Grype

From wikieduonline
Revision as of 10:05, 8 November 2024 by Welcome (talk | contribs)
Jump to navigation Jump to search

wikipedia:Grype is a vulnerability scanner for container images and filesystems from Anchore.

Pros:

  • Fast, lightweight, and easy to integrate
  • Comprehensive vulnerability database (from multiple sources)

Example

name: Grype Container Scan
on: [push]
jobs:
  grype_scan:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v2
      - name: Install Grype
        run: curl -sSL https://github.com/anchore/grype/releases/download/v0.64.0/grype-linux- amd64-v0.64.0.tar.gz | tar -xvzf - -C /usr/local/bin
      - name: Run Grype scan
        run: grype $Template:Github.repository:latest


Related

See also

{{

Advertising: