Automatic Docker image scan on push
Written by
Updated at December 5, 2024
Note
You can enable auto scans of Docker images for vulnerabilities on push to Yandex Container Registry in the vulnerability scanner settings without creating any Yandex Cloud Functions functions and triggers.
In this tutorial, you will create a Container Registry registry to store a Docker image. You will also set up automatic scanning for vulnerabilities on push to the registry. A Cloud Functions trigger will track changes to the registry and invoke a function to start scanning when you push a Docker image to the registry.
To set up and run Docker image vulnerability scanning on push to Container Registry, use the following tools:
- Management console, CLI, and API: Use the Yandex Cloud management console, CLI, or API to create your infrastructure step by step.
- Terraform: Streamline creating and managing your resources using the infrastructure as code (IaC) approach. Download a Terraform configuration example from the GitHub repository and then deploy the infrastructure using the Yandex Cloud Terraform provider.