mirror of
https://github.com/docker/docs.git
synced 2026-03-27 14:28:47 +07:00
ec72262eed
Upstream docs had a formatting issue that needed a hotfix. Rather than fixing the vendored yaml, which would be overwritten the next time update (any) vendored modules, I decided to manually copy the cli reference yaml to the data dir. Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
233 lines
7.6 KiB
YAML
Generated
233 lines
7.6 KiB
YAML
Generated
command: docker scout quickview
|
|
aliases: docker scout quickview, docker scout qv
|
|
short: Quick overview of an image
|
|
long: |-
|
|
The `docker scout quickview` command displays a quick overview of an image.
|
|
It displays a summary of the vulnerabilities in the specified image
|
|
and vulnerabilities from the base image.
|
|
If available, it also displays base image refresh and update recommendations.
|
|
|
|
If no image is specified, the most recently built image is used.
|
|
|
|
The following artifact types are supported:
|
|
|
|
- Images
|
|
- OCI layout directories
|
|
- Tarball archives, as created by `docker save`
|
|
- Local directory or file
|
|
|
|
By default, the tool expects an image reference, such as:
|
|
|
|
- `redis`
|
|
- `curlimages/curl:7.87.0`
|
|
- `mcr.microsoft.com/dotnet/runtime:7.0`
|
|
|
|
If the artifact you want to analyze is an OCI directory, a tarball archive, a local file or directory,
|
|
or if you want to control from where the image will be resolved, you must prefix the reference with one of the following:
|
|
|
|
- `image://` (default) use a local image, or fall back to a registry lookup
|
|
- `local://` use an image from the local image store (don't do a registry lookup)
|
|
- `registry://` use an image from a registry (don't use a local image)
|
|
- `oci-dir://` use an OCI layout directory
|
|
- `archive://` use a tarball archive, as created by `docker save`
|
|
- `fs://` use a local directory or file
|
|
- `sbom://` SPDX file or in-toto attestation file with SPDX predicate or `syft` json SBOM file
|
|
In case of `sbom://` prefix, if the file is not defined then it will try to read it from the standard input.
|
|
usage: docker scout quickview [IMAGE|DIRECTORY|ARCHIVE]
|
|
pname: docker scout
|
|
plink: docker_scout.yaml
|
|
options:
|
|
- option: env
|
|
value_type: string
|
|
description: Name of the environment
|
|
deprecated: false
|
|
hidden: false
|
|
experimental: false
|
|
experimentalcli: false
|
|
kubernetes: false
|
|
swarm: false
|
|
- option: ignore-suppressed
|
|
value_type: bool
|
|
default_value: "false"
|
|
description: |
|
|
Filter CVEs found in Scout exceptions based on the specified exception scope
|
|
deprecated: false
|
|
hidden: false
|
|
experimental: false
|
|
experimentalcli: false
|
|
kubernetes: false
|
|
swarm: false
|
|
- option: latest
|
|
value_type: bool
|
|
default_value: "false"
|
|
description: Latest indexed image
|
|
deprecated: false
|
|
hidden: false
|
|
experimental: false
|
|
experimentalcli: false
|
|
kubernetes: false
|
|
swarm: false
|
|
- option: only-policy
|
|
value_type: stringSlice
|
|
default_value: '[]'
|
|
description: Comma separated list of policies to evaluate
|
|
deprecated: false
|
|
hidden: false
|
|
experimental: false
|
|
experimentalcli: false
|
|
kubernetes: false
|
|
swarm: false
|
|
- option: only-vex-affected
|
|
value_type: bool
|
|
default_value: "false"
|
|
description: Filter CVEs by VEX statements with status not affected
|
|
deprecated: false
|
|
hidden: false
|
|
experimental: false
|
|
experimentalcli: false
|
|
kubernetes: false
|
|
swarm: false
|
|
- option: org
|
|
value_type: string
|
|
description: Namespace of the Docker organization
|
|
deprecated: false
|
|
hidden: false
|
|
experimental: false
|
|
experimentalcli: false
|
|
kubernetes: false
|
|
swarm: false
|
|
- option: output
|
|
shorthand: o
|
|
value_type: string
|
|
description: Write the report to a file
|
|
deprecated: false
|
|
hidden: false
|
|
experimental: false
|
|
experimentalcli: false
|
|
kubernetes: false
|
|
swarm: false
|
|
- option: platform
|
|
value_type: string
|
|
description: Platform of image to analyze
|
|
deprecated: false
|
|
hidden: false
|
|
experimental: false
|
|
experimentalcli: false
|
|
kubernetes: false
|
|
swarm: false
|
|
- option: ref
|
|
value_type: string
|
|
description: |-
|
|
Reference to use if the provided tarball contains multiple references.
|
|
Can only be used with archive
|
|
deprecated: false
|
|
hidden: false
|
|
experimental: false
|
|
experimentalcli: false
|
|
kubernetes: false
|
|
swarm: false
|
|
- option: stream
|
|
value_type: string
|
|
description: Name of stream
|
|
deprecated: true
|
|
hidden: true
|
|
experimental: false
|
|
experimentalcli: false
|
|
kubernetes: false
|
|
swarm: false
|
|
- option: vex
|
|
value_type: bool
|
|
default_value: "false"
|
|
description: Apply VEX statements to filter CVEs
|
|
deprecated: true
|
|
hidden: true
|
|
experimental: false
|
|
experimentalcli: false
|
|
kubernetes: false
|
|
swarm: false
|
|
- option: vex-author
|
|
value_type: stringSlice
|
|
default_value: '[<.*@docker.com>]'
|
|
description: List of VEX statement authors to accept
|
|
deprecated: false
|
|
hidden: false
|
|
experimental: false
|
|
experimentalcli: false
|
|
kubernetes: false
|
|
swarm: false
|
|
- option: vex-location
|
|
value_type: stringSlice
|
|
default_value: '[]'
|
|
description: File location of directory or file containing VEX statements
|
|
deprecated: false
|
|
hidden: false
|
|
experimental: false
|
|
experimentalcli: false
|
|
kubernetes: false
|
|
swarm: false
|
|
inherited_options:
|
|
- option: debug
|
|
value_type: bool
|
|
default_value: "false"
|
|
description: Debug messages
|
|
deprecated: false
|
|
hidden: true
|
|
experimental: false
|
|
experimentalcli: false
|
|
kubernetes: false
|
|
swarm: false
|
|
- option: verbose-debug
|
|
value_type: bool
|
|
default_value: "false"
|
|
description: Verbose debug
|
|
deprecated: false
|
|
hidden: true
|
|
experimental: false
|
|
experimentalcli: false
|
|
kubernetes: false
|
|
swarm: false
|
|
examples: |-
|
|
### Quick overview of an image
|
|
|
|
```console
|
|
$ docker scout quickview golang:1.19.4
|
|
...Pulling
|
|
✓ Pulled
|
|
✓ SBOM of image already cached, 278 packages indexed
|
|
|
|
Your image golang:1.19.4 │ 5C 3H 6M 63L
|
|
Base image buildpack-deps:bullseye-scm │ 5C 1H 3M 48L 6?
|
|
Refreshed base image buildpack-deps:bullseye-scm │ 0C 0H 0M 42L
|
|
│ -5 -1 -3 -6 -6
|
|
Updated base image buildpack-deps:sid-scm │ 0C 0H 1M 29L
|
|
│ -5 -1 -2 -19 -6
|
|
```
|
|
|
|
### Quick overview of the most recently built image
|
|
|
|
```console
|
|
$ docker scout qv
|
|
```
|
|
|
|
### Quick overview from an SPDX file
|
|
|
|
```console
|
|
$ syft -o spdx-json alpine:3.16.1 | docker scout quickview sbom://
|
|
✔ Loaded image alpine:3.16.1
|
|
✔ Parsed image sha256:3d81c46cd8756ddb6db9ec36fa06a6fb71c287fb265232ba516739dc67a5f07d
|
|
✔ Cataloged contents 274a317d88b54f9e67799244a1250cad3fe7080f45249fa9167d1f871218d35f
|
|
├── ✔ Packages [14 packages]
|
|
├── ✔ File digests [75 files]
|
|
├── ✔ File metadata [75 locations]
|
|
└── ✔ Executables [16 executables]
|
|
|
|
Target │ <stdin> │ 1C 2H 8M 0L
|
|
digest │ 274a317d88b5 │
|
|
```
|
|
deprecated: false
|
|
experimental: false
|
|
experimentalcli: false
|
|
kubernetes: false
|
|
swarm: false
|
|
|