Difference between revisions of "Grype"
Jump to navigation
Jump to search
(Created page with "* https://github.com/anchore/grype {{") |
|||
| (9 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| + | [[wikipedia:Grype]] is a [[vulnerability scanner]] for container images and filesystems from [[Anchore]]. | ||
| + | |||
* https://github.com/anchore/grype | * https://github.com/anchore/grype | ||
| + | Pros: | ||
| + | * Fast, lightweight, and easy to integrate | ||
| + | * Comprehensive vulnerability database (from multiple sources) | ||
| + | |||
| + | == Example == | ||
| + | name: Grype Container Scan | ||
| + | on: [push] | ||
| + | jobs: | ||
| + | grype_scan: | ||
| + | runs-on: ubuntu-latest | ||
| + | steps: | ||
| + | - name: Checkout code | ||
| + | uses: actions/checkout@v2 | ||
| + | - name: Install Grype | ||
| + | run: curl -sSL https://github.com/anchore/grype/releases/download/v0.64.0/grype-linux- amd64-v0.64.0.tar.gz | tar -xvzf - -C /usr/local/bin | ||
| + | - name: Run Grype scan | ||
| + | run: grype ${{{ github.repository }}}:latest | ||
| + | |||
| + | == Related == | ||
| + | * [[Dependabot]] | ||
| + | == See also == | ||
| + | * {{Container scan}} | ||
| − | + | [[Category:Security]] | |
Latest revision as of 10:09, 8 November 2024
wikipedia:Grype is a vulnerability scanner for container images and filesystems from Anchore.
Pros:
- Fast, lightweight, and easy to integrate
- Comprehensive vulnerability database (from multiple sources)
Example[edit]
name: Grype Container Scan
on: [push]
jobs:
grype_scan:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Install Grype
run: curl -sSL https://github.com/anchore/grype/releases/download/v0.64.0/grype-linux- amd64-v0.64.0.tar.gz | tar -xvzf - -C /usr/local/bin
- name: Run Grype scan
run: grype ${{{ github.repository }}}:latest
Related[edit]
See also[edit]
Advertising:
