Difference between revisions of "Grype"

From wikieduonline
Jump to navigation Jump to search
 
(One intermediate revision by the same user not shown)
Line 19: Line 19:
 
         run: curl -sSL https://github.com/anchore/grype/releases/download/v0.64.0/grype-linux- amd64-v0.64.0.tar.gz | tar -xvzf - -C /usr/local/bin
 
         run: curl -sSL https://github.com/anchore/grype/releases/download/v0.64.0/grype-linux- amd64-v0.64.0.tar.gz | tar -xvzf - -C /usr/local/bin
 
       - name: Run Grype scan
 
       - name: Run Grype scan
         run: grype ${{ github.repository }}:latest
+
         run: grype ${{{ github.repository }}}:latest
 
 
  
 
== Related ==
 
== Related ==
Line 28: Line 27:
  
 
== See also ==
 
== See also ==
{{
+
* {{Container scan}}
 +
 
 +
[[Category:Security]]

Latest revision as of 10:09, 8 November 2024

wikipedia:Grype is a vulnerability scanner for container images and filesystems from Anchore.

Pros:

  • Fast, lightweight, and easy to integrate
  • Comprehensive vulnerability database (from multiple sources)

Example[edit]

name: Grype Container Scan
on: [push]
jobs:
  grype_scan:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v2
      - name: Install Grype
        run: curl -sSL https://github.com/anchore/grype/releases/download/v0.64.0/grype-linux- amd64-v0.64.0.tar.gz | tar -xvzf - -C /usr/local/bin
      - name: Run Grype scan
        run: grype ${{{ github.repository }}}:latest

Related[edit]


See also[edit]

Advertising: