> ## Documentation Index
> Fetch the complete documentation index at: https://docs.backline.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Image to Code Mapping

> Map container images to source code to enable remediation for image vulnerabilities

## Action Required: Map Container Images to Source Code

### Why You're Seeing "Action Required"

If you're seeing **Action Required** on an image vulnerability, it means:

Backline detected a vulnerability in a container image, but cannot yet determine **where that image is built in your codebase**.

To safely remediate image vulnerabilities, Backline needs build context:

* Which **repository** builds the image
* Which **Dockerfile** produces it

If this information cannot be determined automatically, Backline will ask you to provide it once.

<Tip>
  You only need to map an image once. Backline automatically applies the mapping to all related vulnerabilities.
</Tip>

## When Backline Maps Images Automatically

In many cases, you won't need to do anything.

If an image includes explicit build metadata — such as repository or Dockerfile references embedded in tags or labels — Backline can automatically assign the image to code.

For example, Backline may automatically map when:

* Image tags include repository identifiers
* Image labels reference build source or Dockerfile location
* Build pipelines embed source metadata into the image

When automatic mapping succeeds, vulnerabilities move directly into remediation workflows with no user action required.

## What Happens After You Complete This Action

When you assign the image to its repository and Dockerfile:

✅ All vulnerabilities from that image are updated <br />
✅ Vulnerabilities move into remediation workflows <br />
✅ Backline can begin fix analysis and remediation planning <br />
✅ Future scans of the same image automatically inherit the mapping <br />

This removes one of the most common blockers between detection and remediation for container security.

## Why Backline Requires This Mapping

Security scanners detect vulnerabilities in **images**. <br />
Remediation happens in **code**.

Without knowing where an image is built, Backline cannot safely:

* Identify the correct dependency to upgrade
* Open remediation pull requests
* Validate fixes against the correct build pipeline

**Image → Code Mapping** connects runtime security findings to real developer workflows.

## When This Is Required

Backline will request mapping only when:

* An image vulnerability is detected
* Repository or Dockerfile information is missing
* Backline cannot determine mapping automatically
* Remediation cannot proceed safely without build context

When this happens, the vulnerability status is set to: <br /> **Pending Action**.

## How Image → Code Mapping Works

<Steps>
  <Step title="Backline Attempts Automatic Mapping">
    During image scan ingestion, Backline attempts to detect mapping from:

    * Image tags
    * Image labels
    * Embedded build metadata

    If mapping is found → vulnerabilities move directly to remediation.
    If mapping is not found → the vulnerability is marked **Pending Action**.
  </Step>

  <Step title="Backline Notifies You (Only If Needed)">
    You will see:

    * **Action Required** button on the vulnerability card
    * Optional Slack reminders (if Slack integration is enabled)
  </Step>

  <Step title="You Assign Image → Code">
    You select:

    1. Repository
    2. Dockerfile

    Backline then applies this mapping to all vulnerabilities for that image digest.
  </Step>

  <Step title="Backline Enables Remediation">
    After mapping is saved, vulnerabilities move from: <br /> **Pending Action** → **Pending Remediation**.

    From here, Backline can begin analysis and remediation workflows.
  </Step>
</Steps>

### What Backline Updates Automatically

When mapping is saved, Backline:

✅ Sets repository and Dockerfile for all matching vulnerabilities <br />
✅ Applies mapping across the entire image digest <br />
✅ Moves eligible vulnerabilities into the remediation pipeline

## User Experience Walkthrough

### Vulnerability Card

When mapping is required, you will see:

**Action Required** <br />
*Select the repository and Dockerfile that build this image to enable remediation.*

Clicking opens the mapping workflow.

### Assign Image to Code Workflow

<Steps>
  <Step title="Select Repository">
    * Searchable list of connected repositories
    * Shows full repo name (for example: `org/service-api`)
  </Step>

  <Step title="Select Dockerfile">
    * Dockerfiles automatically discovered in the repository
    * Optional manual entry if needed
  </Step>
</Steps>

### Save Confirmation

Backline confirms mapping and shows how many vulnerabilities were updated.

### Slack Notifications

If Slack integration is enabled, Backline can send reminders when action is required.

**Example Slack notification:**

<Card>
  🔔 Action required: Pending actions are waiting for you in Backline <br />
  👉 Review now
</Card>

## Related Documentation

<CardGroup cols={2}>
  <Card title="Vulnerabilities Overview" icon="bug" href="/get-started/vulnerabilities/overview">
    Learn about the vulnerability dashboard and filtering
  </Card>

  <Card title="Remediations" icon="wrench" href="/get-started/remediations/overview">
    Understand how remediations work in Backline
  </Card>

  <Card title="Slack Integration" icon="slack" href="/integrations/slack">
    Set up Slack notifications for your team
  </Card>

  <Card title="Container Registries" icon="docker" href="/integrations/ecr">
    Connect your container registries to Backline
  </Card>
</CardGroup>