Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Break pipeline in anchore-scan pipe

Eric Fiegehen
Eric Fiegehen June 7, 2021

Hello guys, 

I'm currently running anchore-scan pipe (0.2.15) to scan docker images, with the default pipe policy, so is there a way to break the pipeline if the report shows vulnerabilities ? 

My pipeline definition is a step with these commands : 
- docker build 
- anchore-scan pipe
- docker push  

For example i'm running a scan to a custom docker image, it founds 2 High vulnerabilities, so i want to break the pipeline, fix the vulnerabilities a then running one again. 
Captura de Pantalla 2021-06-07 a la(s) 10.37.59.png

 

Thanks, 

Answer
Watch
Like Be the first to like this
309 views

1 answer

0 votes
Halyna Berezovska
Halyna Berezovska
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 11, 2021

@Eric Fiegehen sure, there is a way, you can execute bash code according to your needs.

But if it fails, why you'd like to push?

It is not recommended, but you can check $status and exit 0 even if there are vulnerabilties and make the report in after-script or before.

Also, if you have questions precisely about anchore, you have to contact the maintainer of the pipe, which you can find in pipe.yml file of the pipe

Regards, Galyna

Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events