yebinama / paclair Goto Github PK
View Code? Open in Web Editor NEWPaclair is a Python3 Cli tool to interact with Coreos's Clair (https://github.com/coreos/clair).
License: Apache License 2.0
Paclair is a Python3 Cli tool to interact with Coreos's Clair (https://github.com/coreos/clair).
License: Apache License 2.0
$ python -m paclair --conf /source/conf.yml Docker ${IMAGE} push
Traceback (most recent call last):
File "/usr/local/lib/python3.8/runpy.py", line 194, in _run_module_as_main
return _run_code(code, main_globals, None,
File "/usr/local/lib/python3.8/runpy.py", line 87, in _run_code
exec(code, run_globals)
File "/usr/local/lib/python3.8/site-packages/paclair/main.py", line 105, in
main()
File "/usr/local/lib/python3.8/site-packages/paclair/main.py", line 71, in main
paclair_object.push(args.plugin, host)
File "/usr/local/lib/python3.8/site-packages/paclair/handler.py", line 76, in push
self._plugins[plugin].push(name)
File "/usr/local/lib/python3.8/site-packages/paclair/plugins/abstract_plugin.py", line 53, in push
return self.clair.post_ancestry(self.create_ancestry(name))
File "/usr/local/lib/python3.8/site-packages/paclair/plugins/docker_plugin.py", line 68, in create_ancestry
return DockerAncestry(self.create_docker_image(name))
File "/usr/local/lib/python3.8/site-packages/paclair/ancestries/docker.py", line 24, in init
for layer in docker_image.get_layers():
File "/usr/local/lib/python3.8/site-packages/paclair/docker/docker_image.py", line 85, in get_layers
fs_layers = manifest['layers']
KeyError: 'layers'
I'm trying to test something with paclair using a localhost registry.
When I create my registry in the conf:
Plugins:
Docker:
class: paclair.plugins.docker_plugin.DockerPlugin
registries:
localhost:5000:
auth:
- "admin"
- "badmin"
Then when I attempt to scan an image localhost:5000/namespace/name:tag
it attempts to get the image data from the docker hub.
In paclair/plugins/docker_plugin.py,the function create_docker_image() might has a bug.
it should be like this:
if matcher.group("domain") is None:
if '/' in matcher.group("name"):
return DockerImage(matcher.group("name"), self.__docker_hub,
tag=matcher.group("tag") or 'latest')
else:
return DockerImage("library/" + matcher.group("name"), self.__docker_hub,
tag=matcher.group("tag") or 'latest')
When I push a image like "nginx",the DockerImage name should be "library/nginx".But when I push a image like "citizenstig/dvwa",the DockerImage name should just be "citizenstig/dvwa" not "library/citizenstig/dvwa".
Hi there, great tool! Thank you for this. I tried a lot of other clair CLI tools but none worked with Clair API v3 so this was a nice surprise!
Quick question - I read through the Readme and also tried running this and it worked just fine. However I do have a question about how does it actually work since there doesn't seem to be any information regarding it?
I figured that in order to scan a particular image, I need to first push it to Clair and then run the analyze command? Is this true? Can I simply issue the analyze command against an image in my registry without pushing the image first?
Hello,
Is it possible to scan locally build images ?
Thanks
Looking through, and see that the config references Artifactory as a docker repository.
I'm assuming in the YAML config, I use the hostname of my registry under registries, but not really sure what the other properties are and how auth works since I have to login using api key into to Artifactory. Also tool seems to just keep trying to reach out to the public docker hub...
Any information is appreciated.
Dear team,
Below command was able to retrieve JSON from Clair V3 server.
paclair --conf conf/conf.yml Docker ubuntu analyse
But the below command pulls the blank html report. am I missing something?
paclair --conf conf/conf.yml Docker ubuntu analyse --output-format html --output-dir /tmp
Hello,
did someone use paclair with a private registry from sonatype nexus and can give me an example configuration? especially for the api_prefix I try a lot around but it don't works for me
best regards
Dan
The REGEX defined in the file "paclair/init.py" might not right.
It can't match the domain when I push a image like "registray.test.com/abc/test/nginx:latest".
The value of the "domain" should be like this:
'domain': r'(?:(?P(?:[a-zA-Z0-9]+|[a-zA-Z0-9][a-zA-Z0-9-][a-zA-Z0-9])(?:(?:.(?:[a-zA-Z0-9]+|[a-zA-Z0-9][a-zA-Z0-9-][a-zA-Z0-9]))+)?(?::[0-9]+)?)/)?',
not this:
'domain': r'(?:(?P(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-][a-zA-Z0-9])(?:(?:.(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-][a-zA-Z0-9]))+)?(?::[0-9]+)?)/)?',
I installed paclair from pip and run paclair push alpine:latest
and it failed with this error.
I am running this on Fedora with the clair docker-compose config
$ paclair push alpine:latest
Traceback (most recent call last):
File "/home/lukepicciau/.local/bin/paclair", line 11, in <module>
load_entry_point('paclair==3.2.0', 'console_scripts', 'paclair')()
File "/usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 489, in load_entry_point
return get_distribution(dist).load_entry_point(group, name)
File "/usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 2793, in load_entry_point
return ep.load()
File "/usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 2411, in load
return self.resolve()
File "/usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 2417, in resolve
module = __import__(self.module_name, fromlist=['__name__'], level=0)
File "/home/lukepicciau/.local/lib/python2.7/site-packages/paclair/__main__.py", line 4, in <module>
from paclair.handler import PaClair
File "/home/lukepicciau/.local/lib/python2.7/site-packages/paclair/handler.py", line 6, in <module>
from paclair.config_reader import ConfigReader
File "/home/lukepicciau/.local/lib/python2.7/site-packages/paclair/config_reader.py", line 2, in <module>
from paclair.api.clair_requests_v1 import ClairRequestsV1
File "/home/lukepicciau/.local/lib/python2.7/site-packages/paclair/api/clair_requests_v1.py", line 3, in <module>
from paclair.api.abstract_clair_requests import AbstractClairRequests
File "/home/lukepicciau/.local/lib/python2.7/site-packages/paclair/api/abstract_clair_requests.py", line 13, in <module>
class AbstractClairRequests(LoggedObject):
File "/usr/lib64/python2.7/abc.py", line 87, in __new__
cls = super(ABCMeta, mcls).__new__(mcls, name, bases, namespace)
TypeError: Error when calling the metaclass bases
a new-style class can't have only classic bases
For example, if I want to scan medicean/vulapps:s_struts2_s2-037
, how to push it? I tried paclair --debug --conf paclair.yml Docker medicean/vulapps:s_struts2_s2-037 push
to push it, but it returned "not found".
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.