Dockerfile scanning

[jghal]

Is your feature request related to a problem? Please describe.
I have projects with a Dockerfile used to package the software, but the IDE plugin only gives my vulnerabilities from the software dependencies.

Describe the solution you'd like to see
If a folder loaded in the workspace have a Dockerfile (or multiple, perhaps glob on Dockerfile.*) then the Dockerfile(s) should be scanned for FROM lines and those images should be scanned the same as if I use the jf docker scan command individually on each of them.

Describe alternatives you've considered
Manually running jf docker scan on each 3rd party image my Dockerfile depends on.

Additional context
Project directory has a Dockerfile

Add it to the JFrog Issues view with all the FROM images scanned

[yahavi]

@jghal, thanks for using the JFrog VS-Code extension.
You can scan your Docker images today using the JFrog Docker extension for Docker Desktop:

Read more about it here -
https://jfrog.com/solution-sheet/docker-desktop-extension-for-jfrog-xray/

Please let me know what you think.

[jghal]

We don't use Docker Desktop in my organization after the license changes made it non-free. Even if we were licensing Docker Desktop I would still want this feature, so that all the dependency vulnerabilities for my project are displayed and actionable in a single UI.