Instalacion del ejecutable
Copy curl --compressed https://static.snyk.io/cli/latest/snyk-linux -o snyk
chmod +x snyk
mv snyk /usr/local/bin/ Cambiamos la URL por la plataforma que vamos a usar
Instalacion con hombrew (macOS)
Copy brew tap snyk/tap
brew install snyk Instalacion con Scoop (Windows)
Copy scoop bucket add snyk https: // github.com / snyk / scoop - snyk
scoop install snyk
En Linux, se necesita ademas un paquete adicional.
Copy sudo apt install xdg-utils -y
Nos registramos en snyk.io y despues de configurar nuestra cuenta, podremos hacer login
Al ejecutarlo nos genera un link para el Auth
Copy # snyk auth
Now redirecting you to our auth page, go ahead and log in,
and once the auth is complete, return to this prompt and you 'll
be ready to start using snyk.
If you can' t wait use this url:
https://app.snyk.io/login?token=XXXXXXXXXXXXXXXXXXXXXXXXXXXX&utm_medium=cli&utm_source=cli&utm_campaign=CLI_V1_PLUGIN&utm_campaign_content=1.1196.0&os=linux&docker=false
Your account has been authenticated. Snyk is now ready to be used. Entramos en la URL y pinchamos en el boton
y ahora ya podremos hacer un test a nuestra imagen
Copy snyk container test organizacion/imagen:latest Ejemplo:
Copy snyk container test azagramac/adguard:latest
Testing adguard/adguard:latest...
✗ Low severity vulnerability found in openssl/libcrypto3
Description: CVE-2023-3446
Info: https://security.snyk.io/vuln/SNYK-ALPINE318-OPENSSL-5788370
Introduced through: openssl/libcrypto3@3.1.1-r1, apk-tools/apk-tools@2.14.0-r2, busybox/ssl_client@1.36.1-r0, ca-certificates/ca-certificates@20230506-r0, openssl/libssl3@3.1.1-r1
From: openssl/libcrypto3@3.1.1-r1
From: apk-tools/apk-tools@2.14.0-r2 > openssl/libcrypto3@3.1.1-r1
From: busybox/ssl_client@1.36.1-r0 > openssl/libcrypto3@3.1.1-r1
and 5 more...
Image layer: 'apk --no-cache add ca-certificates libcap tzdata'
Fixed in: 3.1 .1-r3
✗ Medium severity vulnerability found in openssl/libcrypto3
Description: Improper Authentication
Info: https://security.snyk.io/vuln/SNYK-ALPINE318-OPENSSL-5776808
Introduced through: openssl/libcrypto3@3.1.1-r1, apk-tools/apk-tools@2.14.0-r2, busybox/ssl_client@1.36.1-r0, ca-certificates/ca-certificates@20230506-r0, openssl/libssl3@3.1.1-r1
From: openssl/libcrypto3@3.1.1-r1
From: apk-tools/apk-tools@2.14.0-r2 > openssl/libcrypto3@3.1.1-r1
From: busybox/ssl_client@1.36.1-r0 > openssl/libcrypto3@3.1.1-r1
and 5 more...
Image layer: 'apk --no-cache add ca-certificates libcap tzdata'
Fixed in: 3.1 .1-r2
Organization: adguard
Package manager: apk
Project name: docker-image | adguard/adguard
Docker image: adguard/adguard:latest
Platform: linux/arm64
Licenses: enabled
Tested 20 dependencies for known issues, found 2 issues.
Snyk wasn’t able to auto detect the base image, use ` --file ` option to get base image remediation advice.
Example: $ snyk container test adguard/adguard:latest --file=path/to/Dockerfile
To remove this message in the future, please run ` snyk config set disableSuggestions= true `
-------------------------------------------------------
Testing adguard/adguard:latest...
Organization: adguard
Package manager: gomodules
Target file: /opt/adguardhome/AdGuardHome
Project name: github.com/AdguardTeam/AdGuardHome
Docker image: adguard/adguard:latest
Licenses: enabled
✔ Tested 121 dependencies for known issues, no vulnerable paths found.
Tested 2 projects, 1 contained vulnerable paths. Pero aqui no acaba la cosa, tenemos un dashboard via web
Entramos https://app.snyk.io/ con nuestras credenciales, y aqui podemos enlazar diferentes servicios y gestionar las imagenes.
Last updated 9 months ago
