code for scanning images
Код:
import subprocess
import json
import getpass
def scan_docker_image(image_name):
trivy_command = f"trivy {image_name}"
result = subprocess.run(trivy_command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
if result.returncode == 0:
vulnerabilities = json.loads(result.stdout.decode('utf-8'))
print("Vulnerabilities found:")
for vuln in vulnerabilities['VULNERABILITIES']:
print(f"- {vuln['VULN_NAME']} ({vuln['PkgName']}/{vuln['InstalledVersion']}): {vuln['TITLE']}")
else:
print("Error running Trivy:", result.stderr.decode('utf-8'))