Public Repository

Last pushed: 2 years ago
Short Description
This is a Black Duck Software scan container for the Red Hat Atomic platform.
Full Description


This image scans directories on a Red Hat Atomic host for vulnerabilities, open source licenses, and operational risk.
You need Black Duck Hub software to generate reports.

The Black Duck Hub software can also run as a container. For instructions go here


Before you can scan a directory, you must first create a data container with the configuration of the Hub server.
That is accomplished by executing the following command:

$ docker run -ti -v /scanner -v /conf --name <hub server name> blackducksoftware/atomic_scanner

The installer will prompt you for the URL to the Black Duck Hub server, a user id, and a password.
After that, the container will stop.

If you perform the following command

$ docker ps  -a | grep <hub server name>

You will notice the container has stopped but is still there.

Now scan a directory with the following command

$ docker run -ti --rm -h $(hostname) --volumes-from <hub server name> -v /etc/localtime:/etc/localtime -v <directory you want to scan>:/scanin -v <directory where you want the json report>:/scanout blackducksoftware/atomic_scanner

Usage Examples

First we need to create a configured data container. In the example below, the configured data container is called eng-hub.

$ docker run -ti -v /scanner -v /conf --name eng-hub blackducksoftware/atomic_scanner

Now that the configuration is in place we can scan a directory:

$ docker run -ti --rm -h $(hostname) --volumes-from eng-hub -v /etc/localtime:/etc/localtime -v /home/tschoots:/scanin -v /home/tschoots/scanresults:/scanout blackducksoftware/atomic_scanner

In this example, the home directory of tschoots is going to be scanned and the json report will be in the /home/tschoots/scanresults directory.


On Red Hat Atomic, you still have to use --privileged so the output json file can be written to the scanout directory.

Docker Pull Command