Docker Community Forums

Share and learn in the Docker community.

No security scan?


(Josh Reichardt) #1

I just opted into the free preview of the security scan for both my organization and user per the docs but am not seeing any of my newly pushed images being scanned. I have only tried the scanning for organization images, not user images.

Is there something else I need to do in order to enable image scanning?


(Mehdig) #2

No, you shouldn’t have to do anything else. we will take a look. As a reminder the preview is available only for private repos tied to a repo subscription plan. We’ll get back to you.


(Toli Kuznets) #3

Josh, what namespace are the images in? Want to verify they are all private, and kick off the scans manually to test what’s going on.


(Josh Reichardt) #4

@toli the namespace is aboutdotme. Let me know if you need any other information.

I think there are maybe a few that aren’t private. Could that be causing issues?


(Toli Kuznets) #5

Josh,
I’ll have to investigate the underlying problem, but we resubscribed you and scans for all your private repos got kicked off again.
Please allow up to 24 hours for them to finish (the load is very high right now), but you should be seeing “scans in progress” message now on the pages for your repos, for the 3 latest tags


(Josh Reichardt) #6

I see the images are showing as scan in progress like you said, thank you. I’ll check back later when they are finished.

On another note, is there an API for looking at scanned images to check for example if any vulnerabilities have been found?

Thanks again.


(Toli Kuznets) #7

Josh, never got a notification for your question hence the delay.
We don’t have an API yet, it’s on the roadmap but I can’t promise anything about the timing.


(Luis Echegaray) #8

Same issue on the kingsmen namespace. Pushed new tags, enabled/re-enabled docker security scanning. All repos are private, and waited for about a week now.

Is there anything else i can try?

Luis E


(Macgyver2028) #9

Same issue on KellerWilliams namespace. Pushed new tags, enabled/re-enabled docker security scanning. All repos are private, and waited for 3-4 weeks now.

Any advice or anything else we can do on our end?


(Mpechnerle) #10

Now I do not feel bad. I’ve only been waiting 2 weeks. account mpechnerle. What is going on with the scans. I am not down to trolling and posting comments on every thread. This is a level of sadness that should embarrass the support group.