You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In this demo we will use Azure Pipelines to build, scan and push a container image.
4
+
5
+
NOTE: This example uses the [legacy Sysdig scanning engine](https://docs.sysdig.com/en/docs/sysdig-secure/scanning/)
6
+
7
+
The workflow is as follows:
8
+
9
+
1. Build the container image and store it locally
10
+
2. Run the `sysdiglabs/secure-inline-scan:2` container to perform the scan
11
+
3. Push the container image to a remote registry
12
+
13
+
## Setup
14
+
15
+
### Variables
16
+
17
+
It is required to create a `secureApiKey` pipeline variable containing the Sysdig API token in order
18
+
to be able to perform the scan. See [the official documentation](https://docs.microsoft.com/en-us/azure/devops/pipelines/process/set-secret-variables)
19
+
for instructions on how to do it, but basically:
20
+
21
+
* Edit the pipeline
22
+
* Select "Variables"
23
+
* Add a new `secureApiKey` variable with the proper content
24
+
25
+
### Registry access
26
+
27
+
It is required to create a Docker registry "Service Connections" to be able to push images to the registry.
28
+
See [the official documentation](https://docs.microsoft.com/en-us/azure/devops/pipelines/library/service-endpoints?view=azure-devops&tabs=yaml#docker-hub-or-others)
29
+
for instructions on how to do it, but basically:
30
+
31
+
* Select Project settings > Service connections
32
+
* Select + New service connection, select the "Docker Registry", and then select Next
33
+
* Add the registry url, user & password and a Service connection name (in this example, the Service connection name is `containerRegistry`)
34
+
35
+
Then, modify the variables on the [azure-pipelines.yml](azure-pipelines.yml) file to fit your needs:
0 commit comments