Difference between revisions of "Grype"

From wikieduonline
Jump to navigation Jump to search
Line 6: Line 6:
 
* Fast, lightweight, and easy to integrate
 
* Fast, lightweight, and easy to integrate
 
* Comprehensive vulnerability database (from multiple sources)
 
* Comprehensive vulnerability database (from multiple sources)
 +
 +
== Example ==
 +
name: Grype Container Scan
 +
on: [push]
 +
jobs:
 +
  grype_scan:
 +
    runs-on: ubuntu-latest
 +
    steps:
 +
      - name: Checkout code
 +
        uses: actions/checkout@v2
 +
      - name: Install Grype
 +
        run: curl -sSL https://github.com/anchore/grype/releases/download/v0.64.0/grype-linux- amd64-v0.64.0.tar.gz | tar -xvzf - -C /usr/local/bin
 +
      - name: Run Grype scan
 +
        run: grype ${{ github.repository }}:latest
 +
  
 
== Related ==
 
== Related ==

Revision as of 10:05, 8 November 2024

wikipedia:Grype is a vulnerability scanner for container images and filesystems from Anchore.

Pros:

  • Fast, lightweight, and easy to integrate
  • Comprehensive vulnerability database (from multiple sources)

Example

name: Grype Container Scan
on: [push]
jobs:
  grype_scan:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v2
      - name: Install Grype
        run: curl -sSL https://github.com/anchore/grype/releases/download/v0.64.0/grype-linux- amd64-v0.64.0.tar.gz | tar -xvzf - -C /usr/local/bin
      - name: Run Grype scan
        run: grype $Template:Github.repository:latest


Related


See also

{{

Advertising: