Adding 'clair-scanner' cli tool as one of integration tools #442
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I have created a spin-off from 'analyze-local-images' before it got deprecated, called clair-scanner. Clair-scanner uses Clair to check for vulnerabilities and blocks when there is one. But it also has an option to whitelist vulnerabilities which allows Clair to be used in a straight trough process as part of CI/CD pipeline.
Although clair-scanner is derived from 'analyze-local-images' the code is different and is maintained.