Anchore Container scanning in Jenkins CI Pipeline

427 views Asked by At

I need help with my Jenkinsfile CI file.

Code in Jenknsfile looks like this:

pipeline {
  environment {
    registry = "user/demo1"
    registryCredential = 'dockerhub'
    dockerImage = ''
  }
  agent any
  stages {
    stage('Building image') {
      steps{
        script {
          dockerImage = docker.build registry + ":$BUILD_NUMBER"
        }
      }
    }

    stage('Container Image') {
      steps{
        script {
          sh 'echo "docker.io/user/demo1 `pwd`/Dockerfile" > anchore_images'
          anchore name: 'anchore_images'
        }
      }
    }

    stage('Deploy Image') {
      steps{
        script {
          docker.withRegistry( 'https://registry.hub.docker.com', registryCredential ) {
            dockerImage.push()
          }
        }
      }
    }
  }
}

It was running fine when the Container Image stage was not present after I included this stage. It runs till the build stage after which it fails.

Here is the output of the error:

2021-05-05T09:36:31.884 INFO   AnchoreWorker   Submitting docker.io/user/demo1 for analysis
2021-05-05T09:36:41.630 ERROR  AnchoreWorker   anchore-engine add image failed. URL: http://localhost:8228/v1/images, status: HTTP/1.1 400 BAD REQUEST, error: {
  "detail": {
    "error_codes": [
      "REGISTRY_IMAGE_NOT_FOUND"
    ],
    "raw_exception_message": "Error encountered in skopeo operation. cmd=/bin/sh -c skopeo   inspect --raw --tls-verify=false  docker://docker.io/user/demo1:latest, rc=1, stdout=None, stderr=b'time=\"2021-05-05T09:36:37Z\" level=fatal msg=\"Error parsing image name \\\\\"docker://docker.io/user/demo1:latest\\\\\": Error reading manifest latest in docker.io/user/demo1: manifest unknown: manifest unknown\"\\n', error_code=REGISTRY_IMAGE_NOT_FOUND"
  },
  "httpcode": 400,
  "message": "cannot fetch image digest/manifest from registry"
}

please help me solve this issue.

1

There are 1 answers

0
user_dev On

Your anchore-registry doesn't have the image available for it to scan. This is how you can add the image to the registry

anchore-cli image add dockerImage