Meterian
  • Meterian
    • The Platform
    • SSO and MFA
    • Support
  • Codebase scanner
    • The Thin Client
      • How does the client work?
      • How does the client authenticate me?
      • How do I get the client?
      • What if I need a previous release?
      • Use the thin client on Windows
    • Using the client from your command line
      • Authorization in interactive mode
      • Interrupting the client
      • Example: running the client in interactive mode
    • Using the client in your CI/CD pipeline
      • Authorization in non-interactive mode
      • Providing the project branch
      • Concurrent mode
      • Two phases build
      • Controlling the exit code
      • Example: running the client in non-interactive mode
    • General operations
      • Running the analysis remotely
      • Interrupting the client
      • Generating a report
      • Forcing or avoiding specific scans
      • Excluding (and including) specific folders
      • Connecting through a proxy
    • System requirements
    • Command line parameters
      • General configuration
      • Overriding scores
      • Overriding scopes
      • Producing reports
      • Selecting scanners
      • Defining projects
      • Advanced options
        • Autofix
        • Pull Requests
      • System information
      • Specific controls
        • Maven specific controls
        • Dotnet specific controls
        • Npm/Yarn specific controls
        • Gradle specific controls
        • Ant/Ivy specific controls
    • The Dockerized Client
      • Basic usage
      • Advanced usage
        • Invoking via Docker
        • Platform-specific images
        • Usage on a CI/CD platform
        • Disable the client auto-update
      • Troubleshooting
        • Client auto update failure
        • Docker specifics
    • How scores work
    • Guide: your first scan!
      • Your first scan (java thin client)
      • Your first scan (dockerized client)
      • Your first scan (GitHub Action)
  • Scan behaviour matrix
  • THE METERIAN DASHBOARD
    • The Web Dashboard
      • Projects
      • Insights
      • Tokens
      • Badges
      • Policies
      • Tags
      • Teams
      • Configuration
        • Automatic Temporary Branches Clean-up
    • Advanced functionalities
      • Safe versions
      • Software Bill Of Materials (SBOM)
      • Auto-grouping
        • Domain auto-grouping
        • Github auto-grouping
      • How to set a vulnerability exclusion
        • From the report page
        • From the dashboard
        • The .meterian file
        • Generate the .meterian file
    • Troubleshooting
      • Login with credentials
  • Notifications
    • Sentinel
      • Notifications for Slack
      • Notifications for Email
    • Allerta
  • Github Badges
    • Introduction
    • Public repository
    • Private repository
  • ONLINE INTEGRATIONS
    • Introduction
    • GitHub Action
      • Using the Thin Client
      • Code scanning
    • Bitbucket Pipe
    • Azure DevOps Pipelines
  • Languages support
    • Introduction
    • C/C++
    • Clojure
    • Dart / Flutter
    • Elixir (erlang)
    • Golang
    • Java/Kotlin/Scala
      • Scanning EAR or WAR files
    • Javascript
    • .NET
      • Scanning DLLs
    • NodeJS
    • Perl
    • PHP
    • Python
    • R
    • Ruby
    • Rust
    • Swift / Objective-C
    • Generic (third party)
  • Special platfoms
  • Unity Packages
  • Jupyter Notebooks
    • License detection
  • Yocto license manifests
  • Container scanner
    • Container Scanner
      • Introduction
      • General usage
      • Command line parameters
        • General configuration
        • Overriding scores
        • Producing reports
        • Defining projects
        • Advanced Options
        • System information
      • How to set a vulnerability exclusion
  • IaC SCANNER
    • Introduction
    • General usage
    • Command line parameters
      • Producing reports
      • Defining projects
    • Policy management page
    • How to set a vulnerability exclusion
  • CI INTEGRATIONS
    • Introduction
    • AWS CodeBuild
    • Azure DevOps
      • Using the Docker image
      • Using the Java Thin client
    • Bamboo
    • Bitrise
    • CircleCI
    • CodeShip
    • Concourse CI
    • Generic CI
    • GitLab CI/CD
      • Docker-in-Docker configuration
      • Meterian Docker image configuration
      • Non-Meterian Docker image configuration
    • Jenkins
      • Pipeline
    • TeamCity
    • TravisCI
  • DevOps Integrations
    • GitLab Ultimate
    • SonarQube
      • Compatibility
      • Download and installation
      • Plugin properties
      • Usage
      • Report page
  • Management Platforms
    • Threadfix
    • DefectDojo
      • Uploading from a CI
    • Armorcode
    • Jira
  • Dedicated Instance
    • Introduction
    • On Cloud (MC/CC)
    • On Premises (OP)
      • Requirements and install
      • Managing the system
        • Admin dashboard
        • Managing your license
        • Managing accounts
    • Using the scanners
      • Thin client
      • Dockerized client
      • Container Scanner
      • IaC Scanner
  • Meterian API
  • API basics
  • Authorizing the APIs
  • Account APIs
    • Knowing your account
    • Listing your projects
  • Samples
  • Guides
    • Managing teams and members
    • Generating reports via APIs
Powered by GitBook
On this page

Was this helpful?

  1. Container scanner
  2. Container Scanner

Command line parameters

--help Displays a brief help page and exits (with code 0), like shown here:

usage: [command] DOCKER_IMAGE_NAME [OPTIONS] i.e.
./docker-scan.sh redis:latest [--min-score=95]

OPTIONS:
    --debug                     Display the DEBUG logs
    --fail-gracefully           The system will fail gracefully in case of network errors
    --help                      Displays this help and exits(0)
    --ignore-exclusions         force scan to ignore exclusions sourced from a .meterian file or a .trivyignore file
    --info                      Display the INFO logs
    --min-licensing=<SCORE>     Specifies the minimum licensing level to pass the build (default: --min-licensing=95 or as set in the account)
    --min-security=<SCORE>      Specifies the minimum security level to pass the build (default: --min-security=90 or as set in the account)
    --min-stability=<SCORE>     Specifies the minimum stability level to pass the build (default: --min-stability=80 or as set in the account)
    --project-branch=<BRANCH>   Specifies project branch, by default the tag of the image is used (example: --project-branch=latest)
    --project-commit=<COMMIT>   Specifies project commit, by default the digest of the image is used (example: --project-commit=9460cabbf623945495e6108c9d1979a9e7b5d8e7)
    --project-tags=<TAGS>       Allows to add a set of user defined tags (comme separated) to the project (example: --project-tags=production,platform)
    --project-url=<URL>         Specifies project url, by default the repository name of the image is used (example: --project-url=registry.redhat.io/openshift3/ose-pod)
    --report-console            Ouputs the scan report on the console (default: color if not specified - options color|nocolor|security|stability|licensing) (example: --report-console=nocolor,security)
    --report-json=<FILENAME>    Produces an JSON report file (example: --report-json=report.json)
    --report-junit=<FILENAME>   Produces a JUNIT XML report file (example: --report-junit=report.xml)
    --report-pdf=<FILENAME>     Produces an PDF report file (example: --report-pdf=report.pdf)
    --report-sbom=<FILENAME>    Produces a Software Bill Of Meterials report file, format can be specified (see the doc)  (example: --report-sbom=sbom.csv)
    --report-tree               Produces a dependency tree, optionally on file where format can be specified (txt/json) (example: --report-tree=tree.txt)
    --tpn                       Displays the third party notice for this application and exits(0)
    --version                   Show the version

Please refer to the following subsections for further information.

PreviousGeneral usageNextGeneral configuration

Last updated 2 years ago

Was this helpful?