8

When I tried scanning local images, like the hello-world image, using docker scan hello-world, I get this error

docker: 'scan' is not a docker command.
See 'docker --help'

My docker version is

Client: Docker Engine - Community
 Version:           20.10.2
 API version:       1.41
 Go version:        go1.13.15
 Git commit:        2291f61
 Built:             Mon Dec 28 16:17:43 2020
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true
Osinachi
  • 656
  • 8
  • 14
  • 3
    Thanks for making me discover that command. Unfortunately, according to the [documentation](https://docs.docker.com/engine/scan/), this feature is only availabe with Docker Destop Edge which is only available on windows and mac. – Zeitounator Jan 10 '21 at 19:58
  • `docker scan` seems to be available for all/most environments now. I am very puzzled by the requirement of a docker hub login. Seems to make batch use pretty hard. – nroose Aug 29 '21 at 04:33

1 Answers1

6

There is a plugin available:

Requirement: apt knows about the docker-repositories

This should be already fulfilled after following the install-guide at https://docs.docker.com/engine/install/ubuntu/

Example:

$ cat /etc/apt/sources.list.d/docker.list 
deb [arch=amd64] https://download.docker.com/linux/ubuntu focal stable

Installation:

$ sudo apt update
$ sudo apt install docker-scan-plugin

Running docker scan will reveal more requirements:

  • login to Docker Hub
  • consent to access Snyk (For more information search the web for docker Snyk.)
$ docker scan hello-world
Docker Scan relies upon access to Snyk, a third party provider, do you consent to proceed using Snyk? (y/N)
y
failed to get DockerScanID: You need to be logged in to Docker Hub to use scan feature.
please login to Docker Hub using the Docker Login command
Klaus
  • 885
  • 7
  • 11