regis-cli
Container Security & Policy-as-Code Orchestration. Analyze container images, enforce compliance policies, and generate interactive security reports — all from a single CLI.
Get Started → · Live Example →
Features
🔌 Pluggable Analyzers
Orchestrates Trivy, Skopeo, Hadolint, Dockle and more via a unified plugin system. Run all analyzers in parallel in a single command.
📋 Policy-as-Code Playbooks
Define compliance and security rules in YAML using JSON Logic. Enforce image age, CVE thresholds, allowed registries, and more — no code required.
📊 Interactive HTML Reports
Rich, navigable dashboards with drill-down views per analyzer, generated alongside machine-readable JSON for automation.
🏗️ Multi-arch Support
Inspect any OCI-compliant registry across all architectures and platforms. Supports Docker Hub, GHCR, ECR, and private registries.
⚙️ CI/CD Native
First-class GitHub Actions and GitLab CI integration. Attach HTML reports as artifacts and annotate PRs with policy results.
⚖️ License Compliance
Detect copyleft licenses (GPL, AGPL, LGPL…) across all SBOM components. Block non-compliant images before they reach production.
Report Preview
- Dashboard
- Compliance
- Security
- Supply Chain
- Best Practices
- Insights
- Technical
