Please have a look at my project.
I think many developers may want to use this tool to scan their image.
Operation teams may use it to decide if an image is secure _enough_ to be deployed etc.
It is much easier to use than the alternatives and gives you much better output.
Since SUSE/Portus#1289 got merged, Portus now integrates security
scanners in order to fetch vulnerabilities for the images stored in the
on-premise Docker registry. CoreOS Clair is a supported backend, so you
can now use Clair for this. This is all explained in the documentation:
http://port.us.org/features/6_security_scanning.html
Signed-off-by: Miquel Sabaté Solà <msabate@suse.com>
This change deprecates the old LayersIntroducingVulnerability for a new
one that orders output and contains an Index. This index is not
guaranteed to be consistent across multiple notifications, despite the
current Postgres implementation using the primary key of Layer table.