docker scout recommendations

Description

The docker scout recommendations command display recommendations for base images updates. It analyzes the image and display recommendations to refresh or update the base image. For each recommendation it shows a list of benefits, such as fewer vulnerabilities or smaller image size.

If no image is specified, the most recently built image is used.

The following artifact types are supported:

• Images
• OCI layout directories
• Tarball archives, as created by docker save
• Local directory or file

By default, the tool expects an image reference, such as:

• redis
• curlimages/curl:7.87.0
• mcr.microsoft.com/dotnet/runtime:7.0

If the artifact you want to analyze is an OCI directory, a tarball archive, a local file or directory, or if you want to control from where the image will be resolved, you must prefix the reference with one of the following:

• image:// (default) use a local image, or fall back to a registry lookup
• local:// use an image from the local image store (don't do a registry lookup)
• registry:// use an image from a registry (don't use a local image)
• oci-dir:// use an OCI layout directory
• archive:// use a tarball archive, as created by docker save
• fs:// use a local directory or file

Options

Examples

Display base image update recommendations

$ docker scout recommendations golang:1.19.4

Display base image refresh only recommendations

$ docker scout recommendations --only-refresh golang:1.19.4

Display base image update only recommendations

$ docker scout recommendations --only-update golang:1.19.4