https://github.com/sysdiglabs/secure-image-scanning

Image scanning with Sysdig Secure
https://github.com/sysdiglabs/secure-image-scanning

container-security security-tools

Last synced: 11 months ago
JSON representation

Image scanning with Sysdig Secure

• Host: GitHub
• URL: https://github.com/sysdiglabs/secure-image-scanning
• Owner: sysdiglabs
• License: apache-2.0
• Created: 2019-02-08T00:46:56.000Z (about 7 years ago)
• Default Branch: master
• Last Pushed: 2020-03-07T20:31:17.000Z (almost 6 years ago)
• Last Synced: 2025-01-23T01:22:21.911Z (about 1 year ago)
• Topics: container-security, security-tools
• Language: Shell
• Homepage: https://sysdig.com/blog/bamboo-sysdig-secure/
• Size: 13.7 KB
• Stars: 1
• Watchers: 2
• Forks: 3
• Open Issues: 2
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# Sysdig Secure Image Scanning

This directory contains the Dockerfile and entrypoint for

`sysdiglabs/secure-image-scanning`

This Docker image does an static scanning looking for vulnerabilities in the

image provided.

## Usage

`

docker run -e IMAGE_TO_SCAN="docker.io/library/ubuntu:latest" \

           -e SYSDIG_SECURE_TOKEN="xxXXxxXXXxxXX" \

           sysdiglabs/secure-image-scanning

`

### Environment variables used as parameters

* IMAGE_TO_SCAN: The image which is going to be scanned i.e.: docker.io/library/debian:latest

* SYSDIG_SECURE_TOKEN: The Sysdig Secure API Token.

* TIMEOUT: Timeout for the image scanning, by default is 10 minutes.

* MAX_RETRIES: Sometimes when analyzing the images, the registry takes some time for sending the image and it could lead to a `Not Found` error. So we implemented a retrying mechanism. By default it tries 3 times before giving up.

## Makefile usage

The Makefile contains 3 targets:

* `all`: Builds the image and pushes it to DockerHub

* `build`: Builds the image

* `push`: Pushes the image to DockerHub