https://github.com/deepfence/package-scanner
https://github.com/deepfence/package-scanner
Last synced: 11 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/deepfence/package-scanner
- Owner: deepfence
- Created: 2022-02-11T09:58:26.000Z (over 4 years ago)
- Default Branch: release-2.5
- Last Pushed: 2024-12-04T11:15:48.000Z (over 1 year ago)
- Last Synced: 2024-12-12T05:22:11.814Z (over 1 year ago)
- Language: Go
- Size: 606 KB
- Stars: 41
- Watchers: 3
- Forks: 5
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Package Scanner
Scan for vulnerabilities in your docker image or a directory
## Download
Every [release](https://github.com/deepfence/package-scanner/releases) of package scanner provides binary releases for a variety of OSes. These binary versions can be manually downloaded and installed.
1. Go to the [releases](https://github.com/deepfence/package-scanner/releases) page and download the native client package based on your OS and CPU architecture.
2. Unpack it
```shell
tar -zxvf package-scanner_Linux_x86_64.tar
```
## Usage
Run this command to generate a license key. Work/official email id has to be used.
```shell
curl https://license.deepfence.io/threatmapper/generate-license?first_name=&last_name=&email=&company=&resend_email=true
```
### Image scan
Set product and licence key to download the vulnerability database needed for the scan
```shell
docker pull longhornio/csi-snapshotter:v6.2.1
export DEEPFENCE_PRODUCT=
export DEEPFENCE_LICENSE=
./package-scanner -source longhornio/csi-snapshotter:v6.2.1 -container-runtime docker
docker pull nginx:latest
export DEEPFENCE_PRODUCT=
export DEEPFENCE_LICENSE=
./package-scanner -source nginx:latest -severity critical
```
### Directory scan
```shell
export DEEPFENCE_PRODUCT=
export DEEPFENCE_LICENSE=
./package-scanner --source dir:
```
## Build
1. make tools
2. make cli
3. This will generate `package-scanner` binary in the current directory
## Build docker image
1. make docker-cli
2. docker images should show new image with name quay.io/deepfenceio/deepfence_package_scanner_cli:2.5.7
```
$ docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
quay.io/deepfenceio/deepfence_package_scanner_cli 2.5.7 e06fb1cd3868 About an hour ago 569MB
nginx latest 1403e55ab369 8 days ago 142MB
```
## Docker image standalone usage example
```
docker pull nginx:latest
docker run -it --rm -e DEEPFENCE_PRODUCT= -e DEEPFENCE_LICENSE= -v /var/run/docker.sock:/var/run/docker.sock --name package-scanner quay.io/deepfenceio/deepfence_package_scanner_cli:2.5.7 -source nginx:latest
```