# Quickstart

This quickstart covers a minimal first scan in a local or lab environment.
It assumes container runtime access and a basic Docker or Kubernetes setup.

Prerequisites
- Linux host with container runtime and Compose or Kubernetes.
- Local PostgreSQL and Valkey or bundled containers.
- Sufficient disk for SBOM caches and bundles.

Baseline steps
1) Prepare configuration
- Set admin credentials and service endpoints.
- Use local or bundled database and cache for first run.

2) Start core services
- Bring up Authority, Scanner, Concelier, Policy, and UI services.
- Confirm health endpoints are ready.

3) Run first scan
- Authenticate CLI with Authority.
- Submit a scan for a known image or SBOM.

4) Verify results
- Open the Console to inspect findings and evidence.
- Export a DSSE bundle and verify signatures.

Offline and sovereign notes
- Offline kits bundle feeds, plugins, and config for sealed installs.
- Crypto profiles can be applied without rebuilding services.

Related references
- docs/quickstart.md
- docs/21_INSTALL_GUIDE.md
- docs/24_OFFLINE_KIT.md