{"id":19260273,"url":"https://github.com/scipag/containerkitty","last_synced_at":"2025-04-21T16:31:33.405Z","repository":{"id":102847772,"uuid":"374581626","full_name":"scipag/ContainerKitty","owner":"scipag","description":"Invoke-ContainerKitty - Automates container scans with Docker Engine","archived":false,"fork":false,"pushed_at":"2023-07-27T05:57:42.000Z","size":9,"stargazers_count":7,"open_issues_count":0,"forks_count":4,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-04-01T14:22:02.910Z","etag":null,"topics":["automation","container","docker","docker-container","docker-scanner","powershell","scan","snyk","windows"],"latest_commit_sha":null,"homepage":"","language":"PowerShell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/scipag.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-06-07T07:55:45.000Z","updated_at":"2024-06-24T03:41:35.000Z","dependencies_parsed_at":null,"dependency_job_id":"cf9d2177-b2ce-4a62-b684-fe92406f14ef","html_url":"https://github.com/scipag/ContainerKitty","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scipag%2FContainerKitty","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scipag%2FContainerKitty/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scipag%2FContainerKitty/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scipag%2FContainerKitty/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/scipag","download_url":"https://codeload.github.com/scipag/ContainerKitty/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250090864,"owners_count":21373267,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["automation","container","docker","docker-container","docker-scanner","powershell","scan","snyk","windows"],"created_at":"2024-11-09T19:19:38.078Z","updated_at":"2025-04-21T16:31:33.398Z","avatar_url":"https://github.com/scipag.png","language":"PowerShell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# ContainerKitty\r\n\r\n## Introduction\r\n\r\nManual scanning of many container images is repetitive and not efficient. We have developed *ContainerKitty* to automate image scanning and simplify the process. No server infrastructure is required for *ContainerKitty*, the script can be used on any Windows system with *Docker*.\r\n\r\nThe script builds a list of container images from a *GitLab* repository. It is also possible to use a list from another source. This list should contain one image per line, for example `registry.example.com/dev/example-image:4.2.0`. *ContainerKitty* fetches the images from the *registry* into the local Docker instance and then runs the scan. The results are saved as a *JSON file* per image. The *report* function parses all JSON files and provides a short summary as well as a CSV file for further processing. All steps can be logged if required.\r\n\r\n[Docker Desktop for Windows](https://docs.docker.com/docker-for-windows/install/) is necessary for using *Container Kitty*. A [Docker ID](https://hub.docker.com/) must be registered for this purpose. ContainerKitty started with Docker Scan, which was replaced by [Docker Scout](https://docs.docker.com/scout/) in April 2023.\r\n\r\n## ContainerKitty in Action\r\n\r\nDocker and *ContainerKitty* can be run *without* administrator rights. The requirement for Docker is that the user belongs to the local group `docker-users`. Before *ContainerKitty* is used for the first time, the PowerShell session must be authenticated with Docker. Now, _ContainerKitty_ can be used:\r\n\r\n```powershell\r\nPS C:\\\u003e docker login\r\nPS C:\\\u003e Import-Module -Force .\\Invoke-ContainerKitty.ps1\r\n```\r\n\r\nThe modules of *ContainerKitty* can be combined with each other. In the following example, *ContainerKitty* creates a list of all images of the user with the ID `5` from GitLab and then pulls the images from the registry into the local Docker instance. Afterwards, it scans the images and analyses the results:\r\n\r\n```powershell\r\nPS C:\\\u003e Invoke-ContainerKitty -BuildList https://gitlab.example.org -BuildId 5 -BuildIdType User -Scan -Report -ReportDirectory .\\reports\\ -Log\r\n\r\n\r\n      =^._.^=\r\n     _(      )/  ContainerKitty 0.2.0-1623130424\r\n\r\n\r\n[*] 6/8/2021 7:32:51 AM - Starting ContainerKitty\r\n[*] 6/8/2021 7:32:51 AM - Start API calls\r\n[*] 6/8/2021 7:32:51 AM - ContainerKitty needs a private token to build the container list. This token will not be stored.\r\n[$] 6/8/2021 7:32:56 AM - List of container images is finished: .\\containerkitty_container_list-20210608-0732.txt\r\n[*] 6/8/2021 7:32:56 AM - API calls done\r\n[*] 6/8/2021 7:32:56 AM - Start pulling container image ubuntu:xenial-20210429\r\n...\r\n[$] 6/8/2021 7:32:58 AM - Pulling container image ubuntu:xenial-20210429 done\r\n[*] 6/8/2021 7:32:58 AM - Start scanning container image ubuntu:xenial-20210429\r\n[*] 6/8/2021 7:34:11 AM - Scanning container image ubuntu:xenial-20210429 done\r\n[*] 6/8/2021 7:34:11 AM - Start creating the report .\\containerkitty_report-20210608-0734.csv\r\n[*] 6/8/2021 7:34:28 AM - Creating report .\\containerkitty_report-20210608-0734.csv done\r\n[*] 6/8/2021 7:34:28 AM - ContainerKitty is done\r\n```\r\n\r\nEach module can also be run individually. Thus, a scan can be started directly by providing *ContainerKitty* a manually created list of images. It is also possible to only run an analysis on JSON files created by *Docker Scout*. The report creates a CSV file with the following information:\r\n\r\n* Id and Id Snyk\r\n* Image and version (tag)\r\n* Affected package and its version\r\n* Vulnerability title\r\n* Description of the vulnerability\r\n* Countermeasure and statement whether an upgrade/patch is available\r\n* CVSS score and specification according to CVSSv3.1\r\n* References\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fscipag%2Fcontainerkitty","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fscipag%2Fcontainerkitty","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fscipag%2Fcontainerkitty/lists"}