MDSSC Scanner Docker Container
The MDSSC Scanner is a lightweight Docker container that enables you to scan files and directories remotely using the MetaDefender Software Supply Chain (MDSSC) API, without requiring UI access.
This makes it ideal for CI/CD pipelines, automated scanning, and command-line workflows.
Prerequisites
- Docker installed and running
- MDSSC server URL
- MDSSC API key (see Configuring an API Key)
- Docker image:
opswat/mdssc-scanner:latest
Quick Start
Scan a Single File
x
FILE="package-lock.json" docker run --rm \ -e MDSSC_SERVER="your-mdssc-url" \ -e MDSSC_API_KEY="your-api-key" \ -v $(pwd)/$FILE:/scan/$FILE \ opswat/mdssc-scanner \ /scan/$FILE- API Key Security: Never commit API keys to version control. Use environment variables or secret management systems in CI/CD pipelines.
- File Size Limits: Large files may take longer to scan. Adjust
SCAN_TIMEOUTaccordingly. - Network Access: The container requires network access to communicate with your MDSSC server.
Scan all files in a directory
DIR="project-folder"docker run --rm \ -e MDSSC_SERVER="your-mdssc-url" \ -e MDSSC_API_KEY="your-api-key" \ -v $(pwd)/$DIR:/scan \ opswat/mdssc-scanner:latestEnvironment Variables
| Variable | Required | Default | Description |
|---|---|---|---|
MDSSC_SERVER | Yes | - | Your MDSSC server URL
(e.g., https://mdssc.com ) |
MDSSC_API_KEY | Yes | - | API key for authentication |
WORKFLOW_ID | No | - | Specific workflow ID to use for scanning |
SCAN_TIMEOUT | No | 300 | Maximum time to wait for scan completion (seconds) |
POLL_INTERVAL | No | 5 | Interval between status checks (seconds) |
FAIL_ON_VULNERABILITIES | No | false | Exit with error code 2 if vulnerabilities found |
VULNERABILITY_THRESHOLD | No | high | Minimum severity to fail on:critical , high , medium, low |
Was this page helpful?
