November 19, 2017

Container vulnerability scan using CoreOS Clair

Docker Enterprise EE and it’s trusted registry has this great feature for security scanning images, which can be included in promotion policies and so on. If you however are not using EE or either DTR, there’s an awesome project from the CoreOS team called Clair. Just check the intergrations for a list of projects using it. I’ve started using this in Gitlab CI as an additional step to check images before uploading it to the builtin registry. Read more