CI Image Scanning
Sttor Containers scans images during CI (typically on pull_request and/or push workflows):
What It Does in CI
- Pull/build an image to scan
- Detect vulnerabilities (with severity summaries)
- Detect secrets in images
- Generate an SBOM summary
- Optionally send results to backend (dashboard + audit trail)
- Enforce policy gates by exiting with failure when thresholds are hit GitHub
Where It Runs
- In the GitHub Actions runner environment (no special runner required). GitHub