Skip to content


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

Sysdig inline scan

WARNING: This repository contains the deprecated inline-scan script V1

Sysdig Inline Scan V2 is the recommended version.

Check for more information

Note about older version (1.x)

Sysdig inline scan V1 is still available, but not supported. V1 version runs as a script, and requires a working Docker environment (binaries and daemon), or can run as a container, mounting the docker socket inside the container.

Migrating to V2

If running the inline-scan via container:

docker run --rm -v /var/run/docker.sock:/var/run/docker.sock sysdiglabs/secure-inline-scan analyze ... <image-to-scan>

migration to the new version requires changing the image name to and adding the --storage-type=docker-daemon parameter, and removing the analyze option:

docker run --rm -v /var/run/docker.sock:/var/run/docker.sock ... <image-to-scan> --storage-type=docker-daemon

depending on the docker.sockpermissions you might need to run as root (adding -u to the docker run command) or adjusting the permissions in the docker socket.

If you are executing the script as: ... <image-to-scan>

then you will need to execute the inline-scanner as a container instead, as described previously.

Breaking changes

  • Execution mode: The inline scan is now executed in a different way. You need to directly run the container instead of using the old wrapper script. This means that you might need to adapt your automations or pipelines to migrate to inline-scan v2

  • TLS verification: starting from version 2, you'll need to explicitly pass --sysdig-skip-tls if targeting an on-prem with non verifiable certificate.