Note: Docker Scout is a new product and is free while in early access. Read more about Docker Scout.
GitHub Action to run the Docker Scout CLI as part of your workflows.
Required The name of command to run.
Name of image, directory or archive to operate on.
Additional args passed to Docker Scout.
Required Docker Hub user id.
Required Docker Hub password or PAT.
Registry user id for pull images.
Registry password or PAT for pulling images.
#
- name: Create CVE report
uses: docker/scout-action@v1
with:
command: cves
image: ${{ steps.meta.outputs.tags }}
args: '--output image.sarif.json --format sarif'
# Authenticate with Docker Hub
user: ${{ secrets.DOCKER_HUB_USER }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}
# Optional registry authentication when pulling private images
registry_user: ${{ github.actor }}
registry_password: ${{ secrets.GITHUB_TOKEN }}