After completing the scans, query the Supply Chain Security Tools - Store to view your vulnerability results. The Supply Chain Security Tools - Store is a Tanzu component that stores image, package, and vulnerability metadata about your dependencies. Use the Supply Chain Security Tools - Store CLI, called insight, to query metadata that is submitted to the store.

For example, to query Vulnerability data relating to an Image Scan, run:

# Query for image scans:
kubectl get imagescans

# and grab the sha256 digest and replace in the following example query:
insight image get \
  --digest sha256:06ba459dc32475871646f22c980d5db4335021d76e1693c8a87bf02aed8c1a3e \
  --format json

NOTE: You must have the Supply Chain Security Tools - Store prerequisites for the example to run successfully.

For a complete guide on how to query the store, see Querying Supply Chain Security Tools - Store.

check-circle-line exclamation-circle-line close-line
Scroll to top icon