...
You can scan Docker containers by running the Unified Agent in Docker mode ( using the 'docker.scanContainers' parameter). In
In this mode, only the Docker Container scan and Package Manager scan (scanPackageManager) will take place.
General scan using local resolvers (package manager) will only take place if the resolvers are installed and available locally. the Linux packages are detected, and a general scan of the container file system is performed for package managers' based resolution and identification of source files/binaries.
| Info |
|---|
For scanning an RPM-based Docker container, RPM database compatibility between the container and the machine in which the scan is performed will increase the accuracy of the results. |
...
Configurations
Set the Boolean property '
docker.scanContainers' in the config file to true. By default, the Unified Agent will scan all your Docker containers.Set the GLOB pattern property for '
docker.containerIncludes' and 'docker.containerExcludes' if you want to be more specific about which containers to scan.
...
The scanner saves your required containers and scans all the file system systems and installed packages.
The Docker container is saved to the temporary directory defined in your environment , and is deleted immediately after the scan.
...