Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start. You can install dockle with the asdf version manager with this plugin, which automates the process of installing (and switching between) various versions of github release binaries. With asdf already installed, run commands to install dockle. You can scan your built image with Dockle in Travis CI/CircleCI. Though, you can ignore the specified target checkpoints by using .dockleignore file. Or, if you just want the results to display and not let the test fail for this, specify --exit-code to 0 in dockle command.
Features
- Scanning for common vulnerabilities and exposures (CVEs)
- Scanning for unnecessary or sensitive files
- Scanning for outdated software
- Scanning for exposed ports
- Generating detailed report in json and html format
- Support for different container image formats like OCI, Docker and Appc
License
Apache License V2.0Follow Dockle
You Might Also Like
FortiGate NGFW identifies and stops advanced threats with powerful application control, malware protection, web filtering, antivirus, and IPS technology. As the attack surface expands, FortiGate provides integrated and automated protection against emerging and sophisticated threats while securing hybrid or multi-cloud environments. Deploy today in Azure Marketplace.
Rate This Project
Login To Rate This Project
User Reviews
Be the first to post a review of Dockle!