Skip to content
| Marketplace
Sign in
Azure DevOps>Azure Pipelines>AccuKnox Container Scan
AccuKnox Container Scan

AccuKnox Container Scan

AccuKnox

|
5 installs
| (0) | Free
AccuKnox container scan extension for scanning container images.
Get it free

AccuKnox container scan Azure DevOps extension

Learn more about AccuKnox

Description

This extension performs a container image scan to detect vulnerabilities. Once the scan is complete it generates a report and uploads it to the AccuKnox control plane. The extension can be configured with specific inputs to integrate seamlessly with your DevSecOps pipeline.

How to use it?

  1. Add the following task into your pipeline:
- task: AccuKnox-container-scan@1
  inputs:
    imageName: my-image
    tag: test
    inputSoftFail: true
    accuknoxEndpoint: $(accuknoxEndpoint)
    accuknoxTenantId: $(accuknoxTenantId)
    accuknoxToken: $(accuknoxToken)
    accuknoxLabel: $(accuknoxLabel)
  1. Generate the AccuKnox API token:

For generating the token, open up the AccuKnox UI. And navigate to the settings > tokens and click on the create button.

Screenshot of the AccuKnox tokens page


Give your token a name and set the expiry date according to your needs. Click on the generate button.

Screenshot of the AccuKnox tokens page


Copy and note down the tenant id and token.

Screenshot of the AccuKnox tokens page


Store the token as a secret in Azure DevOps.

Input values

Input Value Required Default Value Description
imageName Yes None Name of the Docker image that you want to scan. This name will also reflect in the AccuKnox control plane.
tag Yes BUILD_BUILDNUMBER Docker image tag
severity No false Severity threshold for container scan. eg. 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'. Soft Fail input help you to fail the pipeline on detecting the vulnerability of specified severity. You can also have multiple comma separated values.
accuknoxEndpoint Yes None AccuKnox API endpoint for sending the report. eg. cspm.demo.accuknox.com
accuknoxTenantId Yes None Your AccuKnox tenant ID. You can see your tenant ID while creating an AccuKnox token.
accuknoxToken Yes None AccuKnox API token.
accuknoxLabel Yes None AccuKnox label to group similar findings together.
inputSoftFail No false Fail the pipeline on detecting findings of specified severities.

How it Works

  • Container Image Scan: The extension performs the scan to detect the vulnerabilities.
  • Report Generation: Once the scan is complete it generates a report.
  • Report Upload: The generated report is uploaded to the AccuKnox CSPM panel for centralized monitoring and insights.
  • Quality Gate Check: Verifies if the project meets the set quality standards provided via the inputSoftFail parameter.

Notes

  • Ensure all necessary secrets are securely stored in an Azure DevOps variable group.
  • AccuKnox control plane provides a centralized view of all container image scan results, enabling detailed security monitoring and analytics.
  • Contact us
  • Jobs
  • Privacy
  • Manage cookies
  • Terms of use
  • Trademarks
© 2025 Microsoft