konarr Server\n\nThe Konarr Server is the API and web interface that is used to monitor your containers.\nIt can be installed using Docker/Podman or Cargo (native).\n\n#### Konarr Server using Docker\n\n```bash\ndocker run -it --rm \\\n    -p 9000:9000 \\\n    -v ./data:/data \\\n    -v ./config:/config \\\n    ghcr.io/42bytelabs/konarr:v0.4.3\n```\n\n\u003cdetails\u003e\n\u003csummary\u003eDescription\u003c/summary\u003e\n\nThis command does the following:\n\n- `-it --rm` - This is a common set of flags to pass to `docker run`. The `-it` flag is short for `--interactive` and `--tty`, which tells Docker to open an interactive terminal inside the container. The `--rm` flag tells Docker to automatically remove the container when it stops running.\n- `-p 9000:9000` - This tells Docker to map port 9000 on the host machine to port 9000 on the container. This is the port that the Konarr server listens on by default.\n- `-v ./data:/data` - This tells Docker to mount the `./data` directory on the host machine to the `/data` directory on the container. This is where Konarr stores its data by default.\n- `-v ./config:/config` - This tells Docker to mount the `./config` directory on the host machine to the `/config` directory on the container. This is where Konarr looks for its configuration file by default.\n- `ghcr.io/42bytelabs/konarr:v0.4.3` - This is the name of the Docker image that we want to run. The `ghcr.io/42bytelabs/konarr` part is the name of the repository on GitHub Container Registry, and the `v0.1.0` part is the tag of the image that we want to run.\n\n\u003c/details\u003e\n\n#### Install Server via Cargo\n\nThe `konarr-server` can be installed using Cargo but it is not recommended for production use.\n\n```bash\ncargo install konarr-server\n```\n\n### 🕵️ Konarr Agent\n\nThe Konarr Agent is the Konarr CLI that is used to monitor your containers.\nIt is written in Rust and is available as a binary or as a Docker image.\n\n#### Running Agent in Docker\n\n```bash\ndocker run -it --rm \\\n    -e KONARR_INSTANCE \\\n    -e KONARR_AGENT_TOKEN \\\n    -e KONARR_PROJECT_ID \\\n    ghcr.io/42bytelabs/konarr-agent:v0.4.3\n```\n\n#### Install Agent via Cargo\n\nThe konarr-cli is a Rust binary that can be installed via Cargo.\n\n```bash\ncargo install konarr-cli\n```\n\n### From Source\n\n```bash\n# Clone the Konarr repository from GitHub\ngit clone https://github.com/42ByteLabs/konarr.git \u0026\u0026 cd konarr\n# Update submodules (client/frontend is a submodule)\ngit submodule update --init --recursive\n\n# Build frontend\ncd client \u0026\u0026 npm install \u0026\u0026 npm run build \u0026\u0026 cd ..\n# Build and run server\ncargo run -p konarr-server --release -- -c ./konarr.yml\n```\n\n## ❤️  Maintainers / Contributors\n\n\u003c!-- ALL-CONTRIBUTORS-LIST:START - Do not remove or modify this section --\u003e\n\u003c!-- prettier-ignore-start --\u003e\n\u003c!-- markdownlint-disable --\u003e\n\u003ctable\u003e\n  \u003ctbody\u003e\n    \u003ctr\u003e\n      \u003ctd align=\"center\" valign=\"top\" width=\"14.28%\"\u003e\u003ca href=\"https://geekmasher.dev\"\u003e\u003cimg src=\"https://avatars.githubusercontent.com/u/2772944?v=4?s=100\" width=\"100px;\" alt=\"Mathew Payne\"/\u003e\u003cbr /\u003e\u003csub\u003e\u003cb\u003eMathew Payne\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003cbr /\u003e\u003ca href=\"#code-GeekMasher\" title=\"Code\"\u003e💻\u003c/a\u003e \u003ca href=\"#review-GeekMasher\" title=\"Reviewed Pull Requests\"\u003e👀\u003c/a\u003e\u003c/td\u003e\n    \u003c/tr\u003e\n  \u003c/tbody\u003e\n\u003c/table\u003e\n\n\u003c!-- markdownlint-restore --\u003e\n\u003c!-- prettier-ignore-end --\u003e\n\n\u003c!-- ALL-CONTRIBUTORS-LIST:END --\u003e\n\n## 🦸 Support\n\nPlease create [GitHub Issues][github-issues] if there are bugs or feature requests.\n\nThis project uses [Semantic Versioning (v2)][semver] and with major releases, breaking changes will occur.\n\n## 📓 License\n\nThis project is licensed under the terms of the Apache2 open source license.\nPlease refer to [Apache2][license] for the full terms.\n\n\u003c!-- Resources --\u003e\n\n[license]: ./LICENSE\n[crates-io]: https://crates.io/crates/konarr\n[docs]: https://docs.rs/konarr/latest/konarr\n[semver]: https://semver.org/\n[rust-lang]: https://www.rust-lang.org/\n[rocket]: https://rocket.rs/\n\n[konarr]: https://github.com/42ByteLabs/konarr\n[github]: https://github.com/42ByteLabs/konarr\n[github-issues]: https://github.com/42ByteLabs/konarr/issues\n\n[syft]: https://github.com/anchore/syft\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F42bytelabs%2Fkonarr","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F42bytelabs%2Fkonarr","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F42bytelabs%2Fkonarr/lists"}