Deepfactor can scan your artifacts (container images, filesytem directories) to generate SBOM and find SCA vulnerabilities. Deepfactor can even scan container images that are present in private registries. In order for Deepfactor to pull and scan such images, you will need to provide registry credentials. The following article describes how you can provide registry credentials for different registries for different scan scenarios.
Scanning images from private registries using CLI
Deepfactor provides a CLI you can use to scan images. The following article describes how to specify registry credentials while scanning images from private registries using Deepfactor CLI
Scanning container images from private registries using Deepfactor CLI
Scanning images from private registries using K8s scan pod
Deepfactor can deploy a scan pod in your K8s cluster which will scan container images used by pods launched in your K8s cluster. In order for this scan pod to access and scan container images, you will need to specify registry credentials as a K8s secret. The following table provides link to the appropriate guide for different registries.
Token expiration
Some registries allow you to create tokens which you can use for authentication. If you are using a token with an expiration time, please note that, before the token expires, you will need to update the K8s secret passed to Deepfactor scan pod with the new token to ensure it can continue to pull and scan images from your private registry.
Comments
Please sign in to leave a comment.