AnchoreCTL Release Notes - Version 5.24.3
Note: AnchoreCTL v5.24.x versions are compatible with Enterprise v5.24.x deployments.
AnchoreCTL v5.24.3
Improvements
STIG Enhancements
Enhanced Docker image STIG workflows with improved container management. AnchoreCTL now ensures STIG containers are available and in running state before executing STIG checks.
Two execution options are available:
| Option | Description | Default |
|---|---|---|
| anchore-keep-alive | Uses prepackaged binary to maintain the container’s running state during STIG execution | ✓ Yes |
| Manual Override | Uses existing running container via --stig-container-manual-override flag | No |
Default Behavior:
- AnchoreCTL uses the anchore-keep-alive binary to maintain the container’s running state
- Binary is prepackaged within AnchoreCTL and deploys automatically
- Removes dependency on
catbeing present in the target image’s PATH - Source available at: anchore-keep-alive
Manual Override Option:
- Use
--stig-container-manual-overrideflag with a running container ID - Available in:
anchorectl image add --stiganchorectl stig docker image execute
- Bypasses automatic container creation and uses specified container directly