Skip to content

How to scan docker image between it's built and it's pushed to registry? #4086

Closed Answered by caarlos0
mih-kopylov asked this question in Q&A
Discussion options

You must be logged in to vote

what should happen to the rest of the release process if scanning fails? do we only skip pushing the docker images? what about the other artifacts?

if you are releasing, you should probably have tested beforehand if the image has issues or not anyway, and you'd still need to keep scanning the image afterwards due to possibly newly discovered issues in the base image or packages you use.

so... I don't believe this is something I'd want to implement, as it is confusing regarding what the behavior should be, and the benefit seems minimal.

Replies: 1 comment 3 replies

Comment options

You must be logged in to vote
3 replies
@mih-kopylov
Comment options

@caarlos0
Comment options

Answer selected by mih-kopylov
@mih-kopylov
Comment options

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
Q&A
Labels
None yet
2 participants