Merge pull request docker#10147 from KoryKessel-Docker/ENGDOCS-314-insert-overriding-vulnerability-page-DTR-2.5-docs

KoryKessel-Mirantis · web-flow · commit ee00863dea94 · 2020-01-15T18:54:24.000+01:00
Add Override a Vulnerability topic to DTR 2.5 docs.
diff --git a/_data/toc.yaml b/_data/toc.yaml
@@ -3435,6 +3435,8 @@ manuals:
               title: Delete images
             - path: /datacenter/dtr/2.5/guides/user/manage-images/scan-images-for-vulnerabilities/
               title: Scan images for vulnerabilities
+            - title: Override a vulnerability
+              path: /datacenter/dtr/2.5/guides/user/manage-images/override-a-vulnerability/
             - path: /datacenter/dtr/2.5/guides/user/manage-images/prevent-tags-from-being-overwritten/
               title: Prevent tags from being overwritten
             - sectiontitle: Sign images
diff --git a/datacenter/dtr/2.5/guides/images/override-vulnerability-2.png b/datacenter/dtr/2.5/guides/images/override-vulnerability-2.png
diff --git a/datacenter/dtr/2.5/guides/user/manage-images/override-a-vulnerability.md b/datacenter/dtr/2.5/guides/user/manage-images/override-a-vulnerability.md
@@ -0,0 +1,29 @@
+---
+title: Override a vulnerability
+description: Learn how to dismiss a vulnerability reported by the security
+  scanner, when you know it has been addressed
+keywords: registry, security scanner
+---
+
+DTR scans images for vulnerabilities. At times, however, it may report image vulnerabilities that you know have been fixed, and whenever that happens the warning can be dismissed.
+
+1. Access the DTR web interface.
+
+2. Click **Repositories** in the left-hand menu, and locate the repository that has been scanned.
+
+
+    ![](../../images/scan-images-for-vulns-3.png){: .with-border}
+
+3. Click **View details** to review the image scan results, and select **Components** to see the vulnerabilities for each component packaged in the image.
+
+4. Select the component with the vulnerability you want to ignore, navigate to the vulnerability, and click **hide**.
+
+    ![Vulnerability list](../../images/override-vulnerability-2.png){: .with-border}
+
+    Once dismissed, the vulnerability is hidden system-wide and will no longer be reported as a vulnerability on affected images with the same layer IDs or digests. In addition, DTR will not reevaluate the promotion policies that have been set up for the repository.
+
+    If after hiding a particular vulnerability you want the promotion policy for the image to be reevaluated, click **Promote**.
+
+## Where to go next
+
+* [Scan images for vulnerabilities](scan-images-for-vulnerabilities.md)
