Deployment Task


See the results from the command line once the scanner-cli container performs an image scan.


Deployment Steps


Type ‘echo $?’ after the scanner-cli container finishes its process and exits


Set the Image Assurance policy on all Ubuntu-based images that have medium and/or high vulnerabilities.

When navigating to the Images page, we can see that the 'ubuntu:16.04' image has medium and high vulnerabilities, marking this a failed image:


On the Docker host where I have the daemonset, I ran:
docker run -v /var/run/docker.sock:/var/run/docker.sock registry.aquasec.com/scanner-cli:3.5.0 scan -H http://192.168.1.94:8080 -U scanner -P Memco12# --registry "Docker Hub" ubuntu:16.04


Below is a snippet from our official documentation:




As you can see, my ubuntu:16.04 image failed the Image Assurance Policy as expected: