Use docker host network for containers

If vuls or lynis are told to test the same host where
they're running (and it's only reachable via localhost) then
having the containers in the host network will provide
reachability to localhost so vuls/lynis can run their tests.

Change-Id: I70c6975676facb6de41790928a5d810a43e273d6
Signed-off-by: Igor D.C <igordcard@gmail.com>

diff --git a/bluval/blucon.py b/bluval/blucon.py
index 6913330..804bf63 100644 (file)
--- a/bluval/blucon.py
+++ b/bluval/blucon.py
@@ -74,7 +74,7 @@ def invoke_docker(bluprint, layer, tag):
     if _PULL:
         pull_docker(layer, tag)
     volume_list = get_volumes('common') + get_volumes(layer)
-    cmd = ("docker run --rm" + volume_list + _SUBNET +
+    cmd = ("docker run --rm --net=host" + volume_list + _SUBNET +
            " akraino/validation:{0}-{3}"
            " /bin/sh -c"
            " 'cd /opt/akraino/validation "