Versions Compared

Old Version 14

changes.mady.by.user Chris Potts

Saved on

compared with

New Version Current

changes.mady.by.user Chris Potts

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

...

There are two ways that you can scan container images in ECR:

...

  1. Authenticate with ACR. The az acr login command generates an authentication token and authenticates with your registry.

    Code Block
    themeRDark
    titleGenerate Docker Login for ECR (Linux)
    az acr login --name <acrName>


  2. Invoke Synopsys Detect, and provide the following /wiki/spaces/INTDOCS/pages/622673 at following at a minimum.

    Code Block
    themeRDark
    titleSynopsys Detect - Scanning Images
    bash <(curl -s https://detect.synopsys.com/detect.sh) \
--blackduck.url=<URL> \
--blackduck.api.token=<token> \
--detect.docker.image=<Image URI> \
--detect.project.name=<Project Name>



  3. Image Modified 

Anchor
devops
devops
Using Azure DevOps Pipelines

...

Talk to your authorized support representative for details on the Synopsys Detect extension.

See also: Azure DevOps (ADO) Plugin

Invoking Synopsys Detect as a script to scan a Docker image stored in ACR

...

For more information about using Black Duck, evaluating scan results, and more, refer to the topic Getting Started with Black Duck located here: Black Duck