dockle v0.4.13 releases: Container Image Linter for Security
dockle
Dockle – Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
dockle helps you:
- Build Best Practice Docker images
- Build secure Docker images
- Checkpoints includes CIS Benchmarks
$ brew untap goodwithtech/dockle # who use 0.1.16 or older version
$ brew install goodwithtech/r/dockle
$ dockle [YOUR_IMAGE_NAME]
Checkpoints Comparison
Features
- Detect container’s vulnerabilities
- Helping build best-practice Dockerfile
- Simple usage
- Specify only the image name
- See Quick Start and Common Examples
- CIS Benchmarks Support
- High accuracy
- DevSecOps
- Suitable for CI such as Travis CI, CircleCI, Jenkins, etc.
- See CI Example
Comparison
| Dockle | Hadolint | Docker Bench for Security | Clair | |
|---|---|---|---|---|
| Target | Image | Dockerfile | Host Docker Daemon Image Container Runtime |
Image |
| How to run | Binary | Binary | ShellScript | Binary |
| Dependency | No | No | Some dependencies | No |
| CI Suitable | ✓ | ✓ | x | x |
| Purpose | Security Audit Dockerfile Lint |
Dockerfile Lint | Security Audit Dockerfile Lint |
Scan Vulnerabilities |
Changelog v0.4.13
- a63473b update goreleaser format (#232)
- update deckoder for package updates (#231)
- check password format in Password assessor (#230)
- allow first add statement in config files (#229)
Install & Use
Copyright (C) 2020 goodwithtech
