See the results from the command line once the scanner-cli container performs an image scan.
Type ‘echo $?’ after the scanner-cli container finishes its process and exits
Set the Image Assurance policy on all Ubuntu-based images that have medium and/or high vulnerabilities.
When navigating to the Images page, we can see that the 'ubuntu:16.04' image has medium and high vulnerabilities, marking this a failed image:
On the Docker host where I have the daemonset, I ran:
docker run -v /var/run/docker.sock:/var/run/docker.sock registry.aquasec.com/scanner-cli:3.5.0 scan -H http://192.168.1.94:8080 -U scanner -P Memco12# --registry "Docker Hub" ubuntu:16.04
Below is a snippet from our official documentation:
As you can see, my ubuntu:16.04 image failed the Image Assurance Policy as expected:
Did you find it helpful?Send feedback