I have docker image pushed to artifactory docker registry, JFrog XRay is up and running. I understand that to use XRay, it requires some build info passed to it (like buildName, buildNumber), which artifactory docker registry doesn't contain.
According to https://www.jfrog.com/confluence/display/JFROG/Scripted+Pipeline+Syntax#ScriptedPipelineSyntax-DockerBuildswithArtifactory I must have access to docker daemon (on jenkins agent itself or some other container). As far as I know running docker requires privileged access which is unsafe as it could compromise cluster security.
Is there any way to push docker build to XRay without docker daemon?
To scan a Docker with Xray you don't have to add the build-info. It is enough to define a Watch on the relevant Docker repository with the needed policies.
If you want to scan a Docker build as part of the build process, I suggest that you will contact JFrog Support and they will assist you with any relevant question.
Thanks, Ofir - trying to help with Xray :-)