Clair Github action

Clair is an open-source container vulnerability scanner that identifies known security vulnerabilities (CVEs) in container images by analyzing their contents against continuously updated vulnerability databases.

It is widely used in cloud-native environments to ensure container images meet security standards before deployment.

🔹 Key Features of Clair

Vulnerability Detection: Identifies known CVEs in OS packages and dependencies.
Layered Image Analysis: Scans container image layers efficiently.
Multi-OS Support: Supports Alpine, Debian, Ubuntu, RHEL, and more.
Updated Vulnerability Feeds: Continuously refreshed CVE databases.
CI/CD Integration: Automated scanning within pipelines.
High Performance: Designed for scalable image scanning.

As part of Ananta Cloud’s container security stack, we provide a standardized GitHub Action for Clair to automate vulnerability scanning during CI/CD workflows.

🔹 What It Does?

Scans container images for vulnerabilities.
Produces severity-based vulnerability reports.
Blocks deployments with critical CVEs.
Integrates with Ananta Cloud’s security controls.
Ensures only secure images move to production.

🔹 Benefits of Using Ananta Cloud’s Clair Action

Early CVE Detection
Policy-Based Security Gates
Reduced Container Attack Surface
Fully Automated Scanning
Enterprise-Ready Container Security

🔹 Supported Inputs

Name	Description	Required
`image`	Full container image name with tag	✔️ Yes
`severity-threshold`	Fail pipeline on specified severity	❌ No
`report-format`	Output format (json, table)	❌ No
`registry-token`	Registry authentication token	✔️ Yes

🔹 Supported Outputs

None

🔹 Usage

- name: Scan container image with Clair
  uses: anantacloud/actions/tree/main/security/clair
  with:
    image: docker-image:tag
    severity-threshold: critical

🔹 Key Features of Clair​

🔹 What It Does?​

🔹 Benefits of Using Ananta Cloud’s Clair Action​

🔹 Supported Inputs​

🔹 Supported Outputs​

🔹 Usage​