`; return; } const search = await pagefind.debouncedSearch(query); if (search === null) { return; } else { const resultsLength = search.results.length const resultsData = await Promise.all(search.results.slice(0, 5).map(r => r.data())); const results = resultsData.map((item, index) => ({...item, index: index + 1})); if (query) { searchBarResults.classList.remove("hidden"); } else { searchBarResults.classList.add("hidden"); } let resultsHTML = `
${resultsLength} results
`; resultsHTML += results .map((item) => { return `
${item.meta.title}

…${item.excerpt}…

`; }) .join(""); if (resultsLength > 5) { resultsHTML += `
Show all results
`; } searchBarResults.innerHTML = resultsHTML; } } searchBarInput.addEventListener("input", search); if (window.heap !== undefined) { searchBarResults.addEventListener('click', function (event) { if (event.target.tagName === 'A' && event.target.closest('.link')) { const searchQuery = event.target.getAttribute('data-query'); const resultIndex = event.target.getAttribute('data-index'); const url = new URL(event.target.href); const properties = { docs_search_target_path: url.pathname, docs_search_target_title: event.target.textContent, docs_search_query_text: searchQuery, docs_search_target_index: resultIndex, docs_search_source_path: window.location.pathname, docs_search_source_title: document.title, }; heap.track("Docs - Search - Click - Result Link", properties); } }); } });

Integrate Docker Scout with Jenkins

You can add the following stage and steps definition to a Jenkinsfile to run Docker Scout as part of a Jenkins pipeline. The pipeline needs a DOCKER_HUB credential containing the username and password for authenticating to Docker Hub. It also needs an environment variable defined for the image and tag.

pipeline {
    agent {
        // Agent details
    }

    environment {
        DOCKER_HUB = credentials('jenkins-docker-hub-credentials')
        IMAGE_TAG  = 'myorg/scout-demo-service:latest'
    }

    stages {
        stage('Analyze image') {
            steps {
                // Install Docker Scout
                sh 'curl -sSfL https://raw.githubusercontent.com/docker/scout-cli/main/install.sh | sh -s -- -b /usr/local/bin'

                // Log into Docker Hub
                sh 'echo $DOCKER_HUB_PSW | docker login -u $DOCKER_HUB_USR --password-stdin'

                // Analyze and fail on critical or high vulnerabilities
                sh 'docker-scout cves $IMAGE_TAG --exit-code --only-severity critical,high'
            }
        }
    }
}

This installs Docker Scout, logs into Docker Hub, and then runs Docker Scout to generate a CVE report for an image and tag. It only shows critical or high-severity vulnerabilities.

Note

If you're seeing a permission denied error related to the image cache, try setting the DOCKER_SCOUT_CACHE_DIR environment variable to a writable directory. Or alternatively, disable local caching entirely with DOCKER_SCOUT_NO_CACHE=true.