You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We are running clair scanner to run security scan on our docker images.
The clair scanner runs inside a travis build and in our case both clair scanner and clair runs on same machine that is launched by travis.
However , we see following issue intermittently in some of the travis build run:-
8.98s$ clair-scanner -w tests/cve-scan-whitelist.yaml -c "http://127.0.0.1:6060" --threshold="High" --ip "$(ip -4 addr show docker0 | grep -oP '(?<=inet\s)\d+(.\d+){3}')" $IMAGE_NAME:latest
2021/06/09 01:28:57 [INFO] ▶ Start clair-scanner
2021/06/09 01:29:06 [INFO] ▶ Server listening on port 9279
2021/06/09 01:29:06 [INFO] ▶ Analyzing cbb111c748af833f9ef620afd2320b662c7a04b0e3cf08caf4e4f25af031892b
2021/06/09 01:29:06 [CRIT] ▶ Could not analyze layer: POST to Clair failed Post http://127.0.0.1:6060/v1/layers: dial tcp 127.0.0.1:6060: getsockopt: connection refused
The command "clair-scanner -w tests/cve-scan-whitelist.yaml -c "http://127.0.0.1:6060" --threshold="High" --ip "$(ip -4 addr show docker0 | grep -oP '(?<=inet\s)\d+(.\d+){3}')" $IMAGE_NAME:latest" exited with 1.
This issue is very intermittent and sometimes build will pass without any issues. Is there any issue with --ip I am giving.
I tried passing --ip "$(hostname -i)" , but still gets same issue.
Below are complete set of commands we have defined in .travis.yml
Many thanks for who built clair-scanner. I have finally installed it on my AWS Linux EC2 server 10gb. This is for my Securecode assessment. I have found the arminc/clair-local-scan is gone from "sudo docker container ls" after maybe around 5 minutes. So its current container id needs to be removed and run again -
docker run -p 6060:6060 --link clair-db:postgres -d --name clair arminc/clair-local-scan.
Then run "./clair-scanner ....... ". I don't know why it is gone after 5 minutes .
We are running clair scanner to run security scan on our docker images.
The clair scanner runs inside a travis build and in our case both clair scanner and clair runs on same machine that is launched by travis.
However , we see following issue intermittently in some of the travis build run:-
8.98s$ clair-scanner -w tests/cve-scan-whitelist.yaml -c "http://127.0.0.1:6060" --threshold="High" --ip "$(ip -4 addr show docker0 | grep -oP '(?<=inet\s)\d+(.\d+){3}')" $IMAGE_NAME:latest
2021/06/09 01:28:57 [INFO] ▶ Start clair-scanner
2021/06/09 01:29:06 [INFO] ▶ Server listening on port 9279
2021/06/09 01:29:06 [INFO] ▶ Analyzing cbb111c748af833f9ef620afd2320b662c7a04b0e3cf08caf4e4f25af031892b
2021/06/09 01:29:06 [CRIT] ▶ Could not analyze layer: POST to Clair failed Post http://127.0.0.1:6060/v1/layers: dial tcp 127.0.0.1:6060: getsockopt: connection refused
The command "clair-scanner -w tests/cve-scan-whitelist.yaml -c "http://127.0.0.1:6060" --threshold="High" --ip "$(ip -4 addr show docker0 | grep -oP '(?<=inet\s)\d+(.\d+){3}')" $IMAGE_NAME:latest" exited with 1.
This issue is very intermittent and sometimes build will pass without any issues. Is there any issue with --ip I am giving.
I tried passing --ip "$(hostname -i)" , but still gets same issue.
Below are complete set of commands we have defined in .travis.yml
grep -oP '(?<=inet\s)\d+(.\d+){3}')" $IMAGE_NAME:latest
The text was updated successfully, but these errors were encountered: