This image scans directories on a Red Hat Atomic host for vulnerabilities, open source licenses, and operational risk.
You need Black Duck Hub software to generate reports.
The Black Duck Hub software can also run as a container. For instructions go here
Before you can scan a directory, you must first create a data container with the configuration of the Hub server.
That is accomplished by executing the following command:
$ docker run -ti -v /scanner -v /conf --name <hub server name> blackducksoftware/atomic_scanner
The installer will prompt you for the URL to the Black Duck Hub server, a user id, and a password.
After that, the container will stop.
If you perform the following command
$ docker ps -a | grep <hub server name>
You will notice the container has stopped but is still there.
Now scan a directory with the following command
$ docker run -ti --rm -h $(hostname) --volumes-from <hub server name> -v /etc/localtime:/etc/localtime -v <directory you want to scan>:/scanin -v <directory where you want the json report>:/scanout blackducksoftware/atomic_scanner
First we need to create a configured data container. In the example below, the configured data container is called eng-hub.
$ docker run -ti -v /scanner -v /conf --name eng-hub blackducksoftware/atomic_scanner
Now that the configuration is in place we can scan a directory:
$ docker run -ti --rm -h $(hostname) --volumes-from eng-hub -v /etc/localtime:/etc/localtime -v /home/tschoots:/scanin -v /home/tschoots/scanresults:/scanout blackducksoftware/atomic_scanner
In this example, the home directory of tschoots is going to be scanned and the json report will be in the /home/tschoots/scanresults directory.
On Red Hat Atomic, you still have to use --privileged so the output json file can be written to the scanout directory.