Analyzes a published docker image and stores results in Anchore Engine. If you are looking to scan or analyze a local build of an image see scanLocalImage and analyzeLocalImage respectively.
Inputs
Input Name | Input Code | Required | Description |
---|---|---|---|
Anchore User | FDANCR_INP_USER | Yes | The Anchore User used when uploading the results. |
Anchore Password | FDANCR_INP_PASSWORD | Yes | The Anchore Password used when uploading the results. |
Anchore Url | FDANCR_INP_URL | Yes | The API url for the Anchore Engine install. Typically http://yourhost:8228/v1 |
Image Name | FDANCR_INP_IMAGE_NAME | Yes | The full image tag including the registry to analyze. For example:
|
Wait For Results | FDANCR_INP_WAIT_FOR_RESULTS | Yes | Should the plugin wait for the results or simply start the upload and complete. If you want to use the Groovy Fail Condition or Plugin Outputs this needs to be true. |
Groovy Fail Condition | FDANCR_INP_SCAN_FAIL_CONDITION | No | Optional groovy script to determine if the scan should fail the workflow. Available variables include all FlexDeploy environment variables and the following scan result variables:
See more information here for configuring the Groovy Fail Condition. |
Force Analyze | FDANCR_INP_FORCE_ANALYZE | No | Should the analysis be run if this image tag has already been analyzed and stored in Anchore Engine? If this is false, the existing analysis will just be returned. |
Outputs
See the main plugin page for outputs and groovy script validation.
Outputs
These outputs will only be returned if Wait For Results is true
Artifacts
This operation delegates the consume/produce artifacts decision to the workflow developer.
Endpoint Selection
This operation delegates the selection to the workflow developer to determine.
Endpoint Execution
This operations delegates the execution to the workflow developer to decide.