I build a docker image for my customer with my application. The customer wants a virus scan for the image. But how can I scan for virus inside an image? Can I install an antivirus software on my machine and it scans inside the image or do I need a special tool for this? Inside the image I don't want to install antivirus software because it mustn't run at the customer's server. If it is possible I want to add this step to my CI/CD pipeline in Jenkins.
Asked
Active
Viewed 1,059 times
1 Answers
1
A scan of the host operating system should suffice as it will scan all files, including docker-layers of your images. But, I am asking myself how much sense it makes to scan a docker image YOU are providing and building software for?
D3PSI
- 154
- 2
- 11
-
aren't files in host docker layers orgonized in some special ways(such as one layer is one compressed file)? i doubt you can find the files sperately in host. (i don't know how docker layers work) – Lei Yang Jul 15 '21 at 00:26
-
I can't unterstand this requirement but it is one and I need to do that for the customer. What Lei Yang said was my worry. I think I need to build a docker image that has a test virus included and check if the antivirus software will find it. – Nabero Jul 15 '21 at 05:37
-
It should not be a problem. The raw files are stored without any sort of special encoding in the docker storage area on disk. – D3PSI Jul 28 '21 at 19:13