Skip to content

Private Registries

Image Pull Secrets

  1. Find references to image pull secrets (direct references and via service account).
  2. Create the temporary secret with basic credentials for each container of the scanned workload.
  3. Create the scan job that references the temporary secret. The secret has the ownerReference property set to point to the job.
  4. Watch the job until it's completed or failed.
  5. Parse logs and save vulnerability reports in etcd.
  6. Delete the job. The temporary secret will be deleted by the Kubernetes garbage collector.