All Collections
Setting up Docker container scanning
Container scanning for Github Container Registry
Container scanning for Github Container Registry
Aaron Lison avatar
Written by Aaron Lison
Updated over a week ago

You can now integrate your Github Container Registry with Aikido to scan your containers for known vulnerabilities.

Follow the simple steps below to activate this feature:

Step 1: Log into your Github account to gather some data.

We'll have to gather your username (see screenshot)

Step 2: Copy the organisation name where the container registry resides. This is visible in the github-url (see screenshot)

Step 3: Under profile settings, developer settings, Personal access tokens, Tokens (classic), generate a new classic token for Aikido

(direct link: https://github.com/settings/tokens).

the scope includes: read:packages

Step 4: Enter the collected data in Aikido (direct link: https://app.aikido.dev/settings/container-image-registry/add/github)

Step 5: Aikido will now find all container repositories you can access and list them.

Step 6: Repositories can be linked to a code repository in order to perform better deduplication of findings. This step is optional!

Step 7: In the action menu next to the registry, click 'scan repos in registry' to get started. Results will appear in the Feed!

Set Up GitHub Container Registry Scanning

Discover Integration Details

Related Articles
Container scanning for Gitlab Container Registry
Container scanning for DigitalOcean Container Registry
Container scanning for Gitlab Self Managed Container Registry
Container scanning for Scaleway Container Registry
Container scanning for Cloudsmith Container Registry
Did this answer your question?