Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Installing docker scan for bitbucket pipelines ?

Ritesh Thakur
Ritesh Thakur February 28, 2023
I have a bitbucket-pipeline where after I build an image, I want to then run a scan. I am aware of the tool Snyk but in this case I want to run with a cheaper service i.e. docker's native scan. Problem however now is, that when I run following I get "docker: 'scan' is not a docker command." error. Is there a way to install docker scan in bitbucket pipeline ? "apt get" commands from following script yield "bash: apt: command not found". Can someone help me please ?

deployment: Test
services:
  - docker
caches:
  - pip
script:
  - cd .
  - export IMAGE_NAME="ABC"
  - export IMAGE_NAME_EXTENSION="latest"
  - VERSION=$(<version.txt)
  - docker build -t $IMAGE_NAME .
  - docker login -u $DOCKER_USERNAME -p $DOCKER_ACCESS_TOKEN
  - apt update && apt install -y docker-scan-plugin
  - docker scan $IMAGE_NAME:$IMAGE_NAME_EXTENSION
Answer
Watch
Like Be the first to like this
1624 views

1 answer

1 accepted

0 votes
Answer accepted
Patrik S
Patrik S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 2, 2023

Hello @Ritesh Thakur ,

Thank you for reaching out to Community!

The docker scan is indeed a plugin and it needs to be installed separately as it does not come with the standard docker cli. It's important to note that according to docker's official documentation, the docker scan command is deprecated.

However, if you still want to use it, the way you install it very depends on the image you are using. The docker images are usually based on Linux distributions, and each Linux distribution can come with a different package manager. For example, Debian-based distributions comers with apt, while Fedora has dnf and alpine-based Linux has apk.

The error you received bash: apt: command not found is likely because the image you are using is based in a Linux distribution that does not use apt as the package manager, so bash is not able to find the command. You can find the linux distribution used by your image using the following command : 

cat /etc/*-release

Then you can use the corresponding package manager to install docker scan. In case you are not able to install it using a package manager, you can try installing it manually following the instruction of docker scan official documentation.

Hope that helps! 

Thank you, @Ritesh Thakur !

Patrik S

View More Comments
Ritesh Thakur
Ritesh Thakur March 2, 2023 edited

Thanks for response Patrik. Noted.

Like
Ritesh Thakur
Ritesh Thakur March 2, 2023 edited

"docker scan" indeed is discontinues but with newer CLI 4.17.0, they have rolled out "docker scout". I think somewhere bitbucket has to update Docker CLI so that when I use "Docker" as a "Service" in my pipeline, bitbucket-pipeline is able to access scout command. Thoughts ?

The reason I think is this, when I run "docker --version" on pipelines, I see: Docker version 20.10.18, build b40c2f6 vs when I run it on my local machine where "docker scout" works, I see: Docker version 20.10.23, build 7155243

Another reason is, that when I run "docker --help" on pipelines, I don't see "scout" as a command under "Management Commands". What bothers me is that "scout" is not listed as a blocked command here. Attaching 2 pictures where you can see that Docker CLI on local machine supports scout or scan vs on Bitbucket it doesn't. (docker_help_local is local machine's screenshot and docker_help_bb is Bitbucket's screenshot)

I think capability to run "docker scout" to scan the docker image built during deployment, is a necessity. Can you look into this please docker_help_bb.PNG docker_help_local.PNG

Like
Patrik S
Patrik S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 6, 2023

Hello @Ritesh Thakur ,

It seems like the Docker scout is still in the early adopter phase and it currently comes just with Docker Desktop installation, but not with Docker engine CLI (which is used in pipelines). I went ahead and created a feature request to add support for docker scout in pipelines, which you can find in the link below : 

I would suggest you to add your vote there, since this helps both developers and product managers to understand the interest. Also, make sure you add yourself as a watcher in case you want to receive first-hand updates from that ticket. Please note that all features are implemented with this policy in mind.

Thank you, @Ritesh Thakur !

Patrik S

Like • Ritesh Thakur likes this
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
DEPLOYMENT TYPE
CLOUD
TAGS
AUG Leaders

Atlassian Community Events

Community
Forums
FAQs Forums guidelines
Learning
About learning Resources
Events
Champions
Copyright © 2025 Atlassian
Privacy Policy Terms Security
Welcome illustration

Welcome to the new Atlassian Community

Online forums and learning are now in one easy-to-use experience.

By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.