I just started learning docker. To teach myself, I managed to containerize bandit (a python code scanner) but I’m not able to see the output of the scan before the container destroys itself. How can I copy the output file from inside the container to the host, or otherwise save it?
Right now i’m just using bandit to scan itself basically 🙂
Dockerfile
FROM python:3-alpine
WORKDIR /
RUN pip install bandit
RUN apk update && apk upgrade
RUN apk add git
RUN git clone https://github.com/PyCQA/bandit.git ./code-to-scan
CMD [ "python -m bandit -r ./code-to-scan -o bandit.txt" ]
2
Answers
You can mount a volume on you host where you can share the output of bandit.
For example, you can run your container with:
And you in your dockerfile:
This way the
bandit.txtfile will be found in theoutputfolder.Better place the code in your image not in the root directory.
I did some adjustments to your Dockerfile.
This clones git in your WORKDIR.
Note the CMD, it is an array, so just devide all commands and args as in the Dockerfile about.
I put the the Dockerfile in my D:test directory (Windows).
docker build -t test .
docker run -v D:/test/:/usr/myapp testIt will generate you bandit.txt in the test folder.
After the code is execute the container exits, as there are nothing else to do.
you can also put –rm to remove the container once it finishs.