Scan images

Note

Only users with write access to a repository can manually start a scan. Users with read-only access can, however, view the scan results.

Security scan on push

By default, a security scan runs automatically when you push an image to the registry.

To view the results of a security scan:

  1. Log in to the MSR web UI.

  2. In the left-side navigation panel, select Repositories.

  3. Click the required repository and select the Tags tab.

  4. Click View details on the required tag.

Manual scanning

You can manually start a scan for images in repositories that you have write access to.

To manually scan an image:

  1. Log in to the MSR web UI.

  2. In the left-side navigation panel, select Repositories.

  3. Click the required repository and select the Tags tab.

  4. Click Start a scan on the required image tag.

  5. To review the scan results, click View details.

Change the scanning mode

You can change the scanning mode for each individual repository at any time. You might want to disable scanning in either of the following scenarios:

  • You are pushing an image repeatedly during troubleshooting and do not want to waste resources on rescanning.

  • A repository contains legacy code that is not used or updated frequently.

Note

To change an individual repository scanning mode, you must have write or administrator access to the repository.

To change the scanning mode:

  1. Log in to the MSR web UI.

  2. In the left-side navigation panel, select Repositories.

  3. Click the required repository and select the Settings tab.

  4. Scroll down to Image scanning and under Scan on push, select either On push or Manual.