GitLab Docker Images Tracker - Backend

FastAPI backend for tracking Docker images across GitLab repositories with vulnerability scanning.

Setup

1. Install dependencies:

uv sync

2. Set environment variables:

export GITLAB_TOKEN="your_gitlab_token_here"
export GITLAB_URL="https://your-gitlab-instance.com"  # Optional, defaults to gitlab.com
export GITLAB_GROUPS="group1,group2,group3"  # Optional, comma-separated list of group IDs or paths

Group Filtering: To limit scanning to specific GitLab groups (recommended for large instances), set the GITLAB_GROUPS environment variable with a comma-separated list of group IDs or paths. For example:

• GITLAB_GROUPS=my-team,docker-projects (using group paths)
• GITLAB_GROUPS=123,456,789 (using group IDs)
• Leave empty to scan all projects (not recommended for large instances)

3. Run the application:

uv run python main.py

The API will be available at http://localhost:5000

Features

• Project discovery from GitLab
• Docker image parsing from Dockerfiles, docker-compose files, and CI configs
• Vulnerability scanning with Trivy or API fallback
• Ignore rule management
• REST API for frontend integration

API Endpoints

• GET /dashboard - Dashboard statistics
• GET /projects - List projects
• GET /images - List Docker images
• GET /vulnerabilities - List vulnerabilities
• GET /ignore-rules - List ignore rules
• POST /scan/projects - Start project discovery scan
• POST /scan/vulnerabilities - Start vulnerability scan

Configuration

The application uses SQLite for data storage. The database file gitlab_docker_tracker.db will be created automatically on first run.