Skip to content

vberegov/docker-goof-master

Repository files navigation

Docker Goof

Open a terminal and open the docker-goof directory.

  1. Build the image

    docker build -t docker-goof .
  2. Test the image

    snyk test --docker docker-goof --file=Dockerfile

All-in-one to clone and run:

git clone [email protected]:snyk/docker-goof && \
cd docker-goof && \
docker build -t docker-goof . && \
snyk test --docker docker-goof --file=Dockerfile

Screenshots

All of these screenshots demonstrate the extra value provided when a Dockerfile is supplied via the CLI --file argument.

For example:

snyk test --docker docker-goof --file=Dockerfile

Base Image Remediation

This screenshot shows alternative images that may be used in the Dockerfile's FROM line to reduce vulnerabilities. Minor upgrades are the most likely to be compatible, Major are potentially breaking depending on how the image is used, and Alternative architecture images are given for more technical users to investigate.

Base Image Remediation Screenshot

Base Image Vulnerability

This screenshot shows an image with a vulnerability introduced by the base image (the FROM line in a Dockerfile) with the "Introduced by your base image ..." line

Base Image Vulnerability Screenshot

Binary Vulnerability

This screenshot shows a binary vulnerability; something not managed by the package manager of the operating system inside the container.

Binary Vulnerability Screenshot

User-introduced / Dockerfile Vulnerability

This screenshot shows an image introduced by a user in their Dockerfile and highlights the exact command that introduced the vulnerability, with the "Introduced in your Dockerfile by ..." line

User-introduced / Dockerfile vulnerability screenshot

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published