GCP Google Container Registry (GCR) Scanning Tips

Document created by Alex Mandernack Employee on Jan 27, 2020
Version 1Show Document
  • View in full screen mode

Introduction

This document will provide tips for completing a successful registry scan of an GCP Google Container Registry (GCR).

 

GCR Registry Scanning Tips

The repository name is the name that is shown in GCR, but not the full URI, see below for an example.

 

Repo config and name in GCR

Select the correct project.

Navigate to the repo you wish to scan.

In this example, circled in red, "gcp-qualys-demo/quickstart-image" is the repo name that you will enter in the Qualys registry scan job.

gcp1

Image tag info in the GCP GCR repo

The tag name is circled in blue, this is what you will enter in the Qualys registry scan job if scanning by tag.

gcp2

 

Repo config and name in Qualys

Enter the repo name and tag from the GCP console (red and blue examples are circled here as well)

qualys1

 

For tips on image scanning, see the Tips for Achieving a Successful Container/Image Scan document.

Attachments

    Outcomes