docker scout policy

DescriptionEvaluate policies against an image and display the policy evaluation results (experimental)
Usagedocker scout policy [IMAGE | REPO]

Experimental

This command is experimental.

Experimental features are intended for testing and feedback as their functionality or design may change between releases without warning or can be removed entirely in a future release.

Description

The docker scout policy command evaluates policies against an image. The image analysis is uploaded to Docker Scout where policies get evaluated.

The policy evaluation results may take a few minutes to become available.

Options

OptionDefaultDescription
-e, --exit-codeReturn exit code '2' if policies are not met, '0' otherwise
--only-policyComma separated list of policies to evaluate
--orgNamespace of the Docker organization
-o, --outputWrite the report to a file
--platformPlatform of image to pull policy results from
--to-envName of the environment to compare to
--to-latestLatest image processed to compare to

Examples

Evaluate policies against an image and display the results

$ docker scout policy dockerscoutpolicy/customers-api-service:0.0.1

Evaluate policies against an image for a specific organization

$ docker scout policy dockerscoutpolicy/customers-api-service:0.0.1 --org dockerscoutpolicy

Evaluate policies against an image with a specific platform

$ docker scout policy dockerscoutpolicy/customers-api-service:0.0.1 --platform linux/amd64

Compare policy results for a repository in a specific environment

$ docker scout policy dockerscoutpolicy/customers-api-service --to-env production