Sysdig LSP provides tools to integrate container security checks into your development workflow.
- Scans the runtime base image specified in your Dockerfile for vulnerabilities.
- Supports single-stage and multi-stage Dockerfiles (final runtime stage only).
- Displays actionable commands directly within the editor (e.g., initiating base image scans).
- Enables quick access to frequently performed actions.
- Builds and scans the entire final Dockerfile image used in production.
- Supports multi-stage Dockerfiles, analyzing final stage and explicitly copied artifacts from intermediate stages.
- Scans each Dockerfile layer individually for precise vulnerability identification.
- Supports detailed analysis in single-stage and multi-stage Dockerfiles.
See the linked documents for more details.