🔐Secure Image Push & Docker Scout Analysis for Spring Boot Apps ( part 5 )

ABHISHEK WAGHMAREABHISHEK WAGHMARE
4 min read

📝 Introduction

Welcome to Part 5 of our Docker series! Now that our Spring Boot Banking App with MySQL runs using Docker Compose, it's time to:

• Push your Docker image to Docker Hub securely with a PAT (Personal Access Token)

• Scan the image with Docker Scout for vulnerabilities and best practices.

🎯 What You'll Learn

• Why and how to use a Docker Hub PAT

• Step-by-step guide to push images to Docker Hub

• Use Docker Scout CLI to analyze your image for security

📤 Push to Docker Hub ( With PAT method )

🧰 Why use PAT?

Docker Hub deprecated password login via CLI — using a PAT is now the secure & recommended method.

✅ Step-by-Step: Push Docker Image with Docker Hub PAT

🔐 1. Generate a Personal Access Token ( PAT )

  1. Go to Docker Hub

    https://hub.docker.com

    ✅ Create Docker Hub Account (if not already)

  2. Log in → Click on your profile (top-right) → Account Settings

  3. Go to SecurityNew Access Token

  4. Give it a name like cli``-push-token

  5. Set permissions: choose Read/Write/Delete

  6. Click Generate

  7. 🔑 Copy the token (you won’t see it again!)

✅ 2. Login to Docker Hub from CLI

Enter your Docker Hub username and password when prompted.

docker login -u heyitsmeabhishek
# paste PAT when prompted

✅ 3. Tag Your Local Image

You must tag your local Docker image with your Docker Hub username and desired repository name.

docker tag <local-image-name> <dockerhub-username>/<repo-name>:<tag>

🧪 Example:

docker tag bankapp heyitsmeabhishek/bankapp

✅ 4. Push the Tagged Image to Docker Hub

docker push heyitsmeabhishek/bankapp

📦 It uploads your image layers to Docker Hub.

✅ 5. Verify on Docker Hub

Go to your Docker Hub profile → You should see the image under Repositories.

✅ Now your app is available publicly – others can pull and run it without any code:

docker run -d -p 8080:8080 heyitsmeabhishek/bankapp

🧠 Docker Scout: What & Why?

✅ Definition:

Docker Scout is a security and compliance tool designed to analyze Docker images for vulnerabilities, outdated dependencies, and best practice violations.

It helps developers and DevOps teams maintain secure and optimized containerized applications.

🎯 Use Case: helps DevOps teams secure apps before pushing to production.

How Docker Scout Works

  1. Image Analysis

    • When an image is built or pulled, Docker Scout extracts metadata (OS packages, language dependencies).

    • Compares components against vulnerability databases.

  2. Risk Assessment

    • Assigns a risk score based on vulnerabilities.

    • Highlights critical issues that need immediate attention.

  3. Reporting & Alerts

    • Provides a dashboard (in Docker Desktop or web UI).

    • Can send notifications (Slack, email) for new vulnerabilities.

How to Use Docker Scout

1. Scan an Image via CLI

docker scout quickview heyitsmeabhishek/bankapp
  • Shows a summary of vulnerabilities.

2. Generate a Detailed Report

docker scout cves heyitsmeabhishek/bankapp
  • Lists all CVEs with severity levels.
docker scout recommendations heyitsmeabhishek/bankapp

📊 Sample Scan Results:

1. heyitsmeabhishek/bankapp:latest

6C : 6 Critical Issue

 23H : 23 High Risk

 18M : 18 Medium Risk

2L : 2 Low Risk 

🧘Dont worry this type of risk is typically addressed by DevSecOps [ Development, Security and Operations] teams.

🧹Bonus commands:

Clean Up Docker

📋 List all image IDs:

docker images -aq

🗑️ Remove all images:

docker rmi -f $(docker images -aq)

📋 List containers:

docker ps -aq

🗑️ Delete all containers:

docker rm -vf $(docker ps -aq)

📂 File Names & Extensions:

LanguageFile TypeTool
Python.pypip
Node.jspackage.jsonnpm
Spring Bootpom.xmlMaven

🎯 Conclusion: You're Now Deployment-Ready!

Congrats! 🎉 You’ve:

  • Securely push Docker images to Docker Hub using Personal Access Tokens (PATs) instead of passwords.

  • Tag and publish your Spring Boot app so others can use it.

  • Scan for vulnerabilities using Docker Scout, ensuring your container is secure before deployment.

  • Clean up Docker resources to manage disk space efficiently.

👏 You’ve now completed the entire Docker workflow: from coding to secure deployment.

🚀 Your Dockerized apps are now functional, secure, and ready for production!

🔜 Coming Soon in Part 6: Docker Build Packs—faster, smarter, and cloud-native builds!

Now, your Dockerized apps are not just functional but also secure, shareable, and scalable! 🎉

0
Subscribe to my newsletter

Read articles from ABHISHEK WAGHMARE directly inside your inbox. Subscribe to the newsletter, and don't miss out.

DevopsDeveloperDevOps JourneyDevops articlesDockerLinuxBeginner DevelopersSecuritysoftware developmentAWSdocker imagesDocker compose#90daysofdevopsUbuntulearning

Written by

ABHISHEK WAGHMARE
ABHISHEK WAGHMARE

An Introduction To DevOps: Where Development And Operations Meet 🔍 My DevOps learner journey has been inspired by a true passion for continual personal development and a genuine curiosity for cloud and automation technologies. With the practice of engaging in numerous online coursework and community threads, I have built a growing comprehension of what is necessary for everyday life in the tools offered from Docker, Jenkins, and Kubernetes, which are mandatories in the IT Society. 🛠 What sets me apart? A commitment to practical application. Through personal projects, I actively implement my learning to solve real-world problems, gaining hands-on experience. This proactive approach helps me not only understand technologies at a surface level but to deeply integrate them into effective solutions. My ultimate goal? To merge innovative DevOps practices with business objectives to streamline operations and boost productivity in any tech landscape. I am eager to bring my fresh perspective and evolving expertise to a vibrant team, where continuous learning is intertwined with company growth. 📨 Let’s connect and explore how we can drive progress together in the fascinating world of DevOps!