Skip to main content

Azure Container Registry (ACR) Integration

Notice

COMING SOON

This integration is not yet available on production environments.

Checkmarx One provides an integration with Azure Container Registry (ACR), enabling you to automatically pull images from your private Azure registry and scan them using the Checkmarx One Container Security scanner. We provide a convenient wizard on the Checkmarx One Integrations page that enables you to submit your Azure credentials and create the integration.

Prerequisites

Limitations

  • The integration is not effective for scans run via the Checkmarx One CLI tool or associated plugins.

Setting up an Integration

To set up a GitHub Private Registry Integration:

  1. Open the Integrations Integrations.png page.

  2. Click on the ACR tile under Private Registries for Containers, then click Start.

    The Azure Private Registry Integration wizard opens on the right side of the screen.

    Image_2141.png

  3. Name Your Account and optionally fill in the Description and Associate Tags fields, then click Next.

  4. Under Username enter Service Principal App (Client) ID or for token based permissions enter your username.

    Image_2142.png

  5. In the API Key field, enter your Service Principal Password (Client Secret) or for token based permission enter your fine grained access scope token.

  6. In the URL field, enter the URL for your Azure account using the format https://<azure_registry_name>.azurecr.io.

  7. Click Add Account.

Monitoring Integration Status

You can monitor the status of your GitHub integrations to see whether or not the integration is connected. Possible statuses are:

  • Pending - The integration was just set up and hasn't connected yet.

  • Connected - The integration is running and you are able to scan images in your GitHub registry.

  • Disconnected - Checkmarx One is not currently able to access your private GitHub registry.

To monitor the integration status:

  1. Go to Integrations Integrations.png > Inventory tab, and select Runtime & Cloud.

  2. Check the Status column for each of your integrations.

In this section: