grype
No long description provided.
Installation
dagger install github.com/hampusctl/daggerverse/grype@6c23f05a146beb9759d5b04a72bb032dcc285a9dEntrypoint
Return Type
Grype !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| container | Container | - | container is an existing container to use instead of creating a new one |
| apkoFile | File | - | apkoFile is a custom Apko image file to import instead of using repository:tag |
| repository | String ! | "ghcr.io/anchore/grype" | repository is the Docker repository for the Grype image (default: ghcr.io/anchore/grype) |
| tag | String ! | "latest" | tag is the Docker tag for the Grype image (default: latest) |
| extraCaCerts | [File ! ] | - | extraCaCerts are additional CA certificate files to add to the container |
Example
dagger -m github.com/hampusctl/daggerverse/grype@6c23f05a146beb9759d5b04a72bb032dcc285a9d call \
--repository string --tag stringfunc (m *MyModule) Example(repository string, tag string) *dagger.Grype {
return dag.
Grype(repository, tag)
}@function
def example(repository: str, tag: str, ) -> dagger.Grype:
return (
dag.grype(repository, tag)
)@func()
example(repository: string, tag: string, ): Grype {
return dag
.grype(repository, tag)
}Types
Grype 🔗
Grype provides functionality for scanning SBOMs using Anchore Grype.
container() 🔗
Return Type
Container !Example
dagger -m github.com/hampusctl/daggerverse/grype@6c23f05a146beb9759d5b04a72bb032dcc285a9d call \
--repository string --tag string containerfunc (m *MyModule) Example(repository string, tag string) *dagger.Container {
return dag.
Grype(repository, tag).
Container()
}@function
def example(repository: str, tag: str, ) -> dagger.Container:
return (
dag.grype(repository, tag)
.container()
)@func()
example(repository: string, tag: string, ): Container {
return dag
.grype(repository, tag)
.container()
}scan() 🔗
ScanSbom runs a vulnerability scan from a provided SBOM file and returns a markdown report. The SBOM is mounted into the container and scanned, with results formatted as a markdown table.
Return Type
Directory !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| sbom | File ! | - | sbom is the SBOM file to scan (Syft JSON, CycloneDX, SPDX, etc.) |
| config | File | - | config is the Grype configuration file to use |
| template | File | - | template is the Go template file to use when outputFormat=template |
| failOnSeverity | String ! | "medium" | failOnSeverity is the severity level to fail on |
| extraArgs | [String ! ] | - | extraArgs are additional command-line arguments passed to 'grype' |
Example
dagger -m github.com/hampusctl/daggerverse/grype@6c23f05a146beb9759d5b04a72bb032dcc285a9d call \
--repository string --tag string scan --sbom file:path --fail-on-severity stringfunc (m *MyModule) Example(repository string, tag string, sbom *dagger.File, failOnSeverity string) *dagger.Directory {
return dag.
Grype(repository, tag).
Scan(sbom, failOnSeverity)
}@function
def example(repository: str, tag: str, sbom: dagger.File, fail_on_severity: str) -> dagger.Directory:
return (
dag.grype(repository, tag)
.scan(sbom, fail_on_severity)
)@func()
example(repository: string, tag: string, sbom: File, failOnSeverity: string): Directory {
return dag
.grype(repository, tag)
.scan(sbom, failOnSeverity)
}