JSON output feature (status badges for dockle maybe?)

[KEINOS]

I would like to have an option to get the results in JSON format.

Since there's a workaround like scraping the results, it's not a strong request but useful in many ways.

dockle --json image_name

$ # Some what like this
$ dockle --json my_image:my_tag
{
    "summary": {
        "image_id": "704f8ff68c6d",
        "image_name": "my_image",
        "image_tag": "my_tag",
        "number_warn": 1,
        "number_fatal": 0,
        "number_pass": 18,
        "number_total": 19
    },
    "details": [
        {
            "code": "CIS-DI-0001",
            "description": "Create a user for the container",
            "level": "WARN",
            "alert": [
                "Last user should not be root"
            ]
        },
        {
            "code": "CIS-DI-0002",
            "description": "Use trusted base images for containers",
            "level": "PASS",
            "alert": [
                ""
            ]
        },
        ⋮
        {
            "code": "DKL-LI-0002",
            "description": "Be unique UID\/GROUPs",
            "level": "PASS",
            "alert": [
                ""
            ]
        }
    ]
}

If I can get the results like so, it would be handy to use the results in other languages.

Sample Usage

So far, my main purpose for this is to generate a status badge of Dockle something like below.

For example, If I can generate a JSON string like below, I can use the Dynamic Badges of shields.IO.

{
  "schemaVersion": 1,
  "label": "Dockle",
  "message": "FATAL 1 WARN 2",
  "color": "red"
}

![](https://img.shields.io/endpoint.svg?url=[RAW URL JSON])

• Query format of dynamic badges

Sample Image

• JSON @ Gist
• Markdown

![](https://img.shields.io/endpoint.svg?url=https://gist.githubusercontent.com/KEINOS/69610d8f340496448eedb3d602972efa/raw/fb45e04276a037492039e2c4dcba8bb8b1fc559c/dockle-status.json)

• Results
  

Ref

• CIで簡単につかえるコンテナのセキュリティ診断｢Dockle｣ @ Qiita

[tomoyamachi]

@KEINOS
I did it!
Please run v0.1.8.

[KEINOS]

@tomoyamachi
You did it!

Wow, isn't it wonderful? 🎉

$ brew upgrade dockle
...
$ dockle --version
dockle version 0.1.8
$
$ dockle --help
NAME:
  dockle - A Simple Security Checker for Container Image, Suitable for CI
USAGE:
  dockle [options] image_name
VERSION:
  0.1.8
OPTIONS:
  --input value, -i value   input file path instead of image name
  --format value, -f value  format (json)
  --output value, -o value  output file name
  --exit-code value         Exit code when alert were found (default: 0)
  --clear-cache, -c         clear image caches
  --debug, -d               debug mode
  --cache-dir value         cache directory
  --help, -h                show help
  --version, -v             print the version
$
$ dockle --format json test_image:test_tag
{
  "summary": {
    "fatal": 0,
    "warn": 2,
    "info": 1,
    "pass": 14
  },
  "details": [
    {
      "code": "CIS-DI-0001",
      "title": "Create a user for the container",
      "level": "WARN",
      "alerts": [
        "Last user should not be root"
      ]
    },
    {
      "code": "CIS-DI-0005",
      "title": "Enable Content trust for Docker",
      "level": "INFO",
      "alerts": [
        "export DOCKER_CONTENT_TRUST=1 before docker pull/build"
      ]
    },
    {
      "code": "CIS-DI-0006",
      "title": "Add HEALTHCHECK instruction to the container image",
      "level": "WARN",
      "alerts": [
        "not found HEALTHCHECK statement"
      ]
    }
  ]
}

Closing #24