一千萬個為什麽

搜索

一共有 1 個回答:

Docker Registry和Docker Engine都有API接口。 我認為應該可以實現一個Docker插件來實現這種集成,例如當有人推送它們時掃描圖像。 (註意 - Docker註冊表是一個圖像註冊表,而不是容器註冊表)。

This scanner functionality is also possible through the commercial Docker Enterprise edition. https://docs.docker.com/docker-cloud/builds/image-scan/

UPD here an example with clair/docker, looks quite simple http://blog.xebia.com/docker-containers-vulnerability-scan-clair/