Closed clabu closed 5 years ago
hashmap
commented
5 years ago @clabu No, at the time when Klar was created an official local scanner existed https://github.com/coreos/analyze-local-images - it's still exists but not supported anymore. So it was out of the scope for Klar.
clabu
commented
5 years ago @hashmap Thanks for the reply. Makes sense. Do you know a local scanner that you can recommend? Judging by the stats here on GitHub, Klar appears to be actively developed and has relatively many contributors. The other Clair clients I've seen do not seem to be.
clabu
commented
5 years ago @hashmap Pardon my ignorance, but is it by design that Clair needs the images it scans to be a registry? This would mean that tools that support "local" scanning have to run a local registry service somehow for Clair to pull from.
hashmap
commented
5 years ago @clabu I can't comment on behalf of the Clair team, but it seems to be more enterprise focused, Coreos developed an integrated solution registry+clair. We developed Klar with a particular use case in mind (CI integration), so I never had a need to scan local images, can't suggest a tool.
I want to be able to scan a local image I just built before pushing it to a registry. I want to make sure that only scanned images are pushed. Is this possible with klar?