support registry mirrors for image scanning #7966
Labels
kind/feature
Categorizes issue or PR as related to a new feature.
target/container-image
Issues relating to container image scanning
Comments
itaysk
added
the
kind/feature
itaysk
added
the
target/container-image
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Discussed in #4957
When scanning images, Trivy is pulling the container image from registry directly (using OCI API). Most container engines support "mirroring", which tells the engine to pull certain images from another registry instead of the user specified.
Example from Docker: https://docs.docker.com/docker-hub/mirror/#configure-the-docker-daemon
Trivy should support similar functionality for pulling images from a mirror if configured. Since mirror configuration varies between engines, we should not support one of the existing ones but allow users to configure specifically for Trivy.
As @caleb-devops suggested:
it could be supported on cli as
--registry-mirrors docker.io:harbor.example.com/docker.io, but since this is advanced use case it might be ok to keep it config file exclusive.The text was updated successfully, but these errors were encountered: