Skip to content
This repository has been archived by the owner on Nov 29, 2023. It is now read-only.

v0.2.0

Compare
Choose a tag to compare
@github-actions github-actions released this 31 Jul 08:50
· 161 commits to main since this release
dd88d71

First beta

Works with at least https://github.com/snyk/snyk/releases/tag/v1.369.0

  • Added snyk free scans authentication
  • Added --auth, --version and scan commands
Usage:	docker scan [OPTIONS] IMAGE

A tool to scan your docker image

Options:
      --auth              Authenticate to the scan provider using an optional token, or web base token if empty
      --dependency-tree   Show dependency tree before scan results
      --disable           Refuse user consent
      --enable            Accept user consent
      --exclude-base      Exclude base image from vulnerabiliy scanning (needs to provide a Dockerfile using --file)
  -f, --file string       Provide the Dockerfile for better scan results
      --json              Display results with JSON format
      --version           Display version of scan plugin

⚠️ To use this plugin with free scans, one need to set this environment variable: DOCKER_SCAN_HUB_INSTANCE=staging

Example:

$ DOCKER_SCAN_HUB_INSTANCE=staging docker scan nginx
...

Also need to run the following command for snyk:

$ /Applications/Docker.app/Contents/Resources/snyk/docker/snyk-mac.sh config:set endpoint=https://dev.snyk.io/api/v1

And if you already have been logged with your snyk account:

$ /Applications/Docker.app/Contents/Resources/snyk/docker/snyk-mac.sh config:unset api

⚠️ You also need to be logged in to hub staging (as the snyk CLI points to staging JWT keys for the moment)

 $ docker login index-stage.docker.io -u USERNAME