Inspecting Image Content

Introduction

During the analysis of container images, Anchore Enterprise performs deep inspection, collecting data on all artifacts in the image including files, operating system packages and software artifacts such as Ruby GEMs and Node.JS NPM modules.

Inspecting images

The image content command can be used to return detailed information about the content of the container image.

anchore-cli image content INPUT_IMAGE CONTENT_TYPE

The INPUT_IMAGE can be specified in one of the following formats:

Image Digest
Image ID
registry/repo:tag

the CONTENT_TYPE can be one of the following types:

os: Operating System Packages
files: All files in the image
npm: Node.JS NPM Modules
gem: Ruby GEMs
java: Java Archives
python: Python Artifacts
nuget: .NET NuGet Packages

For example: anchore-cli image content debian:latest files

The CLI will output a subset of fields from the content view, for example for files on the file name and size are displayed. To retrieve the full output the --json parameter should be passed.

For example: anchore-cli --json image content debian:latest files

Next Steps

View security vulnerabilities in the image
Evaluate the image against policies you create
Subscribe to receive notifications when the image is updated, when the policy status changes, or when new vulnerabilities are detected.
Scan Respositories

Feedback

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.

Last modified December 24, 2020: Remove engine docs now that they are on engine.anchore.io (#258) (826e449)