@ -10,6 +10,8 @@ This document tracks projects that integrate with Clair. [Join the community](ht
[Yair](https://github.com/yfoelling/yair): a lightweight command-line for working with clair with many different outputs. Mainly designed for usage in a CI Job.
[Paclair](https://github.com/yebinama/paclair): a Python3 CLI tool to interact with Clair (easily configurable to access private registries).
[Clairctl](https://github.com/jgsqware/clairctl): a lightweight command-line tool for working locally with Clair and generate HTML report.
[Clair-SQS](https://github.com/zalando-incubator/clair-sqs): a container containing Clair and additional processes that integrate Clair with [Amazon SQS][sqs].
@ -44,7 +44,7 @@ A [PostgreSQL 9.4+] database instance is required for all instructions.
#### Kubernetes (Helm)
If you don't have a local Kubernetes cluster already, check out [minikube].
This assumes you've already ran `helm init` and you have access to a currently running instance of Tiller.
This assumes you've already ran `helm init`, you have access to a currently running instance of Tiller and that you are running the latest version of helm.
"description":"The list of features present in the ancestry.\nThis will only be provided if requested."
},
"layers":{
"type":"array",
"items":{
"$ref":"#/definitions/clairpbLayer"
}
"$ref":"#/definitions/clairLayer"
},
"description":"The layers present in the ancestry."
},
"scanned_listers":{
"type":"array",
"items":{
"type":"string"
},
"description":"scanned_listers and scanned_detectors are used to scan this ancestry, it\nmay be different from listers and detectors in ClairStatus since the\nancestry could be scanned by previous version of Clair."
"description":"The configured list of feature listers used to scan this ancestry."
},
"scanned_detectors":{
"type":"array",
"items":{
"type":"string"
}
},
"description":"The configured list of namespace detectors used to scan an ancestry."
}
}
},
"GetNotificationResponseNotification":{
"type":"object",
"properties":{
"name":{
"type":"string",
"description":"The name of the requested notification."
},
"created":{
"type":"string",
"description":"The time at which the notification was created."
},
"notified":{
"type":"string",
"description":"The time at which the notification was last sent out."
},
"deleted":{
"type":"string",
"description":"The time at which a notification has been deleted."
"description":"The newly updated vulnerability and a paginated view of the ancestries it affects."
}
}
},
"PagedVulnerableAncestriesIndexedAncestryName":{
"type":"object",
"properties":{
"index":{
"type":"integer",
"format":"int32",
"description":"The index is an ever increasing number associated with the particular ancestry.\nThis is useful if you're processing notifications, and need to keep track of the progress of paginating the results."
},
"name":{
"type":"string",
"description":"The name of the ancestry."
}
}
},
"PostAncestryRequestPostLayer":{
"type":"object",
"properties":{
"hash":{
"type":"string",
"description":"The hash of the layer."
},
"path":{
"type":"string",
"description":"The location of the layer (URL or filepath)."
},
"headers":{
"type":"object",
"additionalProperties":{
"type":"string"
},
"description":"Any HTTP Headers that need to be used if requesting a layer over HTTP(S)."
}
}
},
"clairpbClairStatus":{
"clairClairStatus":{
"type":"object",
"properties":{
"listers":{
@ -205,194 +263,181 @@
"items":{
"type":"string"
},
"title":"listers and detectors are processors implemented in this Clair and used to\nscan ancestries"
"description":"The configured list of feature listers used to scan an ancestry."
},
"detectors":{
"type":"array",
"items":{
"type":"string"
}
},
"description":"The configured list of namespace detectors used to scan an ancestry."
},
"last_update_time":{
"type":"string",
"format":"date-time"
"format":"date-time",
"description":"The time at which the updater last ran."
}
}
},
"clairpbFeature":{
"clairFeature":{
"type":"object",
"properties":{
"name":{
"type":"string"
"type":"string",
"description":"The name of the feature."
},
"namespace_name":{
"type":"string"
"type":"string",
"description":"The name of the namespace in which the feature is detected."
},
"version":{
"type":"string"
"type":"string",
"description":"The specific version of this feature."
},
"version_format":{
"type":"string"
"type":"string",
"description":"The format used to parse version numbers for the feature."
},
"vulnerabilities":{
"type":"array",
"items":{
"$ref":"#/definitions/clairpbVulnerability"
}
"$ref":"#/definitions/clairVulnerability"
},
"description":"The list of vulnerabilities that affect the feature."
"description":"index is unique to name in all streams simultaneously streamed, increasing\nand larger than all indexes in previous page in same stream."
"description":"The layers to be scanned for this particular ancestry."
}
}
},
"clairpbPostAncestryResponse":{
"clairPostAncestryResponse":{
"type":"object",
"properties":{
"status":{
"$ref":"#/definitions/clairpbClairStatus"
"$ref":"#/definitions/clairClairStatus",
"description":"The status of Clair at the time of the request."
}
}
},
"clairpbVulnerability":{
"clairVulnerability":{
"type":"object",
"properties":{
"name":{
"type":"string"
"type":"string",
"description":"The name of the vulnerability."
},
"namespace_name":{
"type":"string"
"type":"string",
"description":"The name of the namespace in which the vulnerability was detected."
},
"description":{
"type":"string"
"type":"string",
"description":"A description of the vulnerability according to the source for the namespace."
},
"link":{
"type":"string"
"type":"string",
"description":"A link to the vulnerability according to the source for the namespace."
},
"severity":{
"type":"string"
"type":"string",
"description":"How dangerous the vulnerability is."
},
"metadata":{
"type":"string"
"type":"string",
"description":"Namespace agnostic metadata about the vulnerability."
},
"fixed_by":{
"type":"string",
"description":"fixed_by exists when vulnerability is under feature."
"description":"The feature that fixes this vulnerability.\nThis field only exists when a vulnerability is a part of a Feature."
},
"affected_versions":{
"type":"array",
"items":{
"$ref":"#/definitions/clairpbFeature"
"$ref":"#/definitions/clairFeature"
},
"description":"affected_versions exists when vulnerability is under notification."
"description":"The Features that are affected by the vulnerability.\nThis field only exists when a vulnerability is a part of a Notification."
}
}
},
"protobufEmpty":{
"type":"object",
"description":"service Foo {\n rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty);\n }\n\nThe JSON representation for `Empty` is empty JSON object `{}`.",
"title":"A generic empty message that you can re-use to avoid defining duplicated\nempty messages in your APIs. A typical example is to use it as the request\nor the response type of an API method. For instance:"