master branch may be in an unstable or even broken state during development.
Please use releases instead of the
master branch in order to get stable binaries.
- In regular intervals, Clair ingests vulnerability metadata from a configured set of sources and stores it in the database.
- Clients use the Clair API to index their container images; this creates a list of features present in the image and stores them in the database.
- Clients use the Clair API to query the database for vulnerabilities of a particular image; correlating vulnerabilities and features is done for each request, avoiding the need to rescan images.
- When updates to vulnerability metadata occur, a notification can be sent to alert systems that a change has occured.
Our goal is to enable a more transparent view of the security of container-based infrastructure.
Thus, the project was named
Clair after the French term which translates to clear, bright, transparent.
- Learn the terminology and about the drivers and data sources that power Clair
- Watch presentations on the high-level goals and design of Clair
- Follow instructions to get Clair up and running
- Explore the API on SwaggerHub
- Discover third party integrations that help integrate Clair with your infrastructure
- Read the rest of the documentation on the CoreOS website or in the Documentation directory
- IRC: #clair on freenode.org
- Bugs: issues
See CONTRIBUTING for details on submitting patches and the contribution workflow.
Clair is under the Apache 2.0 license. See the LICENSE file for details.