验证Docker映像

预计阅读时间：26分钟

介绍

符合Docker认证资格的内容必须符合最佳做法并通过某些基准测试。

Docker Hub允许您发布经过认证的映像以及用于日志记录，卷和网络的插件。您必须使用这些文档中说明的工具来认证自己的图像和日志记录插件inspect。当前，Docker Hub在提交时会为您认证您的卷和网络插件。

本页说明发布者如何成功测试其Docker映像。也可用：验证您的Docker日志记录插件。

需要未经认证的基础架构环境的内容无法发布为已认证。

在提交产品进行发布之前，您应该执行此自我认证测试。

验证您的Docker映像

您必须使用工具inspectDockerImage来确保您的图像符合最佳实践，从而证明您的内容可以在Docker Hub上发布。在此处下载该工具。

该inspectDockerImage工具执行以下操作：

验证Docker映像是根据Docker Official Image中的映像构建的
检查Docker映像的运行状况检查。尽管不需要运行状况检查，但建议您执行此操作。
检查Linux Docker映像是否正在运行supervisord以启动多个服务。

supervisord对于发往Docker Hub的映像，在容器中运行不是最佳实践。建议的最佳实践是将多个服务拆分为单独的Docker映像，然后在单独的容器中运行它们。
尝试从Docker映像启动容器以确保该映像正常运行。
显示容器中正在运行的进程。
检查正在运行的进程，看是否有正在运行的进程supervisord。
验证容器是否正在将日志发送到stdout/stderr。
尝试停止容器以确保可以正常停止它。

该inspectDockerImage工具将检测问题并将其输出为警告或错误。必须修正错误才能进行认证。不需要解决警告就可以进行认证，但是您应该尝试解决它们。

如果要发布和认证Docker映像的多个版本，则需要inspectDockerImage在每个Docker映像上运行该工具并将每个结果发送到Docker Hub。

如果要发布和认证多体系结构的Docker映像（例如Linux，Power，s390x，Windows），则需要inspectDockerImage在运行于每种体系结构的Docker Engine-Enterprise服务器上运行该工具，并将结果发送到Docker Hub。

inspectDockerImage接下来的部分详细介绍了如何运行该工具并将结果发送到Docker Hub。

先决条件

您的Docker Engine-Enterprise安装必须在用于验证提交的服务器上运行。如有必要，请请求获得特定Docker Enterprise Edition的权利。

Docker Engine-Enterprise（在服务器上用于验证提交）
inspectDockerImage工具

设置测试环境

分两个步骤：（1）配置凭据，和（2）配置端点（或使用默认端点）。

通过定义环境变量 或 将它们作为参数传递给来配置Docker Registry凭据inspectDockerImage。

一种。为注册表凭据定义环境变量，DOCKER_USER并DOCKER_PASSWORD：

的Linux

export DOCKER_USER="my_docker_registry_user_account"
export DOCKER_PASSWORD="my_docker_registry_user_account_password"

Windows命令提示符

set DOCKER_USER="my_docker_registry_user_account"
set DOCKER_PASSWORD="my_docker_registry_user_account_password"

Windows Powershell

$env:DOCKER_USER="my_docker_registry_user_account"
$env:DOCKER_PASSWORD="my_docker_registry_user_account_password"

b。将参数传递给inspectDockerImage（或提示输入）：

--docker-user
--docker-password

配置端点（和覆盖默认值）或者通过定义环境变量 或者 将它们作为参数来inspectDockerImage。

默认情况下，inspectDockerImage使用以下两个端点与Docker Hub注册表进行通信：
- 注册表身份验证端点：https : //auth.docker.io
- 注册表API端点：https : //registry-1.docker.io
您可能要使用私有注册表进行初始测试，并覆盖默认设置。

一种。定义环境变量，DOCKER_REGISTRY_AUTH_ENDPOINT并 DOCKER_REGISTRY_API_ENDPOINT：

Linux或MacOS
```
export DOCKER_REGISTRY_AUTH_ENDPOINT="https://my_docker_registry_authentication_endpoint"
export DOCKER_REGISTRY_API_ENDPOINT="https://my_docker_registry_api_enpoint"
```
Windows命令提示符
```
set DOCKER_REGISTRY_AUTH_ENDPOINT="https://my_docker_registry_authentication_endpoint"
set DOCKER_REGISTRY_API_ENDPOINT="https://my_docker_registry_api_enpoint"
```
Windows Powershell
```
$env:DOCKER_REGISTRY_AUTH_ENDPOINT="https://my_docker_registry_authentication_endpoint"
$env:DOCKER_REGISTRY_API_ENDPOINT="https://my_docker_registry_api_enpoint"
```
b。将您的端点作为参数传递给inspectDockerImage：
```
--docker-registry-auth-endpoint
--docker-registry-api-endpoint
```

句法

下载inspectDockerImage命令。

操作系统/架构	下载链接
Windows / X86	https://s3.amazonaws.com/store-logos-us-east-1/certification/windows/inspectDockerImage.exe
Linux / X86	https://s3.amazonaws.com/store-logos-us-east-1/certification/linux/inspectDockerImage
Linux / IBMZ	https://s3.amazonaws.com/store-logos-us-east-1/certification/zlinux/inspectDockerImage
Linux / IBMPOWER	https://s3.amazonaws.com/store-logos-us-east-1/certification/power/inspectDockerImage

设置权限inspectDockerImage以使其可执行：
```
chmod u+x inspectDockerImage
```

从您要参考的计划页面中获取产品ID，以进行认证测试。确保选中此复选框，然后首先保存计划。

产品编号

Inspects a Docker image to see if it conforms to best practices.

Syntax: inspectDockerImage [options] dockerimage

Options:
  -docker-password string
    	 Docker Password.  This overrides the DOCKER_PASSWORD environment variable.
  -docker-registry-api-endpoint string
    	 Docker Registry API Endpoint. This overrides the DOCKER_REGISTRY_API_ENDPOINT environment variable. (default "https://registry-1.docker.io")
  -docker-registry-auth-endpoint string
    	 Docker Registry Authentication Endpoint. This overrides the DOCKER_REGISTRY_AUTH_ENDPOINT environment variable. (default "https://auth.docker.io")
  -docker-user string
    	 Docker User ID.  This overrides the DOCKER_USER environment variable.
  -help
    	 Displays the command help.
  -html
    	 Generate HTML output.
  -json
    	 Generate JSON output.
  -log-tail int
    	Number of lines to show from the end of the container logs. (default 20)
  -product-id string
    	 Optional Product identifier from Docker Hub for this image. Please include it when you want the output to be sent to Docker Hub.
  -start-script string
    	 An optional custom script used to start the Docker container. The script will get passed one argument, the name of the Docker image.
  -start-wait-time int
    	 Number of seconds to wait for the Docker container to start. (default 30)
  -stop-wait-time int
    	 Number of seconds to wait for the Docker container to respond to the stop before killing it. (default 60)

dockerimage
  	The Docker image to inspect. This argument is required.

检查输出

默认情况下，将inspectDockerImage输出显示为本地stdout（默认），JSON和HTML。您还可以将输出上传到Docker Hub，建议管理员进行验证。

上传到Docker Hub（通过product-id在命令行中输入）。
传送讯息给stdout。这是默认值。
JSON发送到stdout。使用该--json选项可以覆盖和替换发送给的消息stdout。
HTML本地文件。使用该--html选项生成HTML报告。双方--json并--html可以同时指定。

inspectDockerImage终止后，由Docker映像容器创建的卷将被销毁。

检验实例

本节演示如何检查Linux和Windows映像。

使用自定义启动脚本检查Linux Docker映像
检查带有JSON输出的Linux Docker映像
检查具有HTML输出的Linux Docker映像
检查Microsoft Windows Docker映像

使用自定义启动脚本检查Linux Docker映像

该inspectDockerImage命令期望自定义脚本从正在测试的docker映像中返回容器ID（或容器名称），作为输出到的最后一行或唯一一行stdout。如果没有将容器ID或容器名称作为输出的最后一行，则检查将失败。

执行docker container run命令的简单自定义脚本可以轻松输出容器ID。但是复杂的脚本可能需要进行测试，以确保它也将容器ID或容器名称返回为输出的最后一行-例如，启动多个容器或运行一个容器的脚本docker-compose。

一些“测试/帮助程序”脚本可用于在Amazon中运行的虚拟机上测试Linux和Windows Docker映像。请参阅测试和帮助脚本

启动脚本示例

cat ./run_my_application.sh

#!/usr/bin/env bash
docker container run -d \
-p 80:8080 --name tomcat-wildbook \
--link mysql-wildbook \
$1

要检查Docker映像，请`gforghetti/tomcat-wildbook:latest`使用自定义的启动脚本，然后将结果上传到Docker Hub（`-product-id`如果只是进行测试，则忽略该参数）：

root:[~/] # ./inspectDockerImage --start-script ./run_my_application.sh -product-id=<store-product-id> gforghetti/tomcat-wildbook:latest

输出：

*******************************************************************************************************************************************************************************************************
* Docker image: gforghetti/tomcat-wildbook:latest
*******************************************************************************************************************************************************************************************************

*******************************************************************************************************************************************************************************************************
* Step #1 Loading information on the Docker official base images ...
*******************************************************************************************************************************************************************************************************
The Docker official base images data has been loaded from the docker_official_base_images.json file. Last updated on Fri Oct 27 08:35:14 2017

*******************************************************************************************************************************************************************************************************
* Step #2 Inspecting the Docker image "gforghetti/tomcat-wildbook:latest" ...
*******************************************************************************************************************************************************************************************************
Pulling the Docker image gforghetti/tomcat-wildbook:latest ...
Pulling the Docker image took 13.536641265s
Passed:  Docker image "gforghetti/tomcat-wildbook:latest" has been inspected.

*******************************************************************************************************************************************************************************************************
* Step #3 Docker image information
*******************************************************************************************************************************************************************************************************
+---------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Docker image:             | gforghetti/tomcat-wildbook:latest                                                                                                                                       |
| Size:                     | 384MB                                                                                                                                                                   |
| Layers:                   | 39                                                                                                                                                                      |
| Digest:                   | sha256:58715d538bba0782f55fa64dede776a2967c08873cd66424bb5a7156734c781e                                                                                                 |
| Base layer digest:        | sha256:06b22ddb19134ec8c42aaabd3e2e9f5b378e4e53da4a8960eaaaa86351190af3                                                                                                 |
| Official base image:      | debian:stretch@sha256:6ccbcbf362dbc4add74711cb774751b59cdfd7aed16c3c29aaecbea871952fe0                                                                                  |
| Created on:               | 2017-08-16T21:39:24                                                                                                                                                     |
| Docker version:           | 17.07.0-ce-rc2                                                                                                                                                          |
| Maintainer:               | Gary Forghetti, Docker Inc.                                                                                                                                             |
| Operating system:         | linux                                                                                                                                                                   |
| Operating system version: | Debian GNU/Linux 9 (stretch)                                                                                                                                            |
| Architecture:             | amd64                                                                                                                                                                   |
| User:                     |                                                                                                                                                                         |
| WorkingDir:               | /usr/local/tomcat                                                                                                                                                       |
| Entrypoint:               |                                                                                                                                                                         |
| Cmd:                      | /usr/local/tomcat/bin/catalina.sh run                                                                                                                                   |
| Shell:                    |                                                                                                                                                                         |
| Env:                      | PATH=/usr/local/tomcat/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin                                                                                 |
| Env:                      | LANG=C.UTF-8                                                                                                                                                            |
| Env:                      | JAVA_HOME=/docker-java-home/jre                                                                                                                                         |
| Env:                      | JAVA_VERSION=8u141                                                                                                                                                      |
| Env:                      | JAVA_DEBIAN_VERSION=8u141-b15-1~deb9u1                                                                                                                                  |
| Env:                      | CA_CERTIFICATES_JAVA_VERSION=20170531+nmu1                                                                                                                              |
| Env:                      | CATALINA_HOME=/usr/local/tomcat                                                                                                                                         |
| Env:                      | TOMCAT_NATIVE_LIBDIR=/usr/local/tomcat/native-jni-lib                                                                                                                   |
| Env:                      | LD_LIBRARY_PATH=/usr/local/tomcat/native-jni-lib                                                                                                                        |
| Env:                      | OPENSSL_VERSION=1.1.0f-3                                                                                                                                                |
| Env:                      | GPG_KEYS=05AB33110949707C93A279E3D3EFE6B686867BA6 07E48665A34DCAFAE522E5E6266191C37C037D42 47309207D818FFD8DCD3F83F1931D684307A10A5 541FBE7D8F78B25E055DDEE13C370389288 |
| Env:                      | TOMCAT_MAJOR=8                                                                                                                                                          |
| Env:                      | TOMCAT_VERSION=8.5.20                                                                                                                                                   |
| Env:                      | TOMCAT_TGZ_URL=https://www.apache.org/dyn/closer.cgi?action=download&filename=tomcat/tomcat-8/v8.5.20/bin/apache-tomcat-8.5.20.tar.gz                                   |
| Env:                      | TOMCAT_ASC_URL=https://www.apache.org/dist/tomcat/tomcat-8/v8.5.20/bin/apache-tomcat-8.5.20.tar.gz.asc                                                                  |
| Env:                      | TOMCAT_TGZ_FALLBACK_URL=https://archive.apache.org/dist/tomcat/tomcat-8/v8.5.20/bin/apache-tomcat-8.5.20.tar.gz                                                         |
| Env:                      | TOMCAT_ASC_FALLBACK_URL=https://archive.apache.org/dist/tomcat/tomcat-8/v8.5.20/bin/apache-tomcat-8.5.20.tar.gz.asc                                                     |
| ExposedPorts:             | 8080/tcp                                                                                                                                                                |
| Healthcheck:              |                                                                                                                                                                         |
| Volumes:                  |                                                                                                                                                                         |
+---------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

*******************************************************************************************************************************************************************************************************
* Step #4 Docker image layer information
*******************************************************************************************************************************************************************************************************
+----------+-------+------------------------------------------------------------------------------------------------------+------------+----------+---------------------------------------------------+
| Manifest | Layer | Command                                                                                              | Size       | Blob     | Matches                                           |
+----------+-------+------------------------------------------------------------------------------------------------------+------------+----------+---------------------------------------------------+
| 58715d53 | 1     | /bin/sh -c #(nop) ADD file:ebba725fb97cea45d0b1b35ccc8144e766fcfc9a78530465c23b0c4674b14042 in /     | 43.1 Mib   | 06b22ddb | debian:stretch@6ccbcbf3                           |
| 58715d53 | 3     | /bin/sh -c apt-get update && apt-get install -y --no-install-recommends ca-certificates curl wget && | 10.6 Mib   | 336c28b4 |                                                   |
| 58715d53 | 4     | /bin/sh -c set -ex; if ! command -v gpg > /dev/null; then apt-get update; apt-get install -y --no-in | 4.2 Mib    | 1f3e6b8d |                                                   |
| 58715d53 | 5     | /bin/sh -c apt-get update && apt-get install -y --no-install-recommends bzip2 unzip xz-utils && rm - | 614.7 Kib  | aeac5951 |                                                   |
| 58715d53 | 7     | /bin/sh -c { echo '#!/bin/sh'; echo 'set -e'; echo; echo 'dirname "$(dirname "$(readlink -f "$(which | 241 Bytes  | b01db8bd |                                                   |
| 58715d53 | 8     | /bin/sh -c ln -svT "/usr/lib/jvm/java-8-openjdk-$(dpkg --print-architecture)" /docker-java-home      | 130 Bytes  | f7f398af |                                                   |
| 58715d53 | 13    | /bin/sh -c set -ex; if [ ! -d /usr/share/man/man1 ]; then mkdir -p /usr/share/man/man1; fi; apt-get  | 52.1 Mib   | 1c5595fa |                                                   |
| 58715d53 | 14    | /bin/sh -c /var/lib/dpkg/info/ca-certificates-java.postinst configure                                | 265.6 Kib  | e1a6cc83 |                                                   |
| 58715d53 | 17    | /bin/sh -c mkdir -p "$CATALINA_HOME"                                                                 | 144 Bytes  | 9efe1c93 |                                                   |
| 58715d53 | 23    | /bin/sh -c apt-get update && apt-get install -y --no-install-recommends libapr1 openssl="$OPENSSL_VE | 220.4 Kib  | eef936b7 |                                                   |
| 58715d53 | 25    | /bin/sh -c set -ex; for key in $GPG_KEYS; do gpg --keyserver ha.pool.sks-keyservers.net --recv-keys  | 109.6 Kib  | 3c1e7106 |                                                   |
| 58715d53 | 32    | /bin/sh -c set -x && { wget -O tomcat.tar.gz "$TOMCAT_TGZ_URL" || wget -O tomcat.tar.gz "$TOMCAT_TGZ | 9.6 Mib    | e87d3364 |                                                   |
| 58715d53 | 33    | /bin/sh -c set -e && nativeLines="$(catalina.sh configtest 2>&1)" && nativeLines="$(echo "$nativeLin | 128 Bytes  | 8ecc2c09 |                                                   |
| 58715d53 | 39    | /bin/sh -c #(nop) COPY file:85450fd5b81b7fda5dbbe405f312952d9e786888200ed5fb92171458853e50f7 in /usr | 87.5 Mib   | 74329547 |                                                   |
+----------+-------+------------------------------------------------------------------------------------------------------+------------+----------+---------------------------------------------------+

*******************************************************************************************************************************************************************************************************
* Step #5 Docker image inspection results
*******************************************************************************************************************************************************************************************************
Passed:  Docker image was built from the official Docker base image "debian:stretch".
Warning: Docker image was not built using Docker Enterprise Edition!
Passed:  Docker image metadata contains a Maintainer.
Warning: Docker image does not contain a Healthcheck! Although a Healthcheck is not required, it is recommended.
Passed:  Docker image Cmd attribute is not running supervisord.
Passed:  Docker image Entrypoint attribute is not running supervisord.

*******************************************************************************************************************************************************************************************************
* Step #6 Attempting to start a container from the Docker image "gforghetti/tomcat-wildbook:latest" ...
*******************************************************************************************************************************************************************************************************
Passed:  Docker container with the container id aea5d97925c7035e0037ccc79723fd534a26cbb8be2a124e0257b3a8c3fca55f was started.

*******************************************************************************************************************************************************************************************************
* Step #7 Waiting 30 seconds to give the container time to initialize...
*******************************************************************************************************************************************************************************************************
Wait time expired, continuing.

*******************************************************************************************************************************************************************************************************
* Step #8 Checking to see if the container is still running.
*******************************************************************************************************************************************************************************************************
Passed:  Docker container with the container id aea5d97925c7035e0037ccc79723fd534a26cbb8be2a124e0257b3a8c3fca55f is running.

*******************************************************************************************************************************************************************************************************
* Step #9 Displaying the running processes in the Docker container
*******************************************************************************************************************************************************************************************************
Passed:  Docker container has 1 running process.

UID                 PID                 PPID                C                   STIME               TTY                 TIME                CMD
root                2609                2592                42                  12:59               ?                   00:00:12            /docker-java-home/jre/bin/java -Djava.util.logging.config.f

*******************************************************************************************************************************************************************************************************
* Step #10 Checking if supervisord is running in the Docker container
*******************************************************************************************************************************************************************************************************
Passed:  Docker container is not running supervisord.

*******************************************************************************************************************************************************************************************************
* Step #11 Displaying Docker container resource usage statistics
*******************************************************************************************************************************************************************************************************
Passed:  Docker container resource usage statistics were retrieved.

CPU %               MEM %               MEM USAGE / LIMIT     BLOCK I/O           NET I/O             PIDS
0.69%               5.26%               844.4MiB / 15.67GiB   1.67MB / 0B         1.17kB / 1.28kB     50

*******************************************************************************************************************************************************************************************************
* Step #12 Displaying the logs from the Docker container (last 20 lines)
*******************************************************************************************************************************************************************************************************
Passed:  Docker container logs were retrieved.

2017-10-27T12:59:57.839970103Z
2017-10-27T12:59:57.965093247Z  27-Oct-2017 12:59:57.964 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployWAR Deployment of web application archive [/usr/local/tomcat/webapps
2017-10-27T12:59:57.966178465Z  27-Oct-2017 12:59:57.965 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/usr/local/tomcat/web
2017-10-27T12:59:58.051675791Z  27-Oct-2017 12:59:58.050 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/usr/local/tomcat
2017-10-27T12:59:58.051695596Z  27-Oct-2017 12:59:58.051 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/usr/local/tomcat/web
2017-10-27T12:59:58.063373978Z  27-Oct-2017 12:59:58.063 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/usr/local/tomcat
2017-10-27T12:59:58.064087355Z  27-Oct-2017 12:59:58.063 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/usr/local/tomcat/web
2017-10-27T12:59:58.072187812Z  27-Oct-2017 12:59:58.071 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/usr/local/tomcat
2017-10-27T12:59:58.072363314Z  27-Oct-2017 12:59:58.072 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/usr/local/tomcat/web
2017-10-27T12:59:58.079126206Z  27-Oct-2017 12:59:58.078 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/usr/local/tomcat
2017-10-27T12:59:58.079791893Z  27-Oct-2017 12:59:58.079 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/usr/local/tomcat/web
2017-10-27T12:59:58.085699688Z  27-Oct-2017 12:59:58.085 INFO [localhost-startStop-1] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/usr/local/tomcat
2017-10-27T12:59:58.093847452Z  27-Oct-2017 12:59:58.093 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["http-nio-8080"]
2017-10-27T12:59:58.099472816Z  27-Oct-2017 12:59:58.099 INFO [main] org.apache.coyote.AbstractProtocol.start Starting ProtocolHandler ["ajp-nio-8009"]
2017-10-27T12:59:58.101352107Z  27-Oct-2017 12:59:58.100 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in 10249 ms
2017-10-27T13:00:02.659016400Z  WARNING: /var/spool/WildbookScheduledQueue does not exist or is not a directory; skipping
2017-10-27T13:00:02.659037921Z  ==== ScheduledQueue run [count 1]; queueDir=/var/spool/WildbookScheduledQueue; continue = true ====
2017-10-27T13:00:08.097747157Z  27-Oct-2017 13:00:08.097 INFO [localhost-startStop-2] org.apache.catalina.startup.HostConfig.deployDirectory Deploying web application directory [/usr/local/tomcat/web
2017-10-27T13:00:08.113051631Z  27-Oct-2017 13:00:08.112 INFO [localhost-startStop-2] org.apache.catalina.startup.HostConfig.deployDirectory Deployment of web application directory [/usr/local/tomcat
2017-10-27T13:00:12.672625154Z  WARNING: /var/spool/WildbookScheduledQueue does not exist or is not a directory; skipping

*******************************************************************************************************************************************************************************************************
* Step #13 Attempting to stop the Docker container normally with a timeout of 60 seconds before it is killed ...
*******************************************************************************************************************************************************************************************************
Passed:  Docker container aea5d97925c7035e0037ccc79723fd534a26cbb8be2a124e0257b3a8c3fca55f was stopped successfully.
Warning: Docker container did not exit with an exit code of 0! Exit code was 143.

*******************************************************************************************************************************************************************************************************
* Step #14 Removing the Docker container and any associated volumes.
*******************************************************************************************************************************************************************************************************
Passed:  Docker container and any associated volumes removed.

*******************************************************************************************************************************************************************************************************
* Step #15 Removing the Docker image "gforghetti/tomcat-wildbook:latest".
*******************************************************************************************************************************************************************************************************
Passed:  Docker image "gforghetti/tomcat-wildbook:latest" was removed.
Passed:  This test was performed on Docker Enterprise Edition.

*******************************************************************************************************************************************************************************************************
* Summary of the inspection for Docker image: gforghetti/tomcat-wildbook:latest
*******************************************************************************************************************************************************************************************************

Date: Mon May 21 13:29:29 2018
Operating System: Ubuntu 16.04.4 LTS
Architecture: amd64
Docker Client Version: 17.06.2-ee-11
Docker Server Version: 17.06.2-ee-11

There were 3 warnings detected!

Passed:  Docker image "gforghetti/tomcat-wildbook:latest" has been inspected.
Passed:  Docker image was built from the official Docker base image "debian:stretch".
Warning: Docker image was not built using Docker Enterprise Edition!
Passed:  Docker image metadata contains a Maintainer.
Warning: Docker image does not contain a Healthcheck! Although a Healthcheck is not required, it is recommended.
Passed:  Docker image Cmd attribute is not running supervisord.
Passed:  Docker image Entrypoint attribute is not running supervisord.
Passed:  Docker container with the container id aea5d97925c7035e0037ccc79723fd534a26cbb8be2a124e0257b3a8c3fca55f was started.
Passed:  Docker container with the container id aea5d97925c7035e0037ccc79723fd534a26cbb8be2a124e0257b3a8c3fca55f is running.
Passed:  Docker container has 1 running process.
Passed:  Docker container is not running supervisord.
Passed:  Docker container resource usage statistics were retrieved.
Passed:  Docker container logs were retrieved.
Passed:  Docker container aea5d97925c7035e0037ccc79723fd534a26cbb8be2a124e0257b3a8c3fca55f was stopped successfully.
Warning: Docker container did not exit with an exit code of 0! Exit code was 143.
Passed:  Docker container and any associated volumes removed.
Passed:  Docker image "gforghetti/tomcat-wildbook:latest" was removed.
Passed:  This test was performed on Docker Enterprise Edition.

The inspection of the Docker image gforghetti/tomcat-wildbook:latest has completed.

If -product-id is specified on command line:
**************************************************************************************************************************************************************************************************
* Step #16 Upload the test result to Docker Hub.
**************************************************************************************************************************************************************************************************
Passed:   The test results are uploaded to Docker Hub.

root:[~/] #

检查带有JSON输出的Linux Docker映像

要检查`gforghetti/apache:latest`具有JSON输出的Docker映像，请执行以下操作：

root:[~/] # ./inspectDockerImage --json gforghetti/apache:latest | jq

注意：输出已通过管道传递到jq命令以“很好地”显示它。

输出：

{
  "Date": "Mon May 21 13:23:37 2018",
  "SystemOperatingSystem": "Operating System: Ubuntu 16.04.4 LTS",
  "SystemArchitecture": "amd64",
  "SystemDockerClientVersion": "17.06.2-ee-11",
  "SystemDockerServerVersion": "17.06.2-ee-11",
  "DockerImage": {
    "Name": "gforghetti/apache:latest",
    "Size": "178MB",
    "Layers": "23",
    "Digest": "sha256:65db5d0a8b88ee3d5e5a579a70943433d36d3e6d6a974598a5eebeef9e02a346",
    "BaseLayerDigest": "sha256:85b1f47fba49da65256f07c8790542a3880e9216f9c491965040f35ce2c6ca7a",
    "OfficialBaseImage": "debian:8@sha256:3a5aa6bf675aa71e60df347b29f0a1b1634306cd8db47e1af0a16ad420d1b127",
    "CreatedOn": "2017-10-19T17:51:53",
    "DockerVersion": "17.09.0-ce",
    "Author": "",
    "Maintainer": "Gary Forghetti, Docker Inc.",
    "OperatingSystem": "linux",
    "OperatingSystemVersion": "Debian GNU/Linux 8 (jessie)",
    "Architecture": "amd64",
    "User": "",
    "WorkingDir": "/usr/local/apache2",
    "EntryPoint": "",
    "Cmd": "httpd-foreground",
    "Shell": "",
    "Env": "PATH=/usr/local/apache2/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\nHTTPD_PREFIX=/usr/local/apache2\nNGHTTP2_VERSION=1.18.1-1\nOPENSSL_VERSION=1.0.2l-1~bpo8+1\nHTTPD_VERSION=2.4.28\nHTTPD_SHA256=c1197a3a62a4ab5c584ab89b249af38cf28b4adee9c0106b62999fd29f920666\nHTTPD_PATCHES=\nAPACHE_DIST_URLS=https://www.apache.org/dyn/closer.cgi?action=download&filename= \thttps://www-us.apache.org/dist/ \thttps://www.apache.org/dist/ \thttps://archive.apache.org/dist/",
    "ExposedPorts": "80/tcp ",
    "HealthCheck": "",
    "Volumes": ""
  },
  "Errors": 0,
  "Warnings": 2,
  "HTMLReportFile": "",
  "VulnerabilitiesScanURL": "",
  "Results": [
    {
      "Status": "Passed",
      "Message": "Docker image \"gforghetti/apache:latest\" has been inspected."
    },
    {
      "Status": "Passed",
      "Message": "Docker image was built from the official Docker base image \"debian:8\"."
    },
    {
      "Status": "Warning",
      "Message": "Docker image was not built using Docker Enterprise Edition!"
    },
    {
      "Status": "Passed",
      "Message": "Docker image metadata contains a Maintainer."
    },
    {
      "Status": "Warning",
      "Message": "Docker image does not contain a Healthcheck! Although a Healthcheck is not required, it is recommended."
    },
    {
      "Status": "Passed",
      "Message": "Docker image Cmd attribute is not running supervisord."
    },
    {
      "Status": "Passed",
      "Message": "Docker image Entrypoint attribute is not running supervisord."
    },
    {
      "Status": "Passed",
      "Message": "Docker container 424de05adfa2c84890513a51d3d5bc210e4d4b41c746c9252648f38d95b8be49 was started."
    },
    {
      "Status": "Passed",
      "Message": "Docker container 424de05adfa2c84890513a51d3d5bc210e4d4b41c746c9252648f38d95b8be49 is running."
    },
    {
      "Status": "Passed",
      "Message": "Docker container has 4 running processes."
    },
    {
      "Status": "Passed",
      "Message": "Docker container is not running supervisord."
    },
    {
      "Status": "Passed",
      "Message": "Docker container resource usage statistics were retrieved."
    },
    {
      "Status": "Passed",
      "Message": "Docker container logs were retrieved."
    },
    {
      "Status": "Passed",
      "Message": "Docker container 424de05adfa2c84890513a51d3d5bc210e4d4b41c746c9252648f38d95b8be49 was stopped successfully."
    },
    {
      "Status": "Passed",
      "Message": "Docker container exited with an exit code of 0."
    },
    {
      "Status": "Passed",
      "Message": "Docker container and any associated volumes removed."
    },
    {
      "Status": "Passed",
      "Message": "Docker image \"gforghetti/apache:latest\" was removed."
    },
    {
      "Status": "Passed",
      "Message": "This test was performed on Docker Enterprise Edition."
    }
  ]
}

检查具有HTML输出的Linux Docker映像

要检查Docker图像`gforghetti/apache:latest`和HTML输出，请执行以下操作：

root:[~/] # ./inspectDockerImage --html gforghetti/apache:latest

注意：下面已故意省略了大多数stdout消息输出。

输出：

The inspection of the Docker image gforghetti/apache:latest has completed.
An HTML report has been generated in the file html/gforghetti-apache-latest_inspection_report_2017-10-27_01-03-43.html
root:[~/] #

图片1

HTML输出图像1

图片2

HTML输出图像2

图片3

HTML输出图像3

检查Microsoft Windows Docker映像

要检查Docker映像，请执行以下操作`microsoft/nanoserver:latest`：

PS D:\InspectDockerimage> .\inspectDockerImage microsoft/nanoserver:latest

输出：

*******************************************************************************************************************************************************************************************************
* Docker image: microsoft/nanoserver:latest
*******************************************************************************************************************************************************************************************************

*******************************************************************************************************************************************************************************************************
* Step #1 Loading information on the Docker official base images ...
*******************************************************************************************************************************************************************************************************
The Docker official base images data has been loaded from the docker_official_base_images.json file. Last updated on Sun May 20 16:36:20 2018.

*******************************************************************************************************************************************************************************************************
* Step #2 Inspecting the Docker image "microsoft/nanoserver:latest" ...
*******************************************************************************************************************************************************************************************************
Pulling the Docker Image microsoft/nanoserver:latest ...
Pulling the Docker Image took 13.2107625s
Passed:  Docker image "microsoft/nanoserver:latest" has been inspected.

*******************************************************************************************************************************************************************************************************
* Step #3 Docker image information
*************************************************




  Introduction
  Certify your Docker images
    
      Prerequisites
      Set up testing environment
      Syntax