Comment on page
Detect vulnerable base images from your Dockerfile
To receive base image fix advice, including major, minor, and alternative upgrades, as well as advice when you need to rebuild your image, ensure you:
- Have configured your preferred Git repository
- Have imported the repository that contains the relevant Dockerfile.
You can add a single Dockerfile to each image that you have imported.
To add a Dockerfile for additional fix advice:
- 1.In the Projects tab, find your Project by using a filter and navigate to the Project page.
- 2.On the Project page, navigate to Settings.
- 3.On the Settings page, under Dockerfile, click Configure Dockerfile and select the relevant Git repository from the dropdown.
Configure your Dockerfile by selecting the relevant repository
- 4.On the page listing the available repositories, select the relevant repository which contains your Dockerfile.
- 5.Under Path to your Dockerfile, add the relative path to your Dockerfile, in the following format: /path/dockerfile.
Add the path to your Dockerfile
- 6.Click Update your Dockerfile.
Snyk scans the Project again and provides relevant base image fix advice. You can see the fix advice on the Project page, under Recommendations for upgrading the base image.
The following information is displayed: Current image, Minor upgrades, Major Upgrades, Alternative upgrades, the number of vulnerabilities for each, and a severity ranking.
Recommendations for upgrading the base image
Snyk detects vulnerable base images by scanning your Dockerfile when you import a Git repository. This allows you to examine security issues before building the image and thus helps solve potential problems before they land in your registry or in production.
Dockerfiles displayed in the Project list