Tracking container vulnerabilities with Clair Control
Clairctl is a lightweight command-line tool doing the bridge between Registries as Docker Hub, Docker Registry or Quay.io, and the CoreOS vulnerability tracker, Clair.
Clairctl will play as reverse proxy for authentication.
Clairctl version is align with the CoreOS Clair supported version.
clairctl get vulnerabilities report from Clair and generate HTML report
clairctl can be used for Docker Hub and self-hosted Registry
Analyze your docker image with Clair, directly from your registry. Usage: clairctl [command] Available Commands: analyze Analyze Docker image health Get Health of clairctl and underlying services login Log in to a Docker registry logout Log out from a Docker registry pull Pull Docker image information push Push Docker image to Clair report Generate Docker Image vulnerabilities report version Get Versions of clairctl and underlying services Flags: --config string config file (default is ./.clairctl.yml) --log-level string log level [Panic,Fatal,Error,Warn,Info,Debug] Use "clairctl [command] --help" for more information about a command.
clair: port: 6060 healthPort: 6061 uri: http://clair report: path: ./reports format: html
Building the latest binaries
clairctl requires Go 1.8+.
curl https://glide.sh/get | sh
Clone and build:
git clone firstname.lastname@example.org:jgsqware/clairctl.git $GOPATH/src/github.com/jgsqware/clairctl cd $GOPATH/src/github.com/jgsqware/clairctl glide install -v go generate ./clair go build
This will result in a
clairctl executable in the
Contribution and Test
Go to /contrib folder