Scanning and Publishing

PreviousBuilding a Multi-Arch Operator Image NextUpdating the Bundle Image

Last updated 3 years ago

Scanning and Publishing

Please note that it is no longer strictly required to scan every single architecture image individually when scanning a multi-arch container image. You may opt to scan only the multi-arch manifest list instead, but this will prevent the architectures from being listed properly on once published.

Each architecture-specific image for each component (operator or operand) must be scanned within the respective project and tagged according to the architecture. Take, for example an operator image named example-operator:v1.0.0 which has two associated architectures: one for Intel/AMD64 and another for IBM Z/s390x:

Both the amd64 and s390x images should be scanned separately in the Operator Controller project
Since the images can't share a tag name, they should be tagged according to the architecture.
The amd64 image could be tagged as v1.0.0-amd64 or simply left as v1.0.0, assuming it's already been published
Therefore, the Z/s390x image could be tagged as v1.0.0-s390x to distinguish it from the Intel/AMD64 image

Let's go through each of these steps to scan the s390x image for an externally-hosted operator controller.

If you don't have an operator image built for Z (s390x) or Power (ppc64le) Systems, please refer to .

First, login to as a Technology Partner by clicking Log in for technology partners on the left-side of the login page:

Select the operator project (not the bundle project) from the list of projects, and click the Images header to view the associated images. Click Scan new image and you should see the following prompt:

Enter the pull spec containing the sha256 digest (not the tag) of the specific image that you wish to scan, along with the destination repository name and tag:

Wait for the scan to complete. Once completed, Publish the image by clicking the chevron > on the left side and then click Publish beside the corresponding tag.

PreviousBuilding a Multi-Arch Operator Image NextUpdating the Bundle Image

Last updated 3 years ago

Both the amd64 and s390x images should be scanned separately in the Operator Controller project
Since the images can't share a tag name, they should be tagged according to the architecture.
The amd64 image could be tagged as v1.0.0-amd64 or simply left as v1.0.0, assuming it's already been published
Therefore, the Z/s390x image could be tagged as v1.0.0-s390x to distinguish it from the Intel/AMD64 image

Let's go through each of these steps to scan the s390x image for an externally-hosted operator controller.

If you don't have an operator image built for Z (s390x) or Power (ppc64le) Systems, please refer to .

First, login to as a Technology Partner by clicking Log in for technology partners on the left-side of the login page:

Go to your projects list by clicking the header drop down for Product Certification > Manage projects or via this :

Enter the pull spec containing the sha256 digest (not the tag) of the specific image that you wish to scan, along with the destination repository name and tag:

Wait for the scan to complete. Once completed, Publish the image by clicking the chevron > on the left side and then click Publish beside the corresponding tag.

Repeat the above steps for each architecture image (one image for each CPU architecture) that you wish to be listed in the under this particular project/listing. Then perform the same process for any other projects associated with the operator (excluding the bundle project).