grype
Scan a container image using Grype
Installation
dagger install github.com/opopops/daggerverse/grype@v1.7.0Entrypoint
Return Type
Grype !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| image | String ! | "cgr.dev/chainguard/wolfi-base:latest" | wolfi-base image |
| version | String ! | "latest" | Grype version |
| user | String ! | "65532" | Image user |
| dockerConfig | File | null | Docker config file |
| container | Container | null | No description provided |
Example
dagger -m github.com/opopops/daggerverse/grype@da1fc9b1eb454de426830a4c59eeb433c4c53e4a call \
--image string --version string --user stringfunc (m *myModule) example(image string, version string, user string) *dagger.Grype {
return dag.
Grype(image, version, user)
}@function
def example(image: str, version: str, user: str, ) -> dagger.Grype:
return (
dag.grype(image, version, user)
)@func()
example(image: string, version: string, user: string, ): Grype {
return dag
.grype(image, version, user)
}Types
Grype 🔗
Grype CLI
container() 🔗
Returns configured grype container
Return Type
Container !Example
dagger -m github.com/opopops/daggerverse/grype@da1fc9b1eb454de426830a4c59eeb433c4c53e4a call \
--image string --version string --user string containerfunc (m *myModule) example(image string, version string, user string) *dagger.Container {
return dag.
Grype(image, version, user).
Container()
}@function
def example(image: str, version: str, user: str, ) -> dagger.Container:
return (
dag.grype(image, version, user)
.container()
)@func()
example(image: string, version: string, user: string, ): Container {
return dag
.grype(image, version, user)
.container()
}scan() 🔗
Scan
Return Type
File !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| source | String ! | - | Source to scan |
| severityCutoff | String ! | "" | Specify the minimum vulnerability severity to trigger an "error" level ACS result |
| fail | Boolean ! | true | Set to false to avoid failing based on severity-cutoff |
| outputFormat | String ! | "sarif" | Report output formatter |
Example
dagger -m github.com/opopops/daggerverse/grype@da1fc9b1eb454de426830a4c59eeb433c4c53e4a call \
--image string --version string --user string scan --source string --severity-cutoff string --fail boolean --output-format stringfunc (m *myModule) example(image string, version string, user string, source string, severityCutoff string, fail bool, outputFormat string) *dagger.File {
return dag.
Grype(image, version, user).
Scan(source, severityCutoff, fail, outputFormat)
}@function
def example(image: str, version: str, user: str, source: str, severity_cutoff: str, fail: bool, output_format: str) -> dagger.File:
return (
dag.grype(image, version, user)
.scan(source, severity_cutoff, fail, output_format)
)@func()
example(image: string, version: string, user: string, source: string, severityCutoff: string, fail: boolean, outputFormat: string): File {
return dag
.grype(image, version, user)
.scan(source, severityCutoff, fail, outputFormat)
}scanDirectory() 🔗
Scan directory
Return Type
File !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| source | Directory ! | - | Directory to scan |
| sourceType | String | "dir" | No description provided |
| severityCutoff | String | null | No description provided |
| fail | Boolean ! | true | Set to false to avoid failing based on severity-cutoff |
| outputFormat | String ! | "sarif" | Report output formatter |
Example
dagger -m github.com/opopops/daggerverse/grype@da1fc9b1eb454de426830a4c59eeb433c4c53e4a call \
--image string --version string --user string scan-directory --source DIR_PATH --fail boolean --output-format stringfunc (m *myModule) example(image string, version string, user string, source *dagger.Directory, fail bool, outputFormat string) *dagger.File {
return dag.
Grype(image, version, user).
ScanDirectory(source, fail, outputFormat)
}@function
def example(image: str, version: str, user: str, source: dagger.Directory, fail: bool, output_format: str) -> dagger.File:
return (
dag.grype(image, version, user)
.scan_directory(source, fail, output_format)
)@func()
example(image: string, version: string, user: string, source: Directory, fail: boolean, outputFormat: string): File {
return dag
.grype(image, version, user)
.scanDirectory(source, fail, outputFormat)
}scanFile() 🔗
Scan file
Return Type
File !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| source | File ! | - | File to scan |
| sourceType | String ! | "file" | Source type |
| severityCutoff | String ! | "" | Specify the minimum vulnerability severity to trigger an "error" level ACS result |
| fail | Boolean ! | true | Set to false to avoid failing based on severity-cutoff |
| outputFormat | String ! | "sarif" | Report output formatter |
Example
dagger -m github.com/opopops/daggerverse/grype@da1fc9b1eb454de426830a4c59eeb433c4c53e4a call \
--image string --version string --user string scan-file --source file:path --source-type string --severity-cutoff string --fail boolean --output-format stringfunc (m *myModule) example(image string, version string, user string, source *dagger.File, sourceType string, severityCutoff string, fail bool, outputFormat string) *dagger.File {
return dag.
Grype(image, version, user).
ScanFile(source, sourceType, severityCutoff, fail, outputFormat)
}@function
def example(image: str, version: str, user: str, source: dagger.File, source_type: str, severity_cutoff: str, fail: bool, output_format: str) -> dagger.File:
return (
dag.grype(image, version, user)
.scan_file(source, source_type, severity_cutoff, fail, output_format)
)@func()
example(image: string, version: string, user: string, source: File, sourceType: string, severityCutoff: string, fail: boolean, outputFormat: string): File {
return dag
.grype(image, version, user)
.scanFile(source, sourceType, severityCutoff, fail, outputFormat)
}scanImage() 🔗
Scan container image
Return Type
File !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| source | String ! | - | Image to scan |
| sourceType | String ! | "registry" | Source type |
| severityCutoff | String ! | "" | Specify the minimum vulnerability severity to trigger an "error" level ACS result |
| fail | Boolean ! | true | Set to false to avoid failing based on severity-cutoff |
| outputFormat | String ! | "sarif" | Report output formatter |
Example
dagger -m github.com/opopops/daggerverse/grype@da1fc9b1eb454de426830a4c59eeb433c4c53e4a call \
--image string --version string --user string scan-image --source string --source-type string --severity-cutoff string --fail boolean --output-format stringfunc (m *myModule) example(image string, version string, user string, source string, sourceType string, severityCutoff string, fail bool, outputFormat string) *dagger.File {
return dag.
Grype(image, version, user).
ScanImage(source, sourceType, severityCutoff, fail, outputFormat)
}@function
def example(image: str, version: str, user: str, source: str, source_type: str, severity_cutoff: str, fail: bool, output_format: str) -> dagger.File:
return (
dag.grype(image, version, user)
.scan_image(source, source_type, severity_cutoff, fail, output_format)
)@func()
example(image: string, version: string, user: string, source: string, sourceType: string, severityCutoff: string, fail: boolean, outputFormat: string): File {
return dag
.grype(image, version, user)
.scanImage(source, sourceType, severityCutoff, fail, outputFormat)
}withRegistryAuth() 🔗
Authenticate with registry
Return Type
Grype !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| username | String ! | - | Registry username |
| secret | Secret ! | - | Registry password |
| address | String ! | "docker.io" | Registry host |
Example
dagger -m github.com/opopops/daggerverse/grype@da1fc9b1eb454de426830a4c59eeb433c4c53e4a call \
--image string --version string --user string with-registry-auth --username string --secret env:MYSECRET --address stringfunc (m *myModule) example(image string, version string, user string, username string, secret *dagger.Secret, address string) *dagger.Grype {
return dag.
Grype(image, version, user).
WithRegistryAuth(username, secret, address)
}@function
def example(image: str, version: str, user: str, username: str, secret: dagger.Secret, address: str) -> dagger.Grype:
return (
dag.grype(image, version, user)
.with_registry_auth(username, secret, address)
)@func()
example(image: string, version: string, user: string, username: string, secret: Secret, address: string): Grype {
return dag
.grype(image, version, user)
.withRegistryAuth(username, secret, address)
}withScan() 🔗
Scan (for chaining)
Return Type
Grype !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| source | String ! | - | Source to scan |
| severityCutoff | String ! | "" | Specify the minimum vulnerability severity to trigger an "error" level ACS result |
| fail | Boolean ! | true | Set to false to avoid failing based on severity-cutoff |
| outputFormat | String ! | "sarif" | Report output formatter |
Example
dagger -m github.com/opopops/daggerverse/grype@da1fc9b1eb454de426830a4c59eeb433c4c53e4a call \
--image string --version string --user string with-scan --source string --severity-cutoff string --fail boolean --output-format stringfunc (m *myModule) example(image string, version string, user string, source string, severityCutoff string, fail bool, outputFormat string) *dagger.Grype {
return dag.
Grype(image, version, user).
WithScan(source, severityCutoff, fail, outputFormat)
}@function
def example(image: str, version: str, user: str, source: str, severity_cutoff: str, fail: bool, output_format: str) -> dagger.Grype:
return (
dag.grype(image, version, user)
.with_scan(source, severity_cutoff, fail, output_format)
)@func()
example(image: string, version: string, user: string, source: string, severityCutoff: string, fail: boolean, outputFormat: string): Grype {
return dag
.grype(image, version, user)
.withScan(source, severityCutoff, fail, outputFormat)
}withScanDirectory() 🔗
Scan dir (for chaining)
Return Type
Grype !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| source | Directory ! | - | Directory to scan |
| sourceType | String ! | "registry" | Source type |
| severityCutoff | String ! | "" | Specify the minimum vulnerability severity to trigger an "error" level ACS result |
| fail | Boolean ! | true | Set to false to avoid failing based on severity-cutoff |
| outputFormat | String ! | "sarif" | Report output formatter |
Example
dagger -m github.com/opopops/daggerverse/grype@da1fc9b1eb454de426830a4c59eeb433c4c53e4a call \
--image string --version string --user string with-scan-directory --source DIR_PATH --source-type string --severity-cutoff string --fail boolean --output-format stringfunc (m *myModule) example(image string, version string, user string, source *dagger.Directory, sourceType string, severityCutoff string, fail bool, outputFormat string) *dagger.Grype {
return dag.
Grype(image, version, user).
WithScanDirectory(source, sourceType, severityCutoff, fail, outputFormat)
}@function
def example(image: str, version: str, user: str, source: dagger.Directory, source_type: str, severity_cutoff: str, fail: bool, output_format: str) -> dagger.Grype:
return (
dag.grype(image, version, user)
.with_scan_directory(source, source_type, severity_cutoff, fail, output_format)
)@func()
example(image: string, version: string, user: string, source: Directory, sourceType: string, severityCutoff: string, fail: boolean, outputFormat: string): Grype {
return dag
.grype(image, version, user)
.withScanDirectory(source, sourceType, severityCutoff, fail, outputFormat)
}withScanFile() 🔗
Scan file (for chaining)
Return Type
Grype !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| source | File ! | - | File to scan |
| sourceType | String ! | "registry" | Source type |
| severityCutoff | String ! | "" | Specify the minimum vulnerability severity to trigger an "error" level ACS result |
| fail | Boolean ! | true | Set to false to avoid failing based on severity-cutoff |
| outputFormat | String ! | "sarif" | Report output formatter |
Example
dagger -m github.com/opopops/daggerverse/grype@da1fc9b1eb454de426830a4c59eeb433c4c53e4a call \
--image string --version string --user string with-scan-file --source file:path --source-type string --severity-cutoff string --fail boolean --output-format stringfunc (m *myModule) example(image string, version string, user string, source *dagger.File, sourceType string, severityCutoff string, fail bool, outputFormat string) *dagger.Grype {
return dag.
Grype(image, version, user).
WithScanFile(source, sourceType, severityCutoff, fail, outputFormat)
}@function
def example(image: str, version: str, user: str, source: dagger.File, source_type: str, severity_cutoff: str, fail: bool, output_format: str) -> dagger.Grype:
return (
dag.grype(image, version, user)
.with_scan_file(source, source_type, severity_cutoff, fail, output_format)
)@func()
example(image: string, version: string, user: string, source: File, sourceType: string, severityCutoff: string, fail: boolean, outputFormat: string): Grype {
return dag
.grype(image, version, user)
.withScanFile(source, sourceType, severityCutoff, fail, outputFormat)
}withScanImage() 🔗
Scan container image (for chaining)
Return Type
Grype !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| source | String ! | - | Image to scan |
| sourceType | String ! | "registry" | Source type |
| severityCutoff | String ! | "" | Specify the minimum vulnerability severity to trigger an "error" level ACS result |
| fail | Boolean ! | true | Set to false to avoid failing based on severity-cutoff |
| outputFormat | String ! | "sarif" | Report output formatter |
Example
dagger -m github.com/opopops/daggerverse/grype@da1fc9b1eb454de426830a4c59eeb433c4c53e4a call \
--image string --version string --user string with-scan-image --source string --source-type string --severity-cutoff string --fail boolean --output-format stringfunc (m *myModule) example(image string, version string, user string, source string, sourceType string, severityCutoff string, fail bool, outputFormat string) *dagger.Grype {
return dag.
Grype(image, version, user).
WithScanImage(source, sourceType, severityCutoff, fail, outputFormat)
}@function
def example(image: str, version: str, user: str, source: str, source_type: str, severity_cutoff: str, fail: bool, output_format: str) -> dagger.Grype:
return (
dag.grype(image, version, user)
.with_scan_image(source, source_type, severity_cutoff, fail, output_format)
)@func()
example(image: string, version: string, user: string, source: string, sourceType: string, severityCutoff: string, fail: boolean, outputFormat: string): Grype {
return dag
.grype(image, version, user)
.withScanImage(source, sourceType, severityCutoff, fail, outputFormat)
}