Registry Scores — Container Security & Policy-as-Code Orchestration
Regis provides unified container analysis, custom playbooks, and highly customizable interactive reports for production-ready CI/CD.
Explore the interactive example report →
- Unified Registry Inspection — Fast, multi-arch metadata extraction from any OCI-compliant registry using
regctl. - Pluggable Analyzer Ecosystem — Orchestrates industry-standard tools like
grype,regctl,Hadolint, andDockleto gather comprehensive security insights. - Policy-as-Code Playbooks — Define compliance and security rules (e.g., "no critical vulnerabilities", "maximum image age") using flexible
jsonLogicevaluations. - Hybrid Reporting — Simultaneously generates machine-readable JSON for automation and rich, interactive HTML dashboards for human review.
- CI/CD Native — Designed to integrate seamlessly into GitHub Actions or GitLab CI pipelines with first-class support for MR/PR reporting.
- Efficient Caching — Reuse existing analysis results to speed up repeated evaluations and report regeneration.
Full documentation lives at trivoallan.github.io/regis:
- 🚀 Getting Started — install Regis and run your first analysis.
- 📚 Concepts — analyzers, playbooks, rules, and scoring.
- 🛠️ Usage Guides — analyze images, manage scanner tools, configure registries.
- 📖 CLI Reference — every command and flag.
Run Regis in CI with the regis-security-analysis GitHub Action. It is maintained in its own repository — trivoallan/regis-action (uses: trivoallan/regis-action@v1) — where you will find its inputs, outputs, and usage examples.
MIT