Charts: Chart request: Clair

Created on 16 Aug 2017  路  6Comments  路  Source: helm/charts

FEATURE REQUEST:

Clair is an open source project for the static analysis of vulnerabilities in application containers (currently including appc and docker).

  1. In regular intervals, Clair ingests vulnerability metadata from a configured set of sources and stores it in the database.
  2. Clients use the Clair API to index their container images; this parses a list of installed source packages and stores them in the database.
  3. Clients use the Clair API to query the database; correlating data is done in real time, rather than a cached result that needs re-scanning.
  4. When updates to vulnerability metadata occur, a webhook containing the affected images can be configured to page or block deployments.

I am already writing a Clair chart for use internally at work and would like to know if the Charts maintainers feel that the kubernetes/charts repo could benefit from having a Clair chart.

picture bbriggs
👍8

Most helpful comment

A Clair chart would be very welcome. Looking forward to it.

picture unguiculus on 16 Aug 2017
👍5

All 6 comments

A Clair chart would be very welcome. Looking forward to it.

unguiculus picture unguiculus on 16 Aug 2017
👍5

There is already a Helm chart out there https://github.com/coreos/clair/tree/3617b7a12646d9d5f68ec057ed327b2f16ffeafb/contrib/helm/clair

arno01 picture arno01 on 28 Sep 2017
👍1

Well, I got derailed on the clair chart at work (job change) buuuuuut I can take th existing one that @arno01 helpfully pointed out and adapt it for this package repo.

bbriggs picture bbriggs on 29 Sep 2017

Would not it be an unnecessary effort to maintain a Clair chart additionally here?
I think it is wiser to keep polishing it under an official tree.

Please correct me if I am wrong.

arno01 picture arno01 on 29 Sep 2017
👍1

My only motivation for it would be so that people would be able to do a helm install ... from official repos, but if that's not what folks want, then there's no point in it.

bbriggs picture bbriggs on 29 Sep 2017
👍1

Well, that would actually be a helm install ... from the official Clair repo :-)

I think this can be closed and reopened in case someone has a different opinion on that.

arno01 picture arno01 on 29 Sep 2017
Was this page helpful?
0 / 5 - 0 ratings

Related issues

jungopro picture jungopro  路  3Comments
richardalberto picture richardalberto  路  3Comments
paskal picture paskal  路  3Comments
vsliouniaev picture vsliouniaev  路  3Comments
rajkumar49 picture rajkumar49  路  3Comments