Clair is a popular open source security tool for parsing container image contents and reporting vulnerabilities affecting the contents. This is done via static analysis and not at runtime.
|Tool type||SCA (Source Composition Analysis)|
|1||You'll need a Container image to scan|
|2||You'll need to setup a Clair connection (your own or the Uleska Cloud version)|
The Uleska Clair tool makes use of the Container Configuration applied to a Version, so make sure that's set for the Version you're looking to test.
There are two options when it comes to using the Clair security scanner:
You can tell the Uleska Platform which Clair instance to use by creating a Connection configuration.
You will need to Create a Custom Toolkit to make use of the Clair tool. On the Tools list, find Clair and click Add
Click the cog icon to open the configuration modal, and select the Connection you created previously.
Click Save on the configuration modal, and click Save again to save the Custom Toolkit