Difference between revisions of "Grype"

From wikieduonline
Jump to navigation Jump to search
 
(2 intermediate revisions by the same user not shown)
Line 6: Line 6:
 
* Fast, lightweight, and easy to integrate
 
* Fast, lightweight, and easy to integrate
 
* Comprehensive vulnerability database (from multiple sources)
 
* Comprehensive vulnerability database (from multiple sources)
 +
 +
== Example ==
 +
name: Grype Container Scan
 +
on: [push]
 +
jobs:
 +
  grype_scan:
 +
    runs-on: ubuntu-latest
 +
    steps:
 +
      - name: Checkout code
 +
        uses: actions/checkout@v2
 +
      - name: Install Grype
 +
        run: curl -sSL https://github.com/anchore/grype/releases/download/v0.64.0/grype-linux- amd64-v0.64.0.tar.gz | tar -xvzf - -C /usr/local/bin
 +
      - name: Run Grype scan
 +
        run: grype ${{{ github.repository }}}:latest
  
 
== Related ==
 
== Related ==
Line 13: Line 27:
  
 
== See also ==
 
== See also ==
{{
+
* {{Container scan}}
 +
 
 +
[[Category:Security]]

Latest revision as of 10:09, 8 November 2024

wikipedia:Grype is a vulnerability scanner for container images and filesystems from Anchore.

Pros:

  • Fast, lightweight, and easy to integrate
  • Comprehensive vulnerability database (from multiple sources)

Example[edit]

name: Grype Container Scan
on: [push]
jobs:
  grype_scan:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v2
      - name: Install Grype
        run: curl -sSL https://github.com/anchore/grype/releases/download/v0.64.0/grype-linux- amd64-v0.64.0.tar.gz | tar -xvzf - -C /usr/local/bin
      - name: Run Grype scan
        run: grype ${{{ github.repository }}}:latest

Related[edit]


See also[edit]

Advertising: