7

I am trying to run

docker scan <REPOSITORY>:<TAG>

but it fails with error

failed to get DockerScanID: bad status code "400 Bad Request"

notes:

  • I'm logged in to hub.docker.com
    enter image description here
  • I created a token in docker which I use in snyk.com

I probably miss something else... any clues? thanks

udo
  • 4,832
  • 4
  • 54
  • 82
  • Encountering the same message on ubuntu 20.04. Initially docker scan --version returned 0.8.0. I ran apt update and apt upgrade, which resulted in installation of docker scan plugin 0.9.0. I still get the same error. FWIW: My system runs behind a corporate proxy that performs SSL inspection. Could that be involved? – user2251060 Nov 21 '21 at 17:39
  • sorry. I don't know. I was able to fix as indicated in the answer. – udo Nov 21 '21 at 18:49

1 Answers1

15

you have to log in to snyk via the cli:

docker scan --login

then you have to enter the credentials in the browser. after that you are able to run

docker scan <REPOSITORY>:<TAG>

note: responding with a 400 error is a bit misleading. responding with a 401 or 403 (and maybe even saying you have to authenticate with "docker scan --login" would have made it more human readable :|

udo
  • 4,832
  • 4
  • 54
  • 82
  • 1
    I had tried these steps. I entered the URL given on the command line after running the docker scan --login but that same command also outputs "An unknown error occurred. Please run with `-d` and include full trace when reporting to Snyk". I try adding -d as directed and get an error that -d is an unknown shorthand flag. – user2251060 Nov 21 '21 at 17:44
  • that looks like a related error but definitely a differnt one. if you are unable to find a solution, maybe handle it directly with snyk support. – udo Nov 21 '21 at 18:54
  • Its weird why a simple if not logged: login() is not implemented there? definitely the "you have to log first" would be much human friendly :D – NicoKowe Nov 29 '21 at 20:49