Let's secure your containers
1. Download the tool manually or via the code below. Download
sudo wget https://phonito-public-artifacts.azureedge.net/scanner/phonito-scanner -O /usr/local/bin/phonito-scanner sudo chmod +x /usr/local/bin/phonito-scanner
2. You can then scan a container from the command line, making sure that the
PHONITO_API_TOKEN environment variable:
export PHONITO_API_TOKEN="GET YOUR API TOKEN HERE https://phonito.io/setup" phonito-scanner -i image:tag
(Optional) Cause a build to fail by passing the
--fail-level option. This will cause a non zero status code if there is a vulnerability of the specified level or higher.
For example, if
--fail-level is set to "HIGH", any image that has a CRITICAL or HIGH vulnerability will fail.
phonito-scanner -i image:tag --fail-level HIGH
Copyright Phonito 2020