2022-10-27 16:48:12 +03:00
|
|
|
**Note:** This repository is not an officially supported Docker project.
|
|
|
|
|
2022-11-01 00:42:22 +03:00
|
|
|
# `docker index` Docker CLI tool
|
2022-10-27 08:44:35 +03:00
|
|
|
|
2022-11-01 00:42:22 +03:00
|
|
|
Docker CLI tool to create image SBOMs as well as analyze packages for known vulnerabilities
|
2022-10-27 08:44:35 +03:00
|
|
|
using the Atomist data plane.
|
|
|
|
|
|
|
|
## Installation
|
|
|
|
|
2022-10-27 23:41:00 +03:00
|
|
|
You can install manually by following these steps:
|
2022-10-27 08:44:35 +03:00
|
|
|
|
2022-10-27 23:41:00 +03:00
|
|
|
* Download the binary from the [release page](https://github.com/docker/index-cli-plugin/releases/latest)
|
2022-10-27 08:44:35 +03:00
|
|
|
* Unzip the archive
|
|
|
|
|
|
|
|
## Usage
|
|
|
|
|
2022-10-27 23:41:00 +03:00
|
|
|
### `docker-index sbom`
|
2022-10-27 08:44:35 +03:00
|
|
|
|
2022-10-27 16:48:12 +03:00
|
|
|
To create an SBOM for a local or remote image, run the following command:
|
2022-10-27 08:44:35 +03:00
|
|
|
|
|
|
|
```shell
|
2022-10-27 23:41:00 +03:00
|
|
|
$ docker-index sbom --image <IMAGE>
|
2022-10-27 08:44:35 +03:00
|
|
|
```
|
|
|
|
|
2022-10-27 16:48:12 +03:00
|
|
|
* `--image <IMAGE>` can either be a local image id or fully qualified image name from a remote registry
|
|
|
|
* `--oci-dir <DIR>` can point to a local image in OCI directory format
|
|
|
|
* `--output <OUTPUT FILE>` allows to store the generated SBOM in a local file
|
|
|
|
* `--include-cves` will include all detected CVEs in generated output
|
|
|
|
|
2022-10-27 23:41:00 +03:00
|
|
|
### `docker-index cve`
|
2022-10-27 16:48:12 +03:00
|
|
|
|
|
|
|
To detect base images for local or remote images, use the following command:
|
|
|
|
|
|
|
|
```shell
|
2022-10-27 23:41:00 +03:00
|
|
|
$ docker-index cve --image <IMAGE> CVE_ID
|
2022-10-27 16:48:12 +03:00
|
|
|
```
|
2022-10-27 08:44:35 +03:00
|
|
|
|
2022-10-27 16:48:12 +03:00
|
|
|
* `--image <IMAGE>` can either be a local image id or fully qualified image name from a remote registry
|
|
|
|
* `--oci-dir <DIR>` can point to a local image in OCI directory format
|
|
|
|
* `CVE_ID` can be any known CVE id
|