rename hyperclair to clairctl

This commit is contained in:
jgsqware 2016-05-12 18:40:50 +02:00
parent b45f471ccb
commit fec01ae1ee
19 changed files with 37 additions and 107527 deletions

View File

@ -1,42 +1,21 @@
# hyperclair # clairctl
[![Build Status](https://travis-ci.org/wemanity-belgium/hyperclair.svg?branch=develop)](https://travis-ci.org/wemanity-belgium/hyperclair) [![Join the chat at https://gitter.im/wemanity-belgium/hyperclair](https://badges.gitter.im/wemanity-belgium/hyperclair.svg)](https://gitter.im/wemanity-belgium/hyperclair?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) > Tracking container vulnerabilities with Clair Control
> Tracking container vulnerabilities, that's should be *Hyperclair* Clairctl is a lightweight command-line tool doing the bridge between Registries as Docker Hub, Docker Registry or Quay.io, and the CoreOS vulnerability tracker, Clair.
Clairctl will play as reverse proxy for authentication.
Tracking vulnerabilities in your container images, it's easy with CoreOS Clair.
Integrate it inside your CI/CD pipeline is easier with Hyperclair.
Hyperclair is a lightweight command-line tool doing the bridge between Registries as Docker Hub, Docker Registry or Quay.io, and the CoreOS vulnerability tracker, Clair.
It's easily integrated in your CI/CD pipeline and Hyperclair will play as reverse proxy for authentication.
> The Registry is a stateless, highly scalable server side application that stores and lets you distribute Docker images. The Registry is open-source, under the permissive Apache license.
>
>*From https://docs.docker.com/registry/*
> Clair is a container vulnerability analysis service. It provides a list of vulnerabilities that threaten a container, and can notify users when new vulnerabilities that affect existing containers become known.
>
>*From https://github.com/coreos/clair*
hyperclair is tool to make the link between the Docker Registry and the CoreOS Clair tool.
![hyperclair](https://cloud.githubusercontent.com/assets/3304363/14174675/348bc190-f746-11e5-9edd-9e736ec38b0e.png)
# Usage # Usage
[![asciicast](https://asciinema.org/a/41461.png)](https://asciinema.org/a/41461) [![asciicast](https://asciinema.org/a/41461.png)](https://asciinema.org/a/41461)
# Notification
2. On-Demand: the CLI tool is used to pull image from Registry then push it to Clair
# Reporting # Reporting
**hyperclair** get vulnerabilities report from Clair and generate HTML report **clairctl** get vulnerabilities report from Clair and generate HTML report
hyperclair can be used for Docker Hub and self-hosted Registry clairctl can be used for Docker Hub and self-hosted Registry
# Command # Command
@ -44,23 +23,23 @@ hyperclair can be used for Docker Hub and self-hosted Registry
Analyse your docker image with Clair, directly from your registry. Analyse your docker image with Clair, directly from your registry.
Usage: Usage:
hyperclair [command] clairctl [command]
Available Commands: Available Commands:
analyse Analyse Docker image analyse Analyse Docker image
health Get Health of Hyperclair and underlying services health Get Health of clairctl and underlying services
login Log in to a Docker registry login Log in to a Docker registry
logout Log out from a Docker registry logout Log out from a Docker registry
pull Pull Docker image information pull Pull Docker image information
push Push Docker image to Clair push Push Docker image to Clair
report Generate Docker Image vulnerabilities report report Generate Docker Image vulnerabilities report
version Get Versions of Hyperclair and underlying services version Get Versions of clairctl and underlying services
Flags: Flags:
--config string config file (default is ./.hyperclair.yml) --config string config file (default is ./.hyperclair.yml)
--log-level string log level [Panic,Fatal,Error,Warn,Info,Debug] --log-level string log level [Panic,Fatal,Error,Warn,Info,Debug]
Use "hyperclair [command] --help" for more information about a command. Use "clairctl [command] --help" for more information about a command.
``` ```
# Optional Configuration # Optional Configuration

View File

@ -2,11 +2,11 @@ package clair
import ( import (
"encoding/json" "encoding/json"
"fmt"
"io/ioutil" "io/ioutil"
"log" "log"
"os" "os"
"testing" "testing"
"fmt"
) )
func TestReportAsHtml(t *testing.T) { func TestReportAsHtml(t *testing.T) {
@ -22,9 +22,9 @@ func TestReportAsHtml(t *testing.T) {
log.Fatal(err) log.Fatal(err)
} }
fmt.Println(os.TempDir()+"/hyperclair-html-report.html") fmt.Println(os.TempDir() + "/clairctl-html-report.html")
err = ioutil.WriteFile(os.TempDir()+"/hyperclair-html-report.html", []byte(html), 0700) err = ioutil.WriteFile(os.TempDir()+"/clairctl-html-report.html", []byte(html), 0700)
if err != nil { if err != nil {
log.Fatal(err) log.Fatal(err)
} }

View File

@ -6,7 +6,7 @@
<meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="viewport" content="width=device-width, initial-scale=1">
<title>Hyperclair Reports</title> <title>Clair Control Reports</title>
<style> <style>
*{ *{
font-family: "Lucida Console", Monaco, monospace; font-family: "Lucida Console", Monaco, monospace;
@ -49,7 +49,7 @@
<div class="container-fluid"> <div class="container-fluid">
<div class="page-header"> <div class="page-header">
<h1> <h1>
Hyperclair reports Clair Control reports
</h1> </h1>
<h2> <h2>
Image: {{.ImageName}} Image: {{.ImageName}}

View File

@ -1,7 +1,7 @@
<!DOCTYPE html> <!DOCTYPE html>
<html lang="en"> <html lang="en">
<head> <head>
<title>Hyperclair report : {{.ImageName}}</title> <title>Clair Control report : {{.ImageName}}</title>
<link href='https://fonts.googleapis.com/css?family=Open+Sans:400,600,600italic,400italic,300italic,300' rel='stylesheet' type='text/css'> <link href='https://fonts.googleapis.com/css?family=Open+Sans:400,600,600italic,400italic,300italic,300' rel='stylesheet' type='text/css'>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css"> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css">
@ -314,7 +314,7 @@
<body> <body>
<div class="container"> <div class="container">
<header class="app-header"> <header class="app-header">
<h1>Hyperclair report</h1> <h1>Clair Control report</h1>
</header> </header>
<div class="app-intro clearfix"> <div class="app-intro clearfix">

View File

@ -28,7 +28,7 @@ var analyseCmd = &cobra.Command{
Run: func(cmd *cobra.Command, args []string) { Run: func(cmd *cobra.Command, args []string) {
if len(args) != 1 { if len(args) != 1 {
fmt.Printf("hyperclair: \"analyse\" requires a minimum of 1 argument") fmt.Printf("clairctl: \"analyse\" requires a minimum of 1 argument")
os.Exit(1) os.Exit(1)
} }

View File

@ -20,8 +20,8 @@ type health struct {
var healthCmd = &cobra.Command{ var healthCmd = &cobra.Command{
Use: "health", Use: "health",
Short: "Get Health of Hyperclair and underlying services", Short: "Get Health of clairctl and underlying services",
Long: `Get Health of Hyperclair and underlying services`, Long: `Get Health of clairctl and underlying services`,
Run: func(cmd *cobra.Command, args []string) { Run: func(cmd *cobra.Command, args []string) {
ok := clair.IsHealthy() ok := clair.IsHealthy()
err := template.Must(template.New("health").Parse(healthTplt)).Execute(os.Stdout, ok) err := template.Must(template.New("health").Parse(healthTplt)).Execute(os.Stdout, ok)

View File

@ -10,10 +10,10 @@ import (
"golang.org/x/crypto/ssh/terminal" "golang.org/x/crypto/ssh/terminal"
"github.com/Sirupsen/logrus" "github.com/Sirupsen/logrus"
"github.com/spf13/cobra"
"github.com/coreos/clair/cmd/clairctl/config" "github.com/coreos/clair/cmd/clairctl/config"
"github.com/coreos/clair/cmd/clairctl/docker" "github.com/coreos/clair/cmd/clairctl/docker"
"github.com/coreos/clair/cmd/clairctl/xstrings" "github.com/coreos/clair/cmd/clairctl/xstrings"
"github.com/spf13/cobra"
) )
type user struct { type user struct {
@ -38,7 +38,7 @@ var loginCmd = &cobra.Command{
if err := readConfigFile(&users, config.HyperclairConfig()); err != nil { if err := readConfigFile(&users, config.HyperclairConfig()); err != nil {
fmt.Println(errInternalError) fmt.Println(errInternalError)
logrus.Fatalf("reading hyperclair file: %v", err) logrus.Fatalf("reading clairctl file: %v", err)
} }
var reg string = docker.DockerHub var reg string = docker.DockerHub

View File

@ -31,7 +31,7 @@ var logoutCmd = &cobra.Command{
if err := readConfigFile(&users, config.HyperclairConfig()); err != nil { if err := readConfigFile(&users, config.HyperclairConfig()); err != nil {
fmt.Println(errInternalError) fmt.Println(errInternalError)
logrus.Fatalf("reading hyperclair file: %v", err) logrus.Fatalf("reading clairctl file: %v", err)
} }
if _, present := users[reg]; present { if _, present := users[reg]; present {
delete(users, reg) delete(users, reg)

View File

@ -39,7 +39,7 @@ var pullCmd = &cobra.Command{
Run: func(cmd *cobra.Command, args []string) { Run: func(cmd *cobra.Command, args []string) {
//TODO how to use args with viper //TODO how to use args with viper
if len(args) != 1 { if len(args) != 1 {
fmt.Printf("hyperclair: \"pull\" requires a minimum of 1 argument\n") fmt.Printf("clairctl: \"pull\" requires a minimum of 1 argument\n")
os.Exit(1) os.Exit(1)
} }
im := args[0] im := args[0]

View File

@ -18,7 +18,7 @@ var pushCmd = &cobra.Command{
Run: func(cmd *cobra.Command, args []string) { Run: func(cmd *cobra.Command, args []string) {
if len(args) != 1 { if len(args) != 1 {
fmt.Printf("hyperclair: \"push\" requires a minimum of 1 argument\n") fmt.Printf("clairctl: \"push\" requires a minimum of 1 argument\n")
os.Exit(1) os.Exit(1)
} }
@ -71,7 +71,7 @@ func init() {
pushCmd.Flags().BoolVarP(&docker.IsLocal, "local", "l", false, "Use local images") pushCmd.Flags().BoolVarP(&docker.IsLocal, "local", "l", false, "Use local images")
} }
//StartLocalServer start the hyperclair local server needed for reverse proxy and file server //StartLocalServer start the clairctl local server needed for reverse proxy and file server
func startLocalServer() { func startLocalServer() {
sURL, err := config.LocalServerIP() sURL, err := config.LocalServerIP()
if err != nil { if err != nil {

View File

@ -6,11 +6,11 @@ import (
"strings" "strings"
"github.com/Sirupsen/logrus" "github.com/Sirupsen/logrus"
"github.com/spf13/cobra"
"github.com/spf13/viper"
"github.com/coreos/clair/cmd/clairctl/clair" "github.com/coreos/clair/cmd/clairctl/clair"
"github.com/coreos/clair/cmd/clairctl/docker" "github.com/coreos/clair/cmd/clairctl/docker"
"github.com/coreos/clair/cmd/clairctl/xstrings" "github.com/coreos/clair/cmd/clairctl/xstrings"
"github.com/spf13/cobra"
"github.com/spf13/viper"
) )
var reportCmd = &cobra.Command{ var reportCmd = &cobra.Command{
@ -19,7 +19,7 @@ var reportCmd = &cobra.Command{
Long: `Generate Docker Image vulnerabilities report as HTML or JSON`, Long: `Generate Docker Image vulnerabilities report as HTML or JSON`,
Run: func(cmd *cobra.Command, args []string) { Run: func(cmd *cobra.Command, args []string) {
if len(args) != 1 { if len(args) != 1 {
fmt.Printf("hyperclair: \"report\" requires a minimum of 1 argument") fmt.Printf("clairctl: \"report\" requires a minimum of 1 argument")
os.Exit(1) os.Exit(1)
} }

View File

@ -30,8 +30,8 @@ var logLevel string
// RootCmd represents the base command when called without any subcommands // RootCmd represents the base command when called without any subcommands
var RootCmd = &cobra.Command{ var RootCmd = &cobra.Command{
Use: "hyperclair", Use: "clairctl",
Short: "Analyse your docker image with Clair, directly from your registry.", Short: "Analyse your docker image with Clair, directly from your registry or local images.",
Long: ``, Long: ``,
// Uncomment the following line if your bare application // Uncomment the following line if your bare application
// has an action associated with it: // has an action associated with it:

View File

@ -10,7 +10,7 @@ import (
) )
const versionTplt = ` const versionTplt = `
Hyperclair version {{.}} Clairctl version {{.}}
` `
var version string var version string
@ -19,8 +19,8 @@ var templ = template.Must(template.New("versions").Parse(versionTplt))
var versionCmd = &cobra.Command{ var versionCmd = &cobra.Command{
Use: "version", Use: "version",
Short: "Get Versions of Hyperclair and underlying services", Short: "Get Versions of Clairctl and underlying services",
Long: `Get Versions of Hyperclair and underlying services`, Long: `Get Versions of Clairctl and underlying services`,
Run: func(cmd *cobra.Command, args []string) { Run: func(cmd *cobra.Command, args []string) {
err := templ.Execute(os.Stdout, version) err := templ.Execute(os.Stdout, version)

View File

@ -1,5 +0,0 @@
FROM golang:latest
WORKDIR /go/src/github.com/wemanity-belgium/hyperclair
EXPOSE 9999
RUN mkdir -p /data
ENTRYPOINT bash

View File

@ -4,12 +4,9 @@ CONTRIBUTION
# Running full dev environnement # Running full dev environnement
```bash ```bash
# Running Authentication server, Registry, Clair , Hyperclair-server and Hyperclair-DEV-BOX # Running Authentication server, Registry, Clair
docker-compose up -d docker-compose up -d
# Enter the hyperclair dev box
docker exec -ti hyperclair_dev bash
# Run Any command ex: # Run Any command ex:
go run main.go help go run main.go help
# Or # Or

View File

@ -27,14 +27,6 @@ services:
- REGISTRY_AUTH_TOKEN_ISSUER="auth_service" - REGISTRY_AUTH_TOKEN_ISSUER="auth_service"
- REGISTRY_AUTH_TOKEN_ROOTCERTBUNDLE=/ssl/server.pem - REGISTRY_AUTH_TOKEN_ROOTCERTBUNDLE=/ssl/server.pem
# Uncomment to deploy an insecure registry
# registry_insecure:
# image: registry:2.2.1
# ports:
# - 5002:5000
# container_name: "registry_insecure"
clair: clair:
image: quay.io/coreos/clair:v1.0.0-rc1 image: quay.io/coreos/clair:v1.0.0-rc1
volumes: volumes:
@ -53,37 +45,8 @@ services:
environment: environment:
- POSTGRES_PASSWORD=root - POSTGRES_PASSWORD=root
hyperclair:
build: .
volumes:
- $GOPATH:/go
- hyperclair-data:/data
ports:
- 9999:9999
tty: true
container_name: "hyperclair"
entrypoint: ["go","run","main.go","--log-level","debug","serve"]
ui:
image: jgsqware/registry-ui
ports:
- 5080:8080
environment:
- REGISTRYUI_HUB_URI=registry:5000
- REGISTRYUI_ACCOUNT_MGMT_ENABLED=true
- REGISTRYUI_ACCOUNT_MGMT_CONFIG=./config/auth_config.yml
- REGISTRYUI_HYPERCLAIR_REPORT_ENABLED=true
# hyperclair_dev:
# build: .
# volumes:
# - $GOPATH:/go
# tty: true
# container_name: "hyperclair_dev"
volumes: volumes:
clair-data: clair-data:
driver: local driver: local
hyperclair-data:
driver: local
registry-data: registry-data:
driver: local driver: local

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff