grouper/tests/clairscan.sh at 9788217fa8b8eee4d286878c16f90df173b731a4 · docker/grouper

1

#!/bin/bash

2

3

startsecs=$(date +'%s')

4

starttime=$(date +%H:%M:%S)

5

6

echo 'starting:' ${starttime}

7

8

#ensure clair-scanner

9

if [ ! -s ./clair-scanner ]; then

10

echo 'downloading curl-scanner...'

11

  curl -s -L -o ./clair-scanner https://github.com/arminc/clair-scanner/releases/download/v8/clair-scanner_linux_amd64

12

chmod 755 clair-scanner

13

else

14

echo 'using existing clair-scanner...'

15

fi

16

17

#ensure DB container

18

echo 'ensuring a fresh clair-db container...'

19

docker ps | grep clair-db &>/dev/null

20

if [ $? == "0" ]; then

21

echo 'removing existing clair-db container...'

22

docker kill db &>/dev/null

23

docker rm db &>/dev/null

24

docker run -p 5432:5432 -d --name db arminc/clair-db:latest &>/dev/null

25

else

26

docker run -p 5432:5432 -d --name db arminc/clair-db:latest &>/dev/null

27

fi

28

sleep 30

29

30

#ensure clair-scan container

31

echo 'ensuring a fresh clair-scan container...'

32

docker ps | grep clair-local-scan &>/dev/null

33

if [ $? == "0" ]; then

34

echo 'removing existing clair-scan container...'

35

docker kill clair &>/dev/null

36

docker rm clair &>/dev/null

37

  docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.5 &>/dev/null

38

else

39

  docker run -p 6060:6060 --link db:postgres -d --name clair arminc/clair-local-scan:v2.0.5 &>/dev/null

40

fi

41

sleep 30

42

43

#get ip where clair-scanner will listen

44

clairip=$(/sbin/ifconfig docker0 | grep 'inet ' | sed 's/^[[:space:]]*//g' | cut -f 2 -d ' ' | sed 's/^[[:space:]]*//g')

45

echo 'sending ip addr' ${clairip} 'to clair-scan server...'

46

47

#run scan

48

echo 'running scan...'

49

./clair-scanner --ip ${clairip} $1

50

retcode=$?

51

52

#eval results

53

if [ $retcode == '0' ]; then

54

echo 'scan found nothing.'

55

else

56

echo 'scan found issues.'

57

fi

58

59

#cleanup

60

echo 'removing temporary containers...'

61

docker kill clair &>/dev/null

62

docker rm clair &>/dev/null

63

docker kill db &>/dev/null

64

docker rm db &>/dev/null

65

66

endsecs=$(date +'%s')

67

endtime=$(date +%H:%M:%S)

68

echo 'finished:' $endtime ' ('$((endsecs - startsecs)) 'seconds)'

69

echo ""

70

71

#pass along return code from scan

72

exit $retcode