This repository has been archived by the owner on Nov 29, 2023. It is now read-only.
v0.2.0
First beta
Works with at least https://github.com/snyk/snyk/releases/tag/v1.369.0
- Added snyk free scans authentication
- Added
--auth
,--version
andscan
commands
Usage: docker scan [OPTIONS] IMAGE
A tool to scan your docker image
Options:
--auth Authenticate to the scan provider using an optional token, or web base token if empty
--dependency-tree Show dependency tree before scan results
--disable Refuse user consent
--enable Accept user consent
--exclude-base Exclude base image from vulnerabiliy scanning (needs to provide a Dockerfile using --file)
-f, --file string Provide the Dockerfile for better scan results
--json Display results with JSON format
--version Display version of scan plugin
DOCKER_SCAN_HUB_INSTANCE=staging
Example:
$ DOCKER_SCAN_HUB_INSTANCE=staging docker scan nginx
...
Also need to run the following command for snyk:
$ /Applications/Docker.app/Contents/Resources/snyk/docker/snyk-mac.sh config:set endpoint=https://dev.snyk.io/api/v1
And if you already have been logged with your snyk account:
$ /Applications/Docker.app/Contents/Resources/snyk/docker/snyk-mac.sh config:unset api
$ docker login index-stage.docker.io -u USERNAME