Let's secure your containers

Manually

1. Download the tool manually or via the code below. Download

sudo wget https://phonito-public-artifacts.azureedge.net/scanner/phonito-scanner -O /usr/local/bin/phonito-scanner
sudo chmod +x /usr/local/bin/phonito-scanner

2. You can then scan a container from the command line, making sure that the PHONITO_API_TOKEN environment variable:

export PHONITO_API_TOKEN="GET YOUR API TOKEN HERE https://phonito.io/setup"
phonito-scanner -i image:tag

Example output:


(Optional) Cause a build to fail by passing the --fail-level option. This will cause a non zero status code if there is a vulnerability of the specified level or higher. For example, if --fail-level is set to "HIGH", any image that has a CRITICAL or HIGH vulnerability will fail.

phonito-scanner -i image:tag --fail-level HIGH
Get Started For Free

Copyright Phonito 2019