Coder Social home page Coder Social logo

Comments (3)

gnmahanth avatar gnmahanth commented on June 27, 2024

Hello @juntaozeng

Thank for reporting the issue, we removed the flag to make thing uniform across all our plugins( https://github.com/deepfence/YaraHunter, https://github.com/deepfence/package-scanner and https://github.com/deepfence/SecretScanner)

The docs are updated to reflect the supported flags in the PR #107

from secretscanner.

timobrembeck avatar timobrembeck commented on June 27, 2024

How can I generate a plain json file as output? I run deepfence via docker-compose:

docker-compose.yml

version: "3.6"

services:
  deepfence:
    image: deepfenceio/deepfence_secret_scanner:latest
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./deepfence/:/home/deepfence/output
    entrypoint: /bin/sh -c "/home/deepfence/usr/SecretScanner -config-path /home/deepfence/usr -image-name=${IMAGE} -output=json > output.json"
    command: ""

And even though I don't redirect stderr to the file, I get:
output.json

Initializing....
Scanning image user/repo for secrets...
Scanning image /tmp/Deepfence/SecretScanning/userrepo/save-output.tar for secrets...
summary:
  total=0 high=0 medium=0 low=0

{
  "Timestamp": "2023-10-11T23:31:17.192741222Z",
  "Image Name": "user/repo",
  "Image ID": "f28ffd78641197871fea8fd679f2bf8a1cdafa4dc3f1ce3e700ad964aac2879a",
  "Container ID": "",
  "Secrets": null
}

which can't be parsed as json. Adding the flag -debug-level FATAL also didn't help...
What is the intended usage here?

from secretscanner.

gnmahanth avatar gnmahanth commented on June 27, 2024

hi @timobrembeck, the recommended usage is to execute docker run as shown below this outputs json to stdout which can be redirected to a file

this gets json output to stdout

docker run -i --rm --name=deepfence-secretscanner \
-v /var/run/docker.sock:/var/run/docker.sock \
deepfenceio/deepfence_secret_scanner:2.0.0 \
-image-name node:8.11 --output json

this redirects json from stdout to file node.json

docker run -i --rm --name=deepfence-secretscanner \
-v /var/run/docker.sock:/var/run/docker.sock \
deepfenceio/deepfence_secret_scanner:2.0.0 \
-image-name node:8.11 --output json > node.json

docker-compose usage is not recommended

from secretscanner.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.