-
Notifications
You must be signed in to change notification settings - Fork 311
/
quickstart.md
42 lines (29 loc) · 1.03 KB
/
quickstart.md
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
---
title: SecretScanner QuickStart
---
# Quick Start
Pull the latest SecretScanner image, and use it to scan a `node:latest` container.
## Pull the latest SecretScanner image
```bash
docker pull deepfenceio/deepfence_secret_scanner:latest
```
## Scan a Container Image
Pull an image to your local repository, then scan it
```bash
docker pull node:latest
docker run -it --rm --name=deepfence-secretscanner \
-v /var/run/docker.sock:/var/run/docker.sock \
deepfenceio/deepfence_secret_scanner:latest \
-image-name node:latest
docker rmi node:latest
```
## Process the results with jq
You can summarise the results by processing the JSON output, e.g. using `jq`:
```bash
docker run -it --rm --name=deepfence-secretscanner \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /tmp:/home/deepfence/output \
deepfenceio/deepfence_secret_scanner:latest \
--image-name node:latest --json-filename=node-secret-scan.json
cat /tmp/node-secret-scan.json | jq '.Secrets[] | { rule: ."Matched Rule Name", file: ."Full File Name" }'
```