{"id":19540564,"url":"https://github.com/pradhans0906/dockerized-copa","last_synced_at":"2025-10-28T15:42:13.859Z","repository":{"id":261573902,"uuid":"884530088","full_name":"pradhans0906/dockerized-copa","owner":"pradhans0906","description":"Dockerized-COPA is a containerized solution for patching vulnerable container images using Project Copacetic (COPA). It simplifies the process of updating container images with security patches without requiring a complete rebuild from source.","archived":false,"fork":false,"pushed_at":"2024-12-07T15:36:51.000Z","size":307,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-02-26T05:16:30.906Z","etag":null,"topics":["copacetic","docker-image","docker-scout","vulnerability","vulnerability-detection","vulnerability-scanners"],"latest_commit_sha":null,"homepage":"","language":"Dockerfile","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/pradhans0906.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-11-06T23:18:27.000Z","updated_at":"2024-12-07T15:36:54.000Z","dependencies_parsed_at":"2024-11-07T09:44:24.581Z","dependency_job_id":"599067ce-7863-45db-a7d9-1df1ca8faba2","html_url":"https://github.com/pradhans0906/dockerized-copa","commit_stats":null,"previous_names":["pradhans0906/dockerized-copa"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/pradhans0906/dockerized-copa","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pradhans0906%2Fdockerized-copa","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pradhans0906%2Fdockerized-copa/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pradhans0906%2Fdockerized-copa/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pradhans0906%2Fdockerized-copa/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/pradhans0906","download_url":"https://codeload.github.com/pradhans0906/dockerized-copa/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pradhans0906%2Fdockerized-copa/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279013948,"owners_count":26085430,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-13T02:00:06.723Z","response_time":61,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["copacetic","docker-image","docker-scout","vulnerability","vulnerability-detection","vulnerability-scanners"],"created_at":"2024-11-11T03:04:54.151Z","updated_at":"2025-10-13T06:10:43.993Z","avatar_url":"https://github.com/pradhans0906.png","language":"Dockerfile","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Dockerized Copa\n\n```bash\ndocker pull pradhans0906/dockerized-copa:latest\ndocker pull pradhans0906/dockerized-copa:0.9.0-distroless\n```\n\n## Patch an image\n```bash\ndocker run --rm --privileged \\\n  -v /var/run/docker.sock:/var/run/docker.sock \\\n  -e DOCKER_CONFIG=/root/.docker \\\n  pradhans0906/dockerized-copa:latest \\\n  \"nginx:1.21.6\"\n```\n\n## Key Features:\n- 🔒 Simple vulnerability patching for container images\n- 🐳 Fully containerized solution\n- 🔄 Works seamlessly with Docker Desktop\n- 🛠️ Easy-to-use command-line interface\n\nPerfect for DevOps engineers and developers who want to keep their container images secure without disrupting their existing workflows. Built for macOS users, compatible with Docker Desktop.\n\n## Documentation\n- Usage Guide\n- Development Guide\n- Contributing\n- Changelog\n\n## Requirements\n- Docker Desktop (macOS)\n- Docker-scout (scanner) To get the CVE details.\n- Internet access for pulling images\n\n## Installation\n\n### Using Docker Pull\n```bash\ndocker pull pradhans0906/dockerized-copa:latest\n```\n\n### Building from Source\n```bash\ngit clone https://github.com/pradhans0906/dockerized-copa.git\ncd dockerized-copa\n```\n\n### Build Options\n\n#### Standard Build\n```bash\ndocker build --no-cache --build-arg copa_version=0.9.0 -t copa-local:0.9.0 .\n```\n\n#### Distroless Build (Minimal Version)\nWe also provide a distroless version for a more secure and lightweight container:\n```bash\n# Build the distroless version\ndocker build -t copa-distroless --build-arg copa_version=0.9.0 -f Distroless .\n```\n\nThe distroless version provides:\n- Smaller image size\n- Reduced attack surface\n- Direct binary execution\n- No shell or unnecessary utilities\n\nUsing the distroless version:\n```bash\ndocker run --rm --privileged \\\n    -v /var/run/docker.sock:/var/run/docker.sock \\\n    copa-distroless \\\n    -i \"nginx:1.22\" -t \"nginx:1.22-patched\" --debug\n```\n\n## Usage Examples\n\n### Standard Version\n```bash\n# To patch Nginx\n./scripts/patch.sh nginx:1.21.6\n\n# Example output:\n#18 sending tarball 1.0s done\n#18 DONE 2.5s\ntime=\"2024-11-06T23:47:39Z\" level=debug msg=\"stopping session\"\ntime=\"2024-11-06T23:47:40Z\" level=info msg=\"Loaded image: nginx:patched\"\ntime=\"2024-11-06T23:47:40Z\" level=warning msg=\"--debug specified, working folder at /tmp/copa-3235261740 needs to be manually cleaned up\"\n```\n\nCheck 'docker images' for the patched image:\n```bash\ndocker images\nREPOSITORY    TAG             IMAGE ID       CREATED         SIZE\nnginx         1.21.6-patched  8945b370ac89   2 years ago     307MB\nnginx         1.21.6         2bcabc23b454   2 years ago     418MB\n```\n\n### With Custom Tag\n```bash\n./scripts/patch.sh nginx:1.21.6 1.21.6-secure\n```\n\n```bash\nREPOSITORY    TAG             IMAGE ID       CREATED         SIZE\nnginx         1.21.6-secure   a87859d4a2d2   2 years ago     307MB\nnginx         1.21.6         2bcabc23b454   2 years ago     418MB\n```\n\n### Version Comparison\n- **Standard Version**: Full featured, includes shell capabilities\n- **Distroless Version**: Minimal size, enhanced security, direct binary execution\n\n### Vulnerability Status\nLet's check the status of the Vulns.\n\n![cve status of the image](screenshots/screenshot1.png)\n![copa patched status](screenshots/screenshot2.png)\n\n## Contributing\nWe welcome contributions! Please see our Contributing Guide for details.\n\n## License\nThis project is licensed under the MIT License - see the LICENSE file for details.\n\n## Acknowledgments\n- Copacetic Team for the original COPA tool\n- Docker Team for Docker Scout\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpradhans0906%2Fdockerized-copa","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpradhans0906%2Fdockerized-copa","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpradhans0906%2Fdockerized-copa/lists"}