Difference between revisions of "Grype"
Jump to navigation
Jump to search
| Line 19: | Line 19: | ||
run: curl -sSL https://github.com/anchore/grype/releases/download/v0.64.0/grype-linux- amd64-v0.64.0.tar.gz | tar -xvzf - -C /usr/local/bin | run: curl -sSL https://github.com/anchore/grype/releases/download/v0.64.0/grype-linux- amd64-v0.64.0.tar.gz | tar -xvzf - -C /usr/local/bin | ||
- name: Run Grype scan | - name: Run Grype scan | ||
| − | run: grype ${{ github.repository }}:latest | + | run: grype ${{{ github.repository }}}:latest |
| − | |||
== Related == | == Related == | ||
Revision as of 10:05, 8 November 2024
wikipedia:Grype is a vulnerability scanner for container images and filesystems from Anchore.
Pros:
- Fast, lightweight, and easy to integrate
- Comprehensive vulnerability database (from multiple sources)
Example
name: Grype Container Scan
on: [push]
jobs:
grype_scan:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Install Grype
run: curl -sSL https://github.com/anchore/grype/releases/download/v0.64.0/grype-linux- amd64-v0.64.0.tar.gz | tar -xvzf - -C /usr/local/bin
- name: Run Grype scan
run: grype ${{{ github.repository }}}:latest
Related
See also
{{
Advertising:
