FlexDeploy - DockerBench Plugin Guide

The DockerBench plugin provides an extension to the docker-bench-security.sh. Anything that can be done in the shell script can be done through the plugin. Contrary to plugins like Anchore, docker-bench-security scans your entire Docker Installation for vulnerabilities or best practice violations.

Requires the Internet to be available. It uses wget to download the latest version of docker-bench from Github.

Supported Versions

  • Docker version 18.06+ (Older versions of Docker may work but have not been tested)

  • Windows is NOT supported

Key Features

  • Automatically downloads the docker-bench-security.sh. No configuration/setup is needed in your environment or FlexDeploy.

  • Provides useful outputs for evaluating the results of the scan in FlexDeploy

Outputs

All operations in this plugin supply the same set of outputs which can be seen below:

Output Name

Description

Output Name

Description

FDDKBENCH_OUT_CHECKS

The number of checks run by the scan. This can vary depending on the number of images/containers in your docker install.

FDDKBENCH_OUT_SCORE

The overall score of the scan.

Plugin Operations

The following macros are not currently supported in the footer:
  • style