Class: Examine::CLI::Clair

Inherits:

Thor

• Object
• Thor
• Examine::CLI::Clair

Defined in:

lib/examine/cli/clair.rb

Constant Summary

DOWNLOAD_PATH =

'https://github.com/arminc/clair-scanner/releases/download/v12/'

Instance Method Summary

• #scan(image) ⇒ Object
• #start ⇒ Object
• #status ⇒ Object
• #stop ⇒ Object

Instance Method Details

#scan(image) ⇒ Object

# File 'lib/examine/cli/clair.rb', line 24

def scan(image)
  start unless started?

  ip = options[:ip] || Socket.ip_address_list[1].ip_address
  system "docker pull #{image}"
  command = [
    clair_exe,
    "-c #{options[:clair_url]}",
    "--ip #{ip}",
    "-r #{options[:report]}",
    "-l #{options[:log]}",
    image,
  ]
  command.insert(-2, "-w #{options[:whitelist]}") if options[:whitelist]
  system command.join(' ')
end

#start ⇒ Object

# File 'lib/examine/cli/clair.rb', line 8

def start
  ensure_docker_installed!
  spawn 'docker run -d --name clair-db arminc/clair-db:latest'
  wait_until('docker ps --filter="name=clair-db" --filter="status=running" --filter="expose=5432/tcp" | grep -v CONT')

  spawn 'docker run --restart=unless-stopped -p 6060:6060 --link clair-db:postgres -d --name clair arminc/clair-local-scan:latest'
  wait_until('docker ps --filter="name=clair" --filter="status=running" --filter="expose=6060/tcp" | grep -v CONT')
  wait_until("curl -s #{options[:clair_url]}/v1/namespaces > /dev/null")
end

#status ⇒ Object

# File 'lib/examine/cli/clair.rb', line 42

def status
  system "docker ps -a | grep clair"
end

#stop ⇒ Object

# File 'lib/examine/cli/clair.rb', line 47

def stop
  system "docker stop $(docker ps | grep -v CONT | grep clair- | awk '{ print $1 }')"
  system "docker system prune -f"
end