Define Container Image IDs
In the plugin configuration, there is a field called image ID or Image Name. Set this to a single container image ID or name you want to report on. The plugin only pulls a report for the image ID or name you specify.
Perform the following steps to define the container image IDs:
- Enter a single string value like imageId: 'a1b2c3d4e5f6'. We also support SHA value of the image as the input to image ID.
- Specify an image name in the format
repo:tag.
If you provide an image name, the plugin fetches the corresponding sha-256. The plugin tries to fetch the image sha using the docker socket path configured in the configuration. If your docker host is running locally to build a tool/agent, the docker socket path is unix:///var/run/docker.sock; whereas if your docker host is running remotely, the docker socket path is the TCP URL to the remote docker host.
For more details on images, refer to Scanning CI/CD images. - Alternatively, you can also provide an image ID through an environment variable.
- Get the image ID of the container image using the program created in earlier stages of the build and provide that ID in the 'imageId' argument.
For example, in the pipeline script, you can get the image ID by executing the shell script and storing it in an environment variable. - Use the same environment variable in the 'ImageId' argument to provide the image ID.
Next Step