Container Security : Snyk

By -

 Hello DevSecOps experts, In this post we will discuss about how we can ensue container security scan. 

Snyk  is one of the container scan tool option, we can sign up with GitHub or google account. Snyk will operates in three different ways:

  1. Snyk Web UI
  2. Snyk CLI
  3. Snyk Broker

Heer we will experiment with Snyk CLI we can download from GitHub, as per your platform you can choose it. I'm going to work Preferrable option is to install the latest stable version of NodeJS, verify the version of Snyk/cli

 
curl -fsSL https://deb.nodesource.com/setup_24.x | sudo -E bash -
apt install -y nodejs # Install NodeJS as per current stable version available
node -v # Validate nodeJS installed
npm -v	# Validate npm installated 
npm install -g snyk # installing snyk
snyk --version # Validate snyk installed
When you run the above set of commands you will see the following output:
snyk installation using npm package manager

Ignore the npm warn lines which are expected as per the version incompatibilities.

Now, we need to have a snyk registered login, which can be used in the command-line by using `snyk auth`. 

 
Snyk authentication
The snyk auth command execution outcome

Prerequisites for snyk installation

Docker engine you be installed already as per your operating system

To have a docker image that can have vulnerabilities 

docker pull python:3.4-alpine

Snyk : How it works?

For container security scan 

 
snyk container test python:3.4-apline


What we can observer from the scan report?

Decide based on the report suggestion

How would you like your experience with the container security scan article so far? As me any questions related to container scanning.

Comments

Post a Comment

Popular posts from this blog

Ansible Jinja2 Templates: A Complete Guide with Examples

By -
Image
Here I'm starting this post with famous ARISTOTLE quote. "We are what we repeatedly do. Excellence, then is not an act, but a Habit" Welcome back Ansible Automations and who are habituated as Ansible automation specialists this post for them to give boosted walk through, In this post, I would like to share my experiments with Jinja2 templates usage on the Ansible playbook. Of-course Jinja is from Japan it is world famous for templatization capabilities badvanced Ansible templating techniquesy integrating with multiple languages such as Python, Ruby, Salt talk etc. In this post we will be cover the following topics: What is Jinja2 template do in Ansible? Template with filters Template with Lists and sets Template module in Ansible Template with Flow Control Template using Looping Template inheritance** What is Jinja2 template do in Ansible? Jinja2 is another Python library created for Flask web framework, that comes part of Ansible installation. It is special ability as i...
Read more

Ansible 11 The uri module with examples

By -
Image
 Hey DevSecOps Automation specialist, Welcome back to the DevOps Hunter blog. In this post, I made it for learning more about all possible parameters that we can use when an application validation is done with the Ansible 'uri' module.  Why uri module? Web Application returns status HTTPCode 200 for success, 404 for failures, and also for 503 for Server internal issues. When you work on the restart of a web application we need to know the status of the application to proceed with the next move. So this uri module is most important for reboot and restart of web applications using ansible. The uri module parameters Supported parameters include: attributes, backup, body, body_format, client_cert, client_key, content, creates, delimiter, dest, directory_mode, follow, follow_redirects, force, force_basic_auth, group, headers, http_agent, method, mode, owner, regexp, remote_src, removes, return_content, selevel, serole, setype, seuser, src, status_code, timeout,...
Read more

Jenkins Active choices parameter - Dynamic input

By -
Image
Hello DevOps team!! Today I've revisited the experiment with the Jenkins ACTIVE CHOICE Parameter  to get the Dynamic parameters effect on the Build Job parameters. Installation Active Choice parameter - Groovy Script Prerequisite: Jenkins installed Up and running on your target master machine. Jenkins URL accessible   Step 1: Install Active Choice plugin On the Jenkins Dashboard, select the Manage Jenkins, Plugin- Manager, In the Available tab search for word 'Active', where you can see Active Choice plugin and choose installation option, and this will enables three different parameters in the "Add Paramters" list. They are : 1. Active choice parameter 2. Active Choice Reactive parameter 3. Active choice Reactive Reference parameter Here In my example I will use two of them, Firstly Active Choice Parameter for "environment". Create new item Name: active_project select a freestyle project click OK button. In the General tab, select the checkbo...
Read more