Difference between revisions of "Grype"
Jump to navigation
Jump to search
(2 intermediate revisions by the same user not shown) | |||
Line 6: | Line 6: | ||
* Fast, lightweight, and easy to integrate | * Fast, lightweight, and easy to integrate | ||
* Comprehensive vulnerability database (from multiple sources) | * Comprehensive vulnerability database (from multiple sources) | ||
+ | |||
+ | == Example == | ||
+ | name: Grype Container Scan | ||
+ | on: [push] | ||
+ | jobs: | ||
+ | grype_scan: | ||
+ | runs-on: ubuntu-latest | ||
+ | steps: | ||
+ | - name: Checkout code | ||
+ | uses: actions/checkout@v2 | ||
+ | - name: Install Grype | ||
+ | run: curl -sSL https://github.com/anchore/grype/releases/download/v0.64.0/grype-linux- amd64-v0.64.0.tar.gz | tar -xvzf - -C /usr/local/bin | ||
+ | - name: Run Grype scan | ||
+ | run: grype ${{{ github.repository }}}:latest | ||
== Related == | == Related == | ||
Line 13: | Line 27: | ||
== See also == | == See also == | ||
− | {{ | + | * {{Container scan}} |
+ | |||
+ | [[Category:Security]] |
Latest revision as of 10:09, 8 November 2024
wikipedia:Grype is a vulnerability scanner for container images and filesystems from Anchore.
Pros:
- Fast, lightweight, and easy to integrate
- Comprehensive vulnerability database (from multiple sources)
Example[edit]
name: Grype Container Scan on: [push] jobs: grype_scan: runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v2 - name: Install Grype run: curl -sSL https://github.com/anchore/grype/releases/download/v0.64.0/grype-linux- amd64-v0.64.0.tar.gz | tar -xvzf - -C /usr/local/bin - name: Run Grype scan run: grype ${{{ github.repository }}}:latest
Related[edit]
See also[edit]
Advertising: