grype
Scan a container image using Grype
Installation
dagger install github.com/opopops/daggerverse/grype@v1.7.0Entrypoint
Return Type
Grype !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| image | String ! | "cgr.dev/chainguard/wolfi-base:latest" | wolfi-base image |
| version | String ! | "latest" | Grype version |
| user | String ! | "65532" | Image user |
| dockerConfig | File | null | Docker config file |
| container | Container | null | No description provided |
Example
dagger -m github.com/opopops/daggerverse/grype@da1fc9b1eb454de426830a4c59eeb433c4c53e4a call \
--image string --version string --user stringfunc (m *MyModule) Example(image string, version string, user string) *dagger.Grype {
return dag.
Grype(image, version, user)
}@function
def example(image: str, version: str, user: str, ) -> dagger.Grype:
return (
dag.grype(image, version, user)
)@func()
example(image: string, version: string, user: string, ): Grype {
return dag
.grype(image, version, user)
}Types
Grype 🔗
Grype CLI
container() 🔗
Returns configured grype container
Return Type
Container ! Example
dagger -m github.com/opopops/daggerverse/grype@da1fc9b1eb454de426830a4c59eeb433c4c53e4a call \
--image string --version string --user string containerfunc (m *MyModule) Example(image string, version string, user string) *dagger.Container {
return dag.
Grype(image, version, user).
Container()
}@function
def example(image: str, version: str, user: str, ) -> dagger.Container:
return (
dag.grype(image, version, user)
.container()
)@func()
example(image: string, version: string, user: string, ): Container {
return dag
.grype(image, version, user)
.container()
}scan() 🔗
Scan
Return Type
File !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| source | String ! | - | Source to scan |
| severityCutoff | String ! | "" | Specify the minimum vulnerability severity to trigger an “error” level ACS result |
| fail | Boolean ! | true | Set to false to avoid failing based on severity-cutoff |
| outputFormat | String ! | "sarif" | Report output formatter |
Example
dagger -m github.com/opopops/daggerverse/grype@da1fc9b1eb454de426830a4c59eeb433c4c53e4a call \
--image string --version string --user string scan --source string --severity-cutoff string --fail boolean --output-format stringfunc (m *MyModule) Example(image string, version string, user string, source string, severityCutoff string, fail bool, outputFormat string) *dagger.File {
return dag.
Grype(image, version, user).
Scan(source, severityCutoff, fail, outputFormat)
}@function
def example(image: str, version: str, user: str, source: str, severitycutoff: str, fail: bool, outputformat: str) -> dagger.File:
return (
dag.grype(image, version, user)
.scan(source, severitycutoff, fail, outputformat)
)@func()
example(image: string, version: string, user: string, source: string, severityCutoff: string, fail: boolean, outputFormat: string): File {
return dag
.grype(image, version, user)
.scan(source, severityCutoff, fail, outputFormat)
}scanDirectory() 🔗
Scan directory
Return Type
File !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| source | Directory ! | - | Directory to scan |
| sourceType | String | "dir" | No description provided |
| severityCutoff | String | null | No description provided |
| fail | Boolean ! | true | Set to false to avoid failing based on severity-cutoff |
| outputFormat | String ! | "sarif" | Report output formatter |
Example
dagger -m github.com/opopops/daggerverse/grype@da1fc9b1eb454de426830a4c59eeb433c4c53e4a call \
--image string --version string --user string scan-directory --source DIR_PATH --fail boolean --output-format stringfunc (m *MyModule) Example(image string, version string, user string, source *dagger.Directory, fail bool, outputFormat string) *dagger.File {
return dag.
Grype(image, version, user).
Scandirectory(source, fail, outputFormat)
}@function
def example(image: str, version: str, user: str, source: dagger.Directory, fail: bool, outputformat: str) -> dagger.File:
return (
dag.grype(image, version, user)
.scandirectory(source, fail, outputformat)
)@func()
example(image: string, version: string, user: string, source: Directory, fail: boolean, outputFormat: string): File {
return dag
.grype(image, version, user)
.scanDirectory(source, fail, outputFormat)
}scanFile() 🔗
Scan file
Return Type
File !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| source | File ! | - | File to scan |
| sourceType | String ! | "file" | Source type |
| severityCutoff | String ! | "" | Specify the minimum vulnerability severity to trigger an “error” level ACS result |
| fail | Boolean ! | true | Set to false to avoid failing based on severity-cutoff |
| outputFormat | String ! | "sarif" | Report output formatter |
Example
dagger -m github.com/opopops/daggerverse/grype@da1fc9b1eb454de426830a4c59eeb433c4c53e4a call \
--image string --version string --user string scan-file --source file:path --source-type string --severity-cutoff string --fail boolean --output-format stringfunc (m *MyModule) Example(image string, version string, user string, source *dagger.File, sourceType string, severityCutoff string, fail bool, outputFormat string) *dagger.File {
return dag.
Grype(image, version, user).
Scanfile(source, sourceType, severityCutoff, fail, outputFormat)
}@function
def example(image: str, version: str, user: str, source: dagger.File, sourcetype: str, severitycutoff: str, fail: bool, outputformat: str) -> dagger.File:
return (
dag.grype(image, version, user)
.scanfile(source, sourcetype, severitycutoff, fail, outputformat)
)@func()
example(image: string, version: string, user: string, source: File, sourceType: string, severityCutoff: string, fail: boolean, outputFormat: string): File {
return dag
.grype(image, version, user)
.scanFile(source, sourceType, severityCutoff, fail, outputFormat)
}scanImage() 🔗
Scan container image
Return Type
File !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| source | String ! | - | Image to scan |
| sourceType | String ! | "registry" | Source type |
| severityCutoff | String ! | "" | Specify the minimum vulnerability severity to trigger an “error” level ACS result |
| fail | Boolean ! | true | Set to false to avoid failing based on severity-cutoff |
| outputFormat | String ! | "sarif" | Report output formatter |
Example
dagger -m github.com/opopops/daggerverse/grype@da1fc9b1eb454de426830a4c59eeb433c4c53e4a call \
--image string --version string --user string scan-image --source string --source-type string --severity-cutoff string --fail boolean --output-format stringfunc (m *MyModule) Example(image string, version string, user string, source string, sourceType string, severityCutoff string, fail bool, outputFormat string) *dagger.File {
return dag.
Grype(image, version, user).
Scanimage(source, sourceType, severityCutoff, fail, outputFormat)
}@function
def example(image: str, version: str, user: str, source: str, sourcetype: str, severitycutoff: str, fail: bool, outputformat: str) -> dagger.File:
return (
dag.grype(image, version, user)
.scanimage(source, sourcetype, severitycutoff, fail, outputformat)
)@func()
example(image: string, version: string, user: string, source: string, sourceType: string, severityCutoff: string, fail: boolean, outputFormat: string): File {
return dag
.grype(image, version, user)
.scanImage(source, sourceType, severityCutoff, fail, outputFormat)
}withRegistryAuth() 🔗
Authenticate with registry
Return Type
Grype !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| username | String ! | - | Registry username |
| secret | Secret ! | - | Registry password |
| address | String ! | "docker.io" | Registry host |
Example
dagger -m github.com/opopops/daggerverse/grype@da1fc9b1eb454de426830a4c59eeb433c4c53e4a call \
--image string --version string --user string with-registry-auth --username string --secret env:MYSECRET --address stringfunc (m *MyModule) Example(image string, version string, user string, username string, secret *dagger.Secret, address string) *dagger.Grype {
return dag.
Grype(image, version, user).
Withregistryauth(username, secret, address)
}@function
def example(image: str, version: str, user: str, username: str, secret: dagger.Secret, address: str) -> dagger.Grype:
return (
dag.grype(image, version, user)
.withregistryauth(username, secret, address)
)@func()
example(image: string, version: string, user: string, username: string, secret: Secret, address: string): Grype {
return dag
.grype(image, version, user)
.withRegistryAuth(username, secret, address)
}withScan() 🔗
Scan (for chaining)
Return Type
Grype !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| source | String ! | - | Source to scan |
| severityCutoff | String ! | "" | Specify the minimum vulnerability severity to trigger an “error” level ACS result |
| fail | Boolean ! | true | Set to false to avoid failing based on severity-cutoff |
| outputFormat | String ! | "sarif" | Report output formatter |
Example
dagger -m github.com/opopops/daggerverse/grype@da1fc9b1eb454de426830a4c59eeb433c4c53e4a call \
--image string --version string --user string with-scan --source string --severity-cutoff string --fail boolean --output-format stringfunc (m *MyModule) Example(image string, version string, user string, source string, severityCutoff string, fail bool, outputFormat string) *dagger.Grype {
return dag.
Grype(image, version, user).
Withscan(source, severityCutoff, fail, outputFormat)
}@function
def example(image: str, version: str, user: str, source: str, severitycutoff: str, fail: bool, outputformat: str) -> dagger.Grype:
return (
dag.grype(image, version, user)
.withscan(source, severitycutoff, fail, outputformat)
)@func()
example(image: string, version: string, user: string, source: string, severityCutoff: string, fail: boolean, outputFormat: string): Grype {
return dag
.grype(image, version, user)
.withScan(source, severityCutoff, fail, outputFormat)
}withScanDirectory() 🔗
Scan dir (for chaining)
Return Type
Grype !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| source | Directory ! | - | Directory to scan |
| sourceType | String ! | "registry" | Source type |
| severityCutoff | String ! | "" | Specify the minimum vulnerability severity to trigger an “error” level ACS result |
| fail | Boolean ! | true | Set to false to avoid failing based on severity-cutoff |
| outputFormat | String ! | "sarif" | Report output formatter |
Example
dagger -m github.com/opopops/daggerverse/grype@da1fc9b1eb454de426830a4c59eeb433c4c53e4a call \
--image string --version string --user string with-scan-directory --source DIR_PATH --source-type string --severity-cutoff string --fail boolean --output-format stringfunc (m *MyModule) Example(image string, version string, user string, source *dagger.Directory, sourceType string, severityCutoff string, fail bool, outputFormat string) *dagger.Grype {
return dag.
Grype(image, version, user).
Withscandirectory(source, sourceType, severityCutoff, fail, outputFormat)
}@function
def example(image: str, version: str, user: str, source: dagger.Directory, sourcetype: str, severitycutoff: str, fail: bool, outputformat: str) -> dagger.Grype:
return (
dag.grype(image, version, user)
.withscandirectory(source, sourcetype, severitycutoff, fail, outputformat)
)@func()
example(image: string, version: string, user: string, source: Directory, sourceType: string, severityCutoff: string, fail: boolean, outputFormat: string): Grype {
return dag
.grype(image, version, user)
.withScanDirectory(source, sourceType, severityCutoff, fail, outputFormat)
}withScanFile() 🔗
Scan file (for chaining)
Return Type
Grype !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| source | File ! | - | File to scan |
| sourceType | String ! | "registry" | Source type |
| severityCutoff | String ! | "" | Specify the minimum vulnerability severity to trigger an “error” level ACS result |
| fail | Boolean ! | true | Set to false to avoid failing based on severity-cutoff |
| outputFormat | String ! | "sarif" | Report output formatter |
Example
dagger -m github.com/opopops/daggerverse/grype@da1fc9b1eb454de426830a4c59eeb433c4c53e4a call \
--image string --version string --user string with-scan-file --source file:path --source-type string --severity-cutoff string --fail boolean --output-format stringfunc (m *MyModule) Example(image string, version string, user string, source *dagger.File, sourceType string, severityCutoff string, fail bool, outputFormat string) *dagger.Grype {
return dag.
Grype(image, version, user).
Withscanfile(source, sourceType, severityCutoff, fail, outputFormat)
}@function
def example(image: str, version: str, user: str, source: dagger.File, sourcetype: str, severitycutoff: str, fail: bool, outputformat: str) -> dagger.Grype:
return (
dag.grype(image, version, user)
.withscanfile(source, sourcetype, severitycutoff, fail, outputformat)
)@func()
example(image: string, version: string, user: string, source: File, sourceType: string, severityCutoff: string, fail: boolean, outputFormat: string): Grype {
return dag
.grype(image, version, user)
.withScanFile(source, sourceType, severityCutoff, fail, outputFormat)
}withScanImage() 🔗
Scan container image (for chaining)
Return Type
Grype !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| source | String ! | - | Image to scan |
| sourceType | String ! | "registry" | Source type |
| severityCutoff | String ! | "" | Specify the minimum vulnerability severity to trigger an “error” level ACS result |
| fail | Boolean ! | true | Set to false to avoid failing based on severity-cutoff |
| outputFormat | String ! | "sarif" | Report output formatter |
Example
dagger -m github.com/opopops/daggerverse/grype@da1fc9b1eb454de426830a4c59eeb433c4c53e4a call \
--image string --version string --user string with-scan-image --source string --source-type string --severity-cutoff string --fail boolean --output-format stringfunc (m *MyModule) Example(image string, version string, user string, source string, sourceType string, severityCutoff string, fail bool, outputFormat string) *dagger.Grype {
return dag.
Grype(image, version, user).
Withscanimage(source, sourceType, severityCutoff, fail, outputFormat)
}@function
def example(image: str, version: str, user: str, source: str, sourcetype: str, severitycutoff: str, fail: bool, outputformat: str) -> dagger.Grype:
return (
dag.grype(image, version, user)
.withscanimage(source, sourcetype, severitycutoff, fail, outputformat)
)@func()
example(image: string, version: string, user: string, source: string, sourceType: string, severityCutoff: string, fail: boolean, outputFormat: string): Grype {
return dag
.grype(image, version, user)
.withScanImage(source, sourceType, severityCutoff, fail, outputFormat)
}