Deployment Task

See the results from the command line once the scanner-cli container performs an image scan.

Deployment Steps

Type ‘echo $?’ after the scanner-cli container finishes its process and exits

Set the Image Assurance policy on all Ubuntu-based images that have medium and/or high vulnerabilities.

When navigating to the Images page, we can see that the 'ubuntu:16.04' image has medium and high vulnerabilities, marking this a failed image:

On the Docker host where I have the daemonset, I ran:
docker run -v /var/run/docker.sock:/var/run/docker.sock scan -H -U scanner -P Memco12# --registry "Docker Hub" ubuntu:16.04

Below is a snippet from our official documentation:

As you can see, my ubuntu:16.04 image failed the Image Assurance Policy as expected: