jf docker scan does not support command option auth

[sean-hernon]

Describe the bug

The current docs suggest that command options can be used to configure the url and auth options for the xray server when scanning. https://docs.jfrog-applications.jfrog.io/jfrog-applications/jfrog-cli/cli-for-jfrog-security/authentication
https://docs.jfrog-applications.jfrog.io/jfrog-applications/jfrog-cli/cli-for-jfrog-security

These options work when running jf audit, but not jf docker scan, although the structure of the documentation seems to suggest it should work for both.

Current behavior

Output:

JFrog Xray URL must be provided in order run this command. Use the 'jf c add' command to set the Xray server details.

Reproduction steps

Command:

jf docker scan --url {my-server-url} --user {my-user} --password {my-password} {my-local-image}

Expected behavior

The jf docker scan command uses the provided url and credentials to run the scan; or, the documentation reflects that it only works when running the audit command.

JFrog CLI-Security version

1.0.5

JFrog CLI version (if applicable)

2.55.0

Operating system type and version

Version used by releases-docker.jfrog.io/jfrog/jfrog-cli-full-v2-jf:2.55.0

JFrog Xray version

No response

[gailazar300]

Dear @sean-hernon
Thank you for reporting this!
Credentials flags are not supported for 'jf docker scan' for now (you can see all supported flags for this command by running 'jf docker scan --help')
You can config your environment details by running 'jf c add' and use 'server-id' flag by running 'jf docker scan --server-id='.
We will consider adding the credentials flags to this command!

[sean-hernon]

Thank you @gailazar300

Yes true, I was aware that I can add a config to use first (this is what I am doing now, but it requires an extra one-time up-front step).

My point was more that the documentation now is misleading and suggests that the command already supports these options.