Skip to content

deepfence/package-scanner

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

337 Commits

.github/workflows

.github/workflows

 
 

agent-plugins-grpc @ 3f7e4f7

agent-plugins-grpc @ 3f7e4f7

 
 

internal/deepfence

internal/deepfence

 
 

jobs

jobs

 
 

output

output

 
 

sbom

sbom

 
 

scanner

scanner

 
 

tools

tools

 
 

utils

utils

 
 

.dockerignore

.dockerignore

 
 

.gitignore

.gitignore

 
 

.gitmodules

.gitmodules

 
 

.golangci.yml

.golangci.yml

 
 

.goreleaser.yaml

.goreleaser.yaml

 
 

Dockerfile

Dockerfile

 
 

Makefile

Makefile

 
 

README.md

README.md

 
 

bootstrap.sh

bootstrap.sh

 
 

entrypoint.sh

entrypoint.sh

 
 

go.mod

go.mod

 
 

go.sum

go.sum

 
 

grype.yaml

grype.yaml

 
 

main.go

main.go

 
 

run-once.go

run-once.go

 
 

Repository files navigation

Package Scanner

Scan for vulnerabilities in your docker image or a directory

Download

Every release of package scanner provides binary releases for a variety of OSes. These binary versions can be manually downloaded and installed.

  1. Go to the releases page and download the native client package based on your OS and CPU architecture.
  2. Unpack it 
    tar -zxvf package-scanner_Linux_x86_64.tar

Usage

Image scan

docker pull longhornio/csi-snapshotter:v6.2.1
./package-scanner -source longhornio/csi-snapshotter:v6.2.1 -container-runtime docker

docker pull nginx:latest
./package-scanner -source nginx:latest -severity critical

Directory scan

./package-scanner --source dir:<directory full path>

Build

  1. make tools
  2. make cli
  3. This will generate package-scanner binary in the current directory

Build docker image

  1. make docker-cli
  2. docker images should show new image with name quay.io/deepfenceio/deepfence_package_scanner_cli:2.2.0
$ docker images
REPOSITORY                                          TAG       IMAGE ID       CREATED             SIZE
quay.io/deepfenceio/deepfence_package_scanner_cli   2.2.0     e06fb1cd3868   About an hour ago   569MB
nginx                                               latest    1403e55ab369   8 days ago          142MB

Docker image standalone usage example

docker pull nginx:latest
docker run -it --rm -v /var/run/docker.sock:/var/run/docker.sock --name package-scanner quay.io/deepfenceio/deepfence_package_scanner_cli:2.2.0 -source nginx:latest

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

40 stars

Watchers

4 watching

Forks

2 forks
Report repository

Releases 30

v2.2.0 Latest
Apr 25, 2024
+ 29 releases

Packages

No packages published

Contributors 15

Languages