docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add Override a Vulnerability topic to DTR 2.5 docs.

This commit is contained in:
KoryKessel-Docker 2020-01-15 16:55:34 +01:00
parent dbe3d175d5
commit c4425be2cf
2 changed files with 31 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
_data/toc.yaml
View File

@ -3435,6 +3435,8 @@ manuals:
title: Delete images
- path: /datacenter/dtr/2.5/guides/user/manage-images/scan-images-for-vulnerabilities/
title: Scan images for vulnerabilities
- title: Override a vulnerability
path: /datacenter/dtr/2.5/guides/user/manage-images/override-a-vulnerability/
- path: /datacenter/dtr/2.5/guides/user/manage-images/prevent-tags-from-being-overwritten/
title: Prevent tags from being overwritten
- sectiontitle: Sign images

29
datacenter/dtr/2.5/guides/user/manage-images/override-a-vulnerability.md Normal file
View File

@ -0,0 +1,29 @@
---
title: Override a vulnerability
description: Learn how to dismiss a vulnerability reported by the security
scanner, when you know it has been addressed
keywords: registry, security scanner
---
DTR scans images for vulnerabilities. At times, however, it may report image vulnerabilities that you know have been fixed, and whenever that happens the warning can be dismissed.
1. Access the DTR web interface.
2. Click **Repositories** in the left-hand menu, and locate the repository that has been scanned.
![](../../images/scan-images-for-vulns-3.png){: .with-border}
3. Click **View details** to review the image scan results, and select **Components** to see the vulnerabilities for each component packaged in the image.
4. Select the component with the vulnerability you want to ignore, navigate to the vulnerability, and click **hide**.
![Vulnerability list](../../images/override-vulnerability-2.png){: .with-border}
Once dismissed, the vulnerability is hidden system-wide and will no longer be reported as a vulnerability on affected images with the same layer IDs or digests. In addition, DTR will not reevaluate the promotion policies that have been set up for the repository.
If after hiding a particular vulnerability you want the promotion policy for the image to be reevaluated, click **Promote**.
## Where to go next
* [Scan images for vulnerabilities](scan-images-for-vulnerabilities.md)