Summary:


In some situations, during creation of your custom script or the design of the CI/CD pipeline it might be necessary the use of a REST API call to be able to scan new images besides using “docker run” or “scannercli”.



Environment:


Aqua CSP 4.6 / 5.0



Overview:


There are no particular symptoms for this situation, but you will need to be aware that even if this scan is done by using your CI/CD the final results will be reported under, 


“Images / General”


Besides any other CI/CD pipeline using “docker run” or “scannercli” which it will be shown under, 


“Images / CI/CD Scans”



Solution:


The REST API That could be used will be, 


POST -- {{Server_URL}}/api/v1/images


And the request body, 


{

"images": [

{

"registry": "{{REGISTRY}}",

"repository": "{{REPOSITORY}}",

"tag": "{{TAG}}",

"digest": null,

"source": null,

"exists": false

}

]

}


OR


POST -- {{Server_URL}}/api/v2/images


And the request body, 


{

    "registry": "{{REGISTRY}}",

    "image": "{{REPOSITORY:TAG}}"

}




Related Information:

https://docs.aquasec.com/v4.6/reference

https://github.com/kenmccann/ci-api-scanning/blob/master/scan-new-image.sh