Clair Security Scanning
Quay integrates with Clair to perform vulnerability scanning of container images associated with a set of Linux operating systems.
Explore the vulnerability data (CVE’s)
Security scan
Push a vulnerable image into the repository.
podman pull quay.io/wildfly/wildfly:23.0.2.Final
podman tag quay.io/wildfly/wildfly:23.0.2.Final ${QUAY_HOSTNAME}/olleb/wildfly:23.0.2.Final
# login if we are not already logged in
podman login ${QUAY_HOSTNAME}
podman push ${QUAY_HOSTNAME}/olleb/wildfly:23.0.2.Final
-
Navigate to our
olleb/wildfly
Quay repository.
![repo](_images/clair/repo.png)
-
Click the
Security Scan
icon. We should see the Quay Security Scanner Dashboard.
![secscan icon](_images/clair/secscan-icon.png)
![security scanner dashboard](_images/clair/security-scanner-dashboard.png)
CVE detailed description:
![cve](_images/clair/cve.png)