forked from jgsqware/clairctl
-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-compose.yml
40 lines (37 loc) · 1.55 KB
/
docker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
version: '2.1'
services:
postgres:
image: postgres:9.6
restart: unless-stopped
volumes:
- ./docker-compose-data/postgres-data/:/var/lib/postgresql/data:rw
environment:
- POSTGRES_PASSWORD=ChangeMe
- POSTGRES_USER=clair
- POSTGRES_DB=clair
clair:
image: quay.io/coreos/clair:v2.0.0
restart: unless-stopped
volumes:
- ./docker-compose-data/clair-config/:/config/:ro
- ./docker-compose-data/clair-tmp/:/tmp/:rw
depends_on:
postgres:
condition: service_started
command: [--log-level=debug, --config, /config/config.yml]
clairctl:
image: ContinuousSecurityTooling/clairctl:latest
restart: unless-stopped
environment:
- DOCKER_API_VERSION=1.24
# - AWS_REGION= # put your region E.G.: us-east-1, eu-west-2
# - AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID} # (AWS credentials option 1.) Environmental variable for AWS_ACCESS_KEY_ID.
# - AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} # (AWS credentials option 1.) Environmental variable for AWS_SECRET_ACCESS_KEY.
# - AWS_SESSION_TOKEN=${AWS_SESSION_TOKEN} # (AWS credentials option 2.) session token if not using (1.) user/password or (3.) mount of .aws. Environmental variable for AWS_SESSION_TOKEN.
volumes:
- ./docker-compose-data/clairctl-reports/:/reports/:rw
- /var/run/docker.sock:/var/run/docker.sock:ro
# - ${HOME}/.aws:/root/.aws/ # (AWS credentials option 3.) mount AWS credentials from ~/.aws/ in your home folder
depends_on:
clair:
condition: service_started