dockle

We have hosted the application dockle in order to run this application in our online workstations with Wine or directly.

Quick description about dockle:

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start. You can install dockle with the asdf version manager with this plugin, which automates the process of installing (and switching between) various versions of github release binaries. With asdf already installed, run commands to install dockle. You can scan your built image with Dockle in Travis CI/CircleCI. Though, you can ignore the specified target checkpoints by using .dockleignore file. Or, if you just want the results to display and not let the test fail for this, specify --exit-code to 0 in dockle command.

Features:

• Scanning for common vulnerabilities and exposures (CVEs)
• Scanning for unnecessary or sensitive files
• Scanning for outdated software
• Scanning for exposed ports
• Generating detailed report in json and html format
• Support for different container image formats like OCI, Docker and Appc

Programming Language: Go.
Categories: