{"id":19505972,"url":"https://github.com/tsuru/cst","last_synced_at":"2025-04-26T02:32:16.434Z","repository":{"id":74637597,"uuid":"139859181","full_name":"tsuru/cst","owner":"tsuru","description":"A middleware for intermediate container security scans against many security engines.","archived":true,"fork":false,"pushed_at":"2018-09-10T17:03:05.000Z","size":3782,"stargazers_count":4,"open_issues_count":0,"forks_count":2,"subscribers_count":9,"default_branch":"master","last_synced_at":"2025-03-14T09:13:40.798Z","etag":null,"topics":["containers","coreos-clair","security-scanning","tsuru"],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tsuru.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-07-05T14:13:26.000Z","updated_at":"2024-09-12T18:31:48.000Z","dependencies_parsed_at":null,"dependency_job_id":"26d13042-59be-4929-824e-c17af44bf18c","html_url":"https://github.com/tsuru/cst","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tsuru%2Fcst","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tsuru%2Fcst/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tsuru%2Fcst/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tsuru%2Fcst/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tsuru","download_url":"https://codeload.github.com/tsuru/cst/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250922127,"owners_count":21508279,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["containers","coreos-clair","security-scanning","tsuru"],"created_at":"2024-11-10T22:35:12.484Z","updated_at":"2025-04-26T02:32:16.428Z","avatar_url":"https://github.com/tsuru.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# CST\n\n[![Build Status](https://travis-ci.org/tsuru/cst.svg?branch=master)](https://travis-ci.org/tsuru/cst)\n[![codecov](https://codecov.io/gh/tsuru/cst/branch/master/graph/badge.svg)](https://codecov.io/gh/tsuru/cst)\n\nCST, stands for Container Security Testing, is a project to provide container security scans against many security engines (currently including only [CoreOS Clair][Clair Website]).\n\nThis project was designed to allow security scans out of the box. You would use it since at project's pipeline through where your imagination would go.\n\n## Running CST\n\nThis section outlines the required steps to run CST anywhere. The easiest way to\ndeploy the CST is using Docker Compose. Thus, you should install\n[Docker][Docker Install] and [Docker Compose][Docker Compose Install] before to\nfollow the instructions.\n\n### Configuring CoreOS Clair\n\nAll configurations about CoreOS Clair are on `etc/clair.cfg.yml` file. That's a\nself-explaned config file from [Clair's repository][Clair Repository],\nsee more details there.\n\n**WARNING**:\nUnfortunately, Clair doesn't handle the database connection string via environment\nvariables yet. So, we hardcoded the database credentials on its config file.\nYou should change those credentials on: `etc/clair.cfg.yml` (line 23); and \n`docker-compose.yml` (envs `POSTGRES_USER`, `POSTGRES_DB` and\n`POSTGRES_PASSWORD`).\n\n### Certificate\n\nTo start the CST web server, you will need a certificate and its private key.\nThose files must be named `cert.pem` and `key.pem`, respectively,  in the\n`.certs` dir.\n\nIn a local env, you can generate a self-signed certificate running the command\nbelow, for instance.\n\n```bash\n$ make generate-self-signed-certificate\n```\n\n### Run Docker Compose\n\nNow, it's time to run the Docker Compose and deploy the CST's stack. Do that by\nrunning the command below.\n\n```bash\n$ docker-compose up -d\n```\n\nFinally, you would be able to test the CST web API firing the command:\n\n```\n$ curl https://localhost:8443/health\nWORKING\n```\n\nIf everything is OK, you will see the \"WORKING\" message response.\n\n[Clair Website]: https://coreos.com/clair/\n[Clair Repository]: https://github.com/coreos/clair\n\n[Docker Install]:  https://docs.docker.com/install/\n[Docker Compose Install]: https://docs.docker.com/compose/install/\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftsuru%2Fcst","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftsuru%2Fcst","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftsuru%2Fcst/lists"}