Scanning Local Images
Scenarios
After the HSS agent is installed on a cluster node, the agent immediately starts synchronizing local image information to the HSS console. The information is updated every 24 hours.
After the local image information is displayed, you can manually scan the images.
Manually Scanning Local Images
- Log in to the HSS console.
- Click
in the upper left corner and select a region or project.
- In the navigation pane on the left, choose Risk Management > Container Images.
- In the upper right corner of the page, click Scan.
To scan a single image, click the Image View tab, click Scan in the Operation column of the image.
- Click the Local Images tab and configure parameters. For details, see Table 1.
Figure 1 Manually scanning local images
Table 1 Local image scan parameters Parameter
Description
Example Value
Risk Type
Select Vulnerability, if needed.
HSS scans for software information by default. You do not need to select it.
Select All
Image Scope
Select All or Specific.
A full scan takes a long time and cannot be stopped once started. Exercise caution when performing this operation.
Specific
- Click OK.
- In the upper right corner of the page, click Manage Task Click the Image Scan tab to view the scan status.
The duration of a security scan depends on the scanned image size. Generally, an image can be scanned within 3 minutes.
- After the image scan task is complete, return to Image View. You can view the scan status of each image. For details, see Table 2.
Table 2 Risk status Status
Description
Pending
The image is not scanned.
Scanning
The image is being scanned.
Succeeded
The image has been scanned. You can view the scan results.
Failed
An error or problem occurred during image scan. As a result, the scan failed.
To be scanned
A scan task has been created, and the image is waiting to be scanned.
Scan terminated
The scan task has been canceled, and the image scan has been stopped.
Stopping a Scan Task
You can stop a running scan task.
Constraints
- The following permissions are required for stopping a scan:
- HSS permission: batch image scan (hss:images:set) or container asset management (hss:containers:set)
- Namespace permission (Kubernetes RBAC): the permission for deleting job or cronjob resources in HSS namespaces
Procedure
- In the upper right corner of the Container Images page, click Manage Task.
- Click the Image Scan tab.
- In the Operation column of a task, click Cancel Scan.
- If Cancelled is displayed in the Scan Status column of the task, the scan has been canceled.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot