Skip to content
This repository was archived by the owner on Sep 16, 2022. It is now read-only.
This repository was archived by the owner on Sep 16, 2022. It is now read-only.

Add audit of Docker containers #259

Open
Open
Add audit of Docker containers#259
Labels
enhancementNew feature or requeststory-points-unknownUnknown Story Points
@vpetersson

Description

@vpetersson
vpetersson
opened on Jan 21, 2020

Because we run on the host, we would be able to gather security information about the various containers running on a given host.

Thanks to docker-py, this is relatively straight forward.

Here's an example of some of the data we can obtain easily:

import docker
client = docker.from_env()

client.containers.list()
[<Container '45e6d2de7c54'>, <Container 'db18e4f20eaa'>, ...]

container = client.containers.get('45e6d2de7c54')

container.attrs['HostConfig']['CapAdd']
container.attrs['HostConfig']['Privileged']
container.attrs['HostConfig']['Cgroup']
container.attrs['HostConfig']['PublishAllPorts']
container.attrs['HostConfig']['PortBindings']

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requeststory-points-unknownUnknown Story Points

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions