You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Running the script ImageScanSummaryAssessmentGate.ps1. Providing the input parameters for the script - registryName, Repository, Tag we find no results found for a given Image Digest sha256:f271e74b17ced29b915d351685fd4644785c6d1559dd1f2d4189a5e851ef753a
Screenshot of the Image and Digest below
Microsoft-Defender-for-Cloud/Container Image Scan Vulnerability Assessment/Image Scan Automation Enrichment Security Gate> .\ImageScanSummaryAssessmentGate.ps1 -registryName myRegistry -repository library/alpine -tag 3.17.1
Extension 'resource-graph' is already installed.
Image Digest: sha256:f271e74b17ced29b915d351685fd4644785c6d1559dd1f2d4189a5e851ef753a
Query: securityresources
| where type == 'microsoft.security/assessments/subassessments'
| where id matches regex '(.+?)/providers/Microsoft.ContainerRegistry/registries/(.+)/providers/Microsoft.Security/assessments/dbd0cb49-b563-45e7-9724-889e799fa648/'
| extend registryResourceId = tostring(split(id, '/providers/Microsoft.Security/assessments/')[0])
| extend registryResourceName = tostring(split(registryResourceId, '/providers/Microsoft.ContainerRegistry/registries/')[1])
| extend imageDigest = tostring(properties.additionalData.imageDigest)
| extend repository = tostring(properties.additionalData.repositoryName)
| extend patchable = tobool(properties.additionalData.patchable)
| extend scanFindingSeverity = tostring(properties.status.severity), scanStatus = tostring(properties.status.code)
| summarize findingsCountOverAll = count(), scanFindingSeverityCount = countif(patchable or not(tobool(False))) by scanFindingSeverity, scanStatus, registryResourceId, registryResourceName, repository, imageDigest
| summarize findingsCountOverAll = sum(findingsCountOverAll), severitySummary = make_bag(pack(scanFindingSeverity, scanFindingSeverityCount)) by registryResourceId, registryResourceName, repository, imageDigest, scanStatus
| summarize findingsCountOverAll = sum(findingsCountOverAll) , scanReport = make_bag_if(pack('scanStatus', scanStatus, 'scanSummary', severitySummary), scanStatus != 'NotApplicable')by registryResourceId, registryResourceName, repository, imageDigest
| extend IsScanned = iif(findingsCountOverAll > 0, true, false)
| where imageDigest =~ 'sha256:f271e74b17ced29b915d351685fd4644785c6d1559dd1f2d4189a5e851ef753a' and repository =~ 'library/alpine' and registryResourceName =~ 'myRegistry'
No results for image library/alpine:3.17.1 yet ...
No results for image library/alpine:3.17.1 yet ...
Write-Error: No results were found for digest: sha256:f271e74b17ced29b915d351685fd4644785c6d1559dd1f2d4189a5e851ef753a after 3 retries!
To Reproduce
Steps to reproduce the behavior:
Git Clone the Microsoft-Defender-for-Cloud repository to computer
I have this exact same issue. Did you find a resolution?
My only guess was that my Registry does not have Defender for Cloud enabled on it. However, I can't figure out how to enable it because it's part of a Development subscription....
I got it working for a time with a Production instance of Defender for Cloud and a production Registry. However, lately, I have had issues with my build pipeline failing to find results even though manually running via PowerShell locally works fine. I am pulling settings from Azure Key Vault in both instances.
It's very frustrating to not be able to troubleshoot this and Defender for Cloud is very opaque in what it displays from the dashboard.
Describe the bug
Running the script ImageScanSummaryAssessmentGate.ps1. Providing the input parameters for the script - registryName, Repository, Tag we find no results found for a given Image Digest sha256:f271e74b17ced29b915d351685fd4644785c6d1559dd1f2d4189a5e851ef753a
Screenshot of the Image and Digest below
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Entering the registryName, repository and tag should confirm the image has been scanned as per the defined script inputs.
The text was updated successfully, but these errors were encountered: