Switch branches/tags
Nothing to show
Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
..
Failed to load latest commit information.
README.md

README.md

Integration: Docker


Build Scans

Add this RUN command to your Dockerfile to scan for vulnerabilities during the build process. Optionally, blocks on the presence of vulnerabilities.


Dependencies

Docker build scans currently depend on curl, bash, and a package manager. We are working to reduce these dependencies. The first example presumes the dependencies are in your container and certificates are available to curl. The minimal image example will install dependencies and uninstall them immediately after the scan.


Credentials

  1. Sign up for a free account at app.federacy.com
  2. Click Add Host
  3. Replace $USERNAME and $TOKEN in the examples below

Build Scan (non-blocking)

Example: curl and package manager installed

Dockerfile

RUN curl https://app.federacy.com/assets/federacy.sh | FEDERACY_USER=root FEDERACY_API_USERNAME=$USERNAME FEDERACY_API_TOKEN=$TOKEN bash -s docker_check \

Example: minimal image

Dockerfile

RUN apt-get update \
        && apt-get install --no-install-recommends --no-install-suggests -y curl aptitude ca-certificates \
        && curl https://app.federacy.com/assets/federacy.sh | FEDERACY_USER=root FEDERACY_API_USERNAME=$USERNAME FEDERACY_API_TOKEN=$TOKEN bash -s docker_check \
        && SUDO_FORCE_REMOVE=yes apt-get remove -y curl aptitude ca-certificates \
        && rm -rf /var/lib/apt/lists/*

Build Scan (blocking)

Example: curl and package manager installed

Dockerfile

RUN curl https://app.federacy.com/assets/federacy.sh | FEDERACY_USER=root FEDERACY_API_USERNAME=$USERNAME FEDERACY_API_TOKEN=$TOKEN bash -s docker_block \

Example: minimal image

Dockerfile

RUN apt-get update \
        && apt-get install --no-install-recommends --no-install-suggests -y curl aptitude ca-certificates \
        && curl https://app.federacy.com/assets/federacy.sh | FEDERACY_USER=root FEDERACY_API_USERNAME=$USERNAME FEDERACY_API_TOKEN=$TOKEN bash -s docker_block \
        && SUDO_FORCE_REMOVE=yes apt-get remove -y curl aptitude ca-certificates \
        && rm -rf /var/lib/apt/lists/*