Giter Site home page Giter Site logo

docker-goof's Introduction

Docker Goof

Open a terminal at the docker-goof directory.

  1. Build the image

    docker build -t docker-goof .

  2. Test the image

    snyk test --docker docker-goof --file=Dockerfile

All-in-one to clone and run:

git clone [email protected]:snyk/docker-goof && \
cd docker-goof && \
docker build -t docker-goof . && \
snyk test --docker docker-goof --file=Dockerfile

Utility scripts

To build all images:

./build.sh

To test all images:

./test.sh

Screenshots

All of these screenshots demonstrate the extra value provided when a Dockerfile is supplied via the CLI --file argument.

For example:

snyk test --docker docker-goof --file=Dockerfile

Base Image Remediation

This screenshot shows alternative images that may be used in the Dockerfile's FROM line to reduce vulnerabilities. Minor upgrades are the most likely to be compatible, Major are potentially breaking depending on how the image is used, and Alternative architecture images are given for more technical users to investigate.

Base Image Remediation Screenshot

Base Image Vulnerability

This screenshot shows an image with a vulnerability introduced by the base image (the FROM line in a Dockerfile) with the "Introduced by your base image ..." line

Base Image Vulnerability Screenshot

Binary Vulnerability

This screenshot shows a binary vulnerability; something not managed by the package manager of the operating system inside the container.

Binary Vulnerability Screenshot

User-introduced / Dockerfile Vulnerability

This screenshot shows an image introduced by a user in their Dockerfile and highlights the exact command that introduced the vulnerability, with the "Introduced in your Dockerfile by ..." line

User-introduced / Dockerfile vulnerability screenshot

docker-goof's People

Contributors

robcresswell avatar moshikod avatar orkamara avatar karniwl avatar lirantal avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.