Skip to main content

Command line tool to interact with Clair

Project description

Build Status Coverage Status

claircli

claircli is a command line tool to interact with CoreOS Clair

Installation

pip install claircli

Commands

claircli -h
usage: claircli [-h] [-V] [-c CLAIR] [-w WHITE_LIST] [-T THRESHOLD]
                [-f {html,json}] [-L LOG_FILE] [-d] [-l LOCAL_IP | -r]
                images [images ...]

Command line tool to interact with CoreOS Clair, analyze docker image with
clair in different ways

positional arguments:
  images                docker images or regular expression

optional arguments:
  -h, --help            show this help message and exit
  -V, --version         show program's version number and exit
  -c CLAIR, --clair CLAIR
                        clair url, default: http://localhost:6060
  -w WHITE_LIST, --white-list WHITE_LIST
                        path to the whitelist file
  -T THRESHOLD, --threshold THRESHOLD
                        cvd severity threshold, if any servity of
                        vulnerability above of threshold, will return non-
                        zero, default: Unknown, choices are: ['Defcon1',
                        'Critical', 'High', 'Medium', 'Low', 'Negligible',
                        'Unknown']
  -f {html,json}, --formats {html,json}
                        output report file with give format, default: ['html']
  -L LOG_FILE, --log-file LOG_FILE
                        save log to file
  -d, --debug           print more logs
  -l LOCAL_IP, --local-ip LOCAL_IP
                        ip address of local host
  -r, --regex           if set, repository and tag of images will be treated
                        as regular expression

Examples:

    # analyze and output report to html
    # clair is running at http://localhost:6060
    claircli example.reg.com/myimage1:latest example.reg.com/myimage2:latest

    # analyze and output report to html
    # clair is running at https://example.clair.com:6060
    claircli -c https://example.clair.com:6060 example.reg.com/myimage1:latest

    # analyze and output report to html, json
    claircli -f html -f json example.reg.com/myimage1:latest

    # analyze with threshold and white list
    claircli -t High -w white_list_file.yml example.reg.com/myimage1:latest

    # analyze image on local host
    claircli -l <local ip address> myimage1:latest myimage2:latest

    # analyze image on other host foo
    export DOCKER_HOST=tcp://<ip of foo>:<port of docker listen>
    claircli -l <local ip address> myimage1:latest

    # analyze with regular expression, following will match
    # example.reg.com/myimage1:latest
    # and example.reg.com/myimage2:latest
    claircli -r example.reg.com/myimage:latest

    # analyze with regular expression, following will match
    # example.reg.com/myimage1:latest only
    claircli -r example.reg.com/^myimage1$:^latest$

Optional whitelist yaml file

This is an example yaml file. You can have an empty file or a mix with only common or <distribution>.

common:
  CVE-2017-6055: XML
  CVE-2017-5586: OpenText
ubuntu:
  CVE-2017-5230: XSX
  CVE-2017-5586: OpenText
alpine:
  CVE-2017-3261: SE

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for claircli, version 1.0
Filename, size File type Python version Upload date Hashes
Filename, size claircli-1.0-py2-none-any.whl (19.4 kB) File type Wheel Python version py2 Upload date Hashes View hashes
Filename, size claircli-1.0-py3-none-any.whl (19.4 kB) File type Wheel Python version py3 Upload date Hashes View hashes
Filename, size claircli-1.0.tar.gz (13.6 kB) File type Source Python version None Upload date Hashes View hashes

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page