index-cli-plugin/README.md

41 строка
1.3 KiB
Markdown
Исходник Обычный вид История

**Note:** This repository is not an officially supported Docker project.
2022-11-01 00:42:22 +03:00
# `docker index` Docker CLI tool
2022-11-01 00:42:22 +03:00
Docker CLI tool to create image SBOMs as well as analyze packages for known vulnerabilities
using the Atomist data plane.
## Installation
You can install manually by following these steps:
* Download the binary from the [release page](https://github.com/docker/index-cli-plugin/releases/latest)
* Unzip the archive
## Usage
### `docker-index sbom`
To create an SBOM for a local or remote image, run the following command:
```shell
$ docker-index sbom --image <IMAGE>
```
* `--image <IMAGE>` can either be a local image id or fully qualified image name from a remote registry
* `--oci-dir <DIR>` can point to a local image in OCI directory format
* `--output <OUTPUT FILE>` allows to store the generated SBOM in a local file
* `--include-cves` will include all detected CVEs in generated output
### `docker-index cve`
To detect base images for local or remote images, use the following command:
```shell
$ docker-index cve --image <IMAGE> CVE_ID
```
* `--image <IMAGE>` can either be a local image id or fully qualified image name from a remote registry
* `--oci-dir <DIR>` can point to a local image in OCI directory format
* `CVE_ID` can be any known CVE id