Quick Guide For Running Clair Scanner via Katacoda

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

This guide talks about setting up the Clair scanner and performs scans on vulnerable DVWA container. Also now it is possible to perform a hands-on demo on katacoda.

You can run the demo on Katacoda. For running the demo visit https://www.katacoda.com/justmorpheus

Setting up Clair server or using locally.CoreOs Clair https://github.com/coreos/clairClair-scanner https://github.com/arminc/clair-scanner

You can run a dedicated Clair server with a database and use that in your ci/cd pipeline but if you want to run Clair as part of your ci/cd pipeline then you are in a surprise:

Starting Clair from scratch takes about 20 to 30 minutes because the database needs to be filled up with CVEs.Clair needs to access the container layers and therefore you need remote access from Clair to your build job.How to scan containersStart the Clair database and Clair locally or while running your job.

docker run -d –name clair-db arminc/clair-db:latest

docker run -p 6060:6060 –link clair-db:postgres -d –name clair arminc/clair-local-scan:v2.0.8_fe9b059d930314b54c78f75afe265955faf4fdc1

Scan a vulnerable image

We need a vulnerable image. There are few vulnerable images, including Damn Vulnerable Web Application. We can use

Read the article