This topic guides you through observing Supply Chain Security Tools (SCST) - Scan 2.0. This helps you understand each step of scanning.
This section describes each of the scanning steps and corresponding observability methods.
-
To watch the status of the scanning custom resources and child resources:
kubectl get -l imagevulnerabilityscan pipelinerun,taskrun,pod kubectl get imagevulnerabilityscan
-
View the status, reason, and urls:
kubectl get imagevulnerabilityscan -o wide
-
View the complete status and events of scanning custom resources:
kubectl describe imagevulnerabilityscan IMAGE-VULNERABILITY-SCAN-NAME
Where
IMAGE-VULNERABILITY-SCAN-NAME
is the name of anImageVulnerabilityScan
resource you want to inspect. -
List the child resources of a scan:
kubectl get -l imagevulnerabilityscan=$NAME pipelinerun,taskrun,pod
-
Get the logs of the controller:
kubectl logs -f deployment/app-scanning-controller-manager -n app-scanning-system -c manager