Secure, Container-Based CI/CD Workflows

Anchore integrates seamlessly with CI/CD systems to deliver efficient security and compliance.

Using Anchore in a Container Based CI/CD Workflow

Build

New code is committed and pushed, triggering the CI/CD system to build a new container image

Analyze

As part of the build pipeline, Anchore analyzes the image and creates a software container bill of materials

Evaluate

Policy evaluation is performed and results are returned to the CI/CD system for action.

Report

If policy checks are not successfully passed, the image will not continue through the build pipeline.

Anchore Supported CI/CD Systems

Cloudbees

GitHub

Gitlab

Integrate with Anchore and Gitlab

CircleCI

CodeFresh

How Anchore Works With CI/CD Systems

A developer commits code into the source code management system. This change triggers your CI/CD system to start a build which creates a container image. In the typical workflow this container image is then run through automated testing. If an image does not meet your organization’s requirements for security or compliance, the build can be failed, returning the appropriate reports back to the developer to allow the issue to be addressed and avoid unnecessary next steps until tests are passed.

Anchore Process With CI/CD Systems

How To Get Started

Try our Anchore open source tools today or request a trial of Anchore Enterprise

Try Anchore Open Source

Get started with Anchore right away by using our open source tools Syft and Grype

Try Anchore Enterprise

Request a trial of Anchore Enterprise container security and compliance platform