- Python 3.5
$ pyvenv testenv
$ cd testenv
$ git clone ssh://[email protected]/ostc/docker-compliance.git
$ source bin/activate
$ cd docker-compliance
$ pip install -r requirements.txt
$ ./tern -h
$ cd testenv
$ source bin/activate
$ git clone ssh://[email protected]/ostc/docker-compliance.git
$ cd docker-compliance
$ export PYTHONPATH=`pwd`
$ python tests/<test file>.py
- Knowledge base: Each layer hash should come with a list of known packages that are installed in that layer
- Allow for exceptions or additions for the command library
- In the reporting do not ignore packages that may be installed in the docker image
- Harden for testing within VMware's docker community
- For reporting purposes - parse ENV
- Keeps running docker save even if it already exists on the filesystem
- Reporting of errors in docker commands are not recorded in the report
- The container is shut down and brought up for every invoke
- Too much noise in the docker command - no need to report unless there was an error
- Logging
- Errors don't bubble up to the report. This can be a --verbose option
- Create install script
- Docker API assumes user is in docker group and hence can run docker commands without sudo
- Docker has no ability to step through docker history