Quay, also known as Quay.io, is a container registry service that allows users to store, manage, and distribute container images. It is similar to other container registries like Docker Hub or Google Container Registry, but Quay offers some additional features and flexibility.

Usage of Quay in SSD

• SSD gets notified for every build run in a pipeline. To identify the image for every build, it connects to the Quay repo and pulls the newly built image.

• Once the image is pulled, it runs security scans on it. The scanned results are available in the Vulnerability Management page, and Artifact section of the DBOM page.

• SSD also collects metadata such as Artifact SHA to perform artifact integrity checks and ensure the security in the supply chain. This information gets populated in the DBOM page for audit purposes.

To Integrate Quay:

1. Navigate to Config > Integrations.

2. In the Source panel, click Quay.

3. The Quay integration page is displayed.

4. Click +New Account.

5. Enter the Account Name, Approved Artifact Repo name, Host Url, Username and Password as shown below:

   • Account Name - The name of the user docker account.

   • Approved Artifact Repo name - The name of the approved artifact repository from which the images are deployed. Security issues are raised by SSD if you try to deploy images from a different repository.

   • Host Url - The host Url link.

   • Username - The username to access the docker account.

   • Password - The password to access the docker account.

6. Click Save. The Quay account gets integrated in the artifact stage.

7. You can edit the entered values by clicking the three dots provided at the end of each added account. Click Edit.

8. Enter the new values and click Update.

The new values get updated.