-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathdocker-compose.scanner-only.yml
More file actions
37 lines (33 loc) · 1004 Bytes
/
docker-compose.scanner-only.yml
File metadata and controls
37 lines (33 loc) · 1004 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
services:
# ---------------------------------------------------------------------------
# SimpleSecCheck Scanner (Standalone)
#
# Runs the security scanner CLI without the full platform stack.
# Useful for:
# - local scans
# - CI/CD pipelines
# - manual security analysis
#
# Example:
# docker compose run scanner
#
# Results will be written to ./results
# ---------------------------------------------------------------------------
scanner:
image: simpleseccheck/scanner:latest
volumes:
- ./results:/app/results
- .:/target:ro
environment:
# Required by scanner.core.orchestrator (standalone)
SCAN_TYPE: code
TARGET_TYPE: local_mount
COLLECT_METADATA: "true"
SCAN_PROFILE: ${SCAN_PROFILE:-standard}
SCAN_TARGET: /target
TARGET_PATH_IN_CONTAINER: /target
RESULTS_DIR_IN_CONTAINER: /app/results
NVD_API_KEY: ${NVD_API_KEY:-}
SNYK_TOKEN: ${SNYK_TOKEN:-}
stdin_open: true
tty: true