docker
/
getting-started
mirror of https://github.com/docker/getting-started.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update tutorial to use docker scout command

This commit is contained in:
patest-dev 2023-05-20 21:17:23 +02:00 committed by GitHub
parent c7bbd0119f
commit 94cd8df989
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docs/tutorial/image-building-best-practices/index.md
View File

@ -1,12 +1,12 @@
## Security Scanning ## Security Scanning
When you have built an image, it is good practice to scan it for security vulnerabilities using the `docker scan` command. When you have built an image, it is good practice to scan it for security vulnerabilities using the `docker scout` command.
Docker has partnered with [Snyk](http://snyk.io) to provide the vulnerability scanning service. Docker has partnered with [Snyk](http://snyk.io) to provide the vulnerability scanning service.
For example, to scan the `getting-started` image you created earlier in the tutorial, you can just type For example, to scan the `getting-started` image you created earlier in the tutorial, you can just type
```bash ```bash
docker scan getting-started docker scout cves getting-started
``` ```
The scan uses a constantly updated database of vulnerabilities, so the output you see will vary as new The scan uses a constantly updated database of vulnerabilities, so the output you see will vary as new
@ -34,7 +34,7 @@ vulnerabilities are discovered, but it might look something like this:
The output lists the type of vulnerability, a URL to learn more, and importantly which version of the relevant library The output lists the type of vulnerability, a URL to learn more, and importantly which version of the relevant library
fixes the vulnerability. fixes the vulnerability.
There are several other options, which you can read about in the [docker scan documentation](https://docs.docker.com/engine/scan/). There are several other options, which you can read about in the [docker scout documentation](https://docs.docker.com/scout/).
As well as scanning your newly built image on the command line, you can also [configure Docker Hub](https://docs.docker.com/docker-hub/vulnerability-scanning/) As well as scanning your newly built image on the command line, you can also [configure Docker Hub](https://docs.docker.com/docker-hub/vulnerability-scanning/)
to scan all newly pushed images automatically, and you can then see the results in both Docker Hub and Docker Desktop. to scan all newly pushed images automatically, and you can then see the results in both Docker Hub and Docker Desktop.