When image-scanner is run today, we can associated the container/image being scanned with other images/containers on the system. Meaning, suppose we scan an image with the id of 'foo123bar' and we find cves, the image scanner will then also tell us what containers use 'foo123bar' and should be therefore impacted as well.
Unfortunately, with the xml_parse.py, it is being run post-scan and the correlation of that scan to other containers is not available. But, we can still make the association assuming we have a way to query docker.
write a def that returns containers based on an image and/or takes a container_id, figures out its image id, and then returns a list of containers based on that image id.
add the results of ^^ into the tuple in _get_cve_def_info.
When image-scanner is run today, we can associated the container/image being scanned with other images/containers on the system. Meaning, suppose we scan an image with the id of 'foo123bar' and we find cves, the image scanner will then also tell us what containers use 'foo123bar' and should be therefore impacted as well.
Unfortunately, with the xml_parse.py, it is being run post-scan and the correlation of that scan to other containers is not available. But, we can still make the association assuming we have a way to query docker.
With https://github.com/baude/image-scanner/pull/27, you should now be able to pull in the docker-state.json file and create that correlation.
In xml_parse, you will need to: