Skip to content

Instantly share code, notes, and snippets.

@MVrachev

MVrachev/start-clairt.md

Last active August 24, 2022 08:49
Show Gist options
  • Save MVrachev/d1fcc21fcfe84280df36262d00a69ce9 to your computer and use it in GitHub Desktop.
Save MVrachev/d1fcc21fcfe84280df36262d00a69ce9 to your computer and use it in GitHub Desktop.
Download ZIP
Start Clair locally on Mac OS
Raw
start-clairt.md

This is a tutorial about how to startup Clair locally using a newer version of Clair.

Decide do you want to use the latest version of Clair

I am using Mac OS Mojave with Clair version 2.0.9.

There are multiple command line tools which you can use to start Clair. I used clair-scanner. To start Clair using clair-scanner you have to:

  1. Clone, build clair-scanner and move the binary to $GOPATH/bin folder.
  2. Run the latest version of the arminc/clair-db nightly image run it with the command
docker run -p 5432:5432 -d --name db arminc/clair-db

The arminc/clair-db is built nightly by this Tarvis CI job using the .travis.yml inside of clair-local-scan.

  1. Then you have two options:

a) use the command provided in the README of clair-scanner to run the arminc/clair-local-scan prebuild image. The problem with that method is that this image uses an older version of Clair.

b) build your own version of the arminc/clair-local-scan container with a newer version of Clair.

Steps to build and run your custom image with a newer or the latest version of Clair

The arminc/clair-local-scan image is built with this Dockerfile inside of clair-local-scan.

  1. If you want to build the arminc/clair-local-scan image for a newer version of Clair just copy the config and Dockerfile from here. If you want to build your image with a specific version of Clair change the VERSION attribute value otherwise you will use the latest version available. Use the command:
docker build -t <NAME_OF_YOUR_CLAIR_IMAGE> .
  1. Then run
docker run -p 6060:6060 --link db:postgres -d --name clair <NAME_OF_YOUR_CLAIR_IMAGE>

  1. To run clair-scanner you have to find your local ip: https://www.wikihow.com/Find-Your-IP-Address-on-a-Mac

  2. Before running clair-scanner make sure that you have pulled the image with

docker pull <IMAGE_FOR_SCAN>

command.

  1. Finally, you can start clair-scanner with the command
clair-scanner --ip <YOUR_LOCAL_IP> <IMAGE_FOR_SCAN>

PS: If you have errors like Error response from daemon: Conflict. The container name "/clair" is already in use by container <CONTAINER_HASH> then you will have to remove the container with the

docker rm <CONTAINER_HASH>

command.

If you still have problems there is a Troubleshooting section of the README.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment