grype
Scan a container image using Grype
Installation
dagger install github.com/opopops/daggerverse/grype@v1.9.0Entrypoint
Return Type
Grype !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| image | String | "cgr.dev/chainguard/wolfi-base:latest" | wolfi-base image |
| version | String | "latest" | Grype version |
| user | String | "65532" | Image user |
Example
dagger -m github.com/opopops/daggerverse/grype@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
func (m *MyModule) Example() *dagger.Grype {
return dag.
Grype()
}@function
def example() -> dagger.Grype:
return (
dag.grype()
)@func()
example(): Grype {
return dag
.grype()
}Types
Grype 🔗
Grype CLI
container() 🔗
Returns configured grype container
Return Type
Container !Example
dagger -m github.com/opopops/daggerverse/grype@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
containerfunc (m *MyModule) Example() *dagger.Container {
return dag.
Grype().
Container()
}@function
def example() -> dagger.Container:
return (
dag.grype()
.container()
)@func()
example(): Container {
return dag
.grype()
.container()
}dockerConfig() 🔗
Returns the Docker config file
Return Type
File !Example
dagger -m github.com/opopops/daggerverse/grype@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
docker-configfunc (m *MyModule) Example() *dagger.File {
return dag.
Grype().
DockerConfig()
}@function
def example() -> dagger.File:
return (
dag.grype()
.docker_config()
)@func()
example(): File {
return dag
.grype()
.dockerConfig()
}scan() 🔗
Scan
Return Type
File !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| source | String ! | - | Source to scan |
| severity | String | "" | Specify the minimum vulnerability severity to trigger an "error" level ACS result |
| fail | Boolean | true | Set to false to avoid failing based on severity-cutoff |
| outputFormat | String ! | "table" | Report output formatter |
Example
dagger -m github.com/opopops/daggerverse/grype@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
scan --source string --output-format stringfunc (m *MyModule) Example(source string, outputFormat string) *dagger.File {
return dag.
Grype().
Scan(source, outputFormat)
}@function
def example(source: str, output_format: str) -> dagger.File:
return (
dag.grype()
.scan(source, output_format)
)@func()
example(source: string, outputFormat: string): File {
return dag
.grype()
.scan(source, outputFormat)
}scanDirectory() 🔗
Scan directory
Return Type
File !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| source | Directory ! | - | Directory to scan |
| sourceType | String | "dir" | No description provided |
| severity | String | null | No description provided |
| fail | Boolean | true | Set to false to avoid failing based on severity-cutoff |
| outputFormat | String | "table" | Report output formatter |
Example
dagger -m github.com/opopops/daggerverse/grype@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
scan-directory --source DIR_PATHfunc (m *MyModule) Example(source *dagger.Directory) *dagger.File {
return dag.
Grype().
ScanDirectory(source)
}@function
def example(source: dagger.Directory) -> dagger.File:
return (
dag.grype()
.scan_directory(source)
)@func()
example(source: Directory): File {
return dag
.grype()
.scanDirectory(source)
}scanFile() 🔗
Scan file
Return Type
File !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| source | File ! | - | File to scan |
| sourceType | String | "file" | Source type |
| severity | String | "" | Specify the minimum vulnerability severity to trigger an "error" level ACS result |
| fail | Boolean | true | Set to false to avoid failing based on severity-cutoff |
| outputFormat | String | "table" | Report output formatter |
Example
dagger -m github.com/opopops/daggerverse/grype@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
scan-file --source file:pathfunc (m *MyModule) Example(source *dagger.File) *dagger.File {
return dag.
Grype().
ScanFile(source)
}@function
def example(source: dagger.File) -> dagger.File:
return (
dag.grype()
.scan_file(source)
)@func()
example(source: File): File {
return dag
.grype()
.scanFile(source)
}scanImage() 🔗
Scan container image
Return Type
File !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| source | String ! | - | Image to scan |
| sourceType | String | "registry" | Source type |
| severity | String | "" | Specify the minimum vulnerability severity to trigger an "error" level ACS result |
| fail | Boolean | true | Set to false to avoid failing based on severity-cutoff |
| outputFormat | String | "table" | Report output formatter |
Example
dagger -m github.com/opopops/daggerverse/grype@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
scan-image --source stringfunc (m *MyModule) Example(source string) *dagger.File {
return dag.
Grype().
ScanImage(source)
}@function
def example(source: str) -> dagger.File:
return (
dag.grype()
.scan_image(source)
)@func()
example(source: string): File {
return dag
.grype()
.scanImage(source)
}withDockerConfig() 🔗
Set Docker config file (for chaining)
Return Type
Grype !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| dockerConfig | File ! | - | Docker config file |
Example
dagger -m github.com/opopops/daggerverse/grype@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
with-docker-config --docker-config file:pathfunc (m *MyModule) Example(dockerConfig *dagger.File) *dagger.Grype {
return dag.
Grype().
WithDockerConfig(dockerConfig)
}@function
def example(docker_config: dagger.File) -> dagger.Grype:
return (
dag.grype()
.with_docker_config(docker_config)
)@func()
example(dockerConfig: File): Grype {
return dag
.grype()
.withDockerConfig(dockerConfig)
}withDockerSocket() 🔗
Retrieves this Apko CLI plus a socket forwarded to the given Unix socket path
Return Type
Grype !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| source | Socket ! | - | Identifier of the Docker socket to forward |
Example
echo 'Custom types are not supported in shell examples'func (m *MyModule) Example(source *dagger.Socket) *dagger.Grype {
return dag.
Grype().
WithDockerSocket(source)
}@function
def example(source: dagger.Socket) -> dagger.Grype:
return (
dag.grype()
.with_docker_socket(source)
)@func()
example(source: Socket): Grype {
return dag
.grype()
.withDockerSocket(source)
}withRegistryAuth() 🔗
Authenticate with registry
Return Type
Grype !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| username | String ! | - | Registry username |
| secret | Secret ! | - | Registry password |
| address | String | "docker.io" | Registry host |
Example
dagger -m github.com/opopops/daggerverse/grype@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
with-registry-auth --username string --secret env:MYSECRETfunc (m *MyModule) Example(username string, secret *dagger.Secret) *dagger.Grype {
return dag.
Grype().
WithRegistryAuth(username, secret)
}@function
def example(username: str, secret: dagger.Secret) -> dagger.Grype:
return (
dag.grype()
.with_registry_auth(username, secret)
)@func()
example(username: string, secret: Secret): Grype {
return dag
.grype()
.withRegistryAuth(username, secret)
}withScan() 🔗
Scan (for chaining)
Return Type
Grype !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| source | String ! | - | Source to scan |
| severity | String | "" | Specify the minimum vulnerability severity to trigger an "error" level ACS result |
| fail | Boolean | true | Set to false to avoid failing based on severity-cutoff |
| outputFormat | String ! | "table" | Report output formatter |
Example
dagger -m github.com/opopops/daggerverse/grype@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
with-scan --source string --output-format stringfunc (m *MyModule) Example(source string, outputFormat string) *dagger.Grype {
return dag.
Grype().
WithScan(source, outputFormat)
}@function
def example(source: str, output_format: str) -> dagger.Grype:
return (
dag.grype()
.with_scan(source, output_format)
)@func()
example(source: string, outputFormat: string): Grype {
return dag
.grype()
.withScan(source, outputFormat)
}withScanDirectory() 🔗
Scan dir (for chaining)
Return Type
Grype !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| source | Directory ! | - | Directory to scan |
| sourceType | String | "registry" | Source type |
| severity | String | "" | Specify the minimum vulnerability severity to trigger an "error" level ACS result |
| fail | Boolean | true | Set to false to avoid failing based on severity-cutoff |
| outputFormat | String | "table" | Report output formatter |
Example
dagger -m github.com/opopops/daggerverse/grype@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
with-scan-directory --source DIR_PATHfunc (m *MyModule) Example(source *dagger.Directory) *dagger.Grype {
return dag.
Grype().
WithScanDirectory(source)
}@function
def example(source: dagger.Directory) -> dagger.Grype:
return (
dag.grype()
.with_scan_directory(source)
)@func()
example(source: Directory): Grype {
return dag
.grype()
.withScanDirectory(source)
}withScanFile() 🔗
Scan file (for chaining)
Return Type
Grype !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| source | File ! | - | File to scan |
| sourceType | String | "registry" | Source type |
| severity | String | "" | Specify the minimum vulnerability severity to trigger an "error" level ACS result |
| fail | Boolean | true | Set to false to avoid failing based on severity-cutoff |
| outputFormat | String | "table" | Report output formatter |
Example
dagger -m github.com/opopops/daggerverse/grype@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
with-scan-file --source file:pathfunc (m *MyModule) Example(source *dagger.File) *dagger.Grype {
return dag.
Grype().
WithScanFile(source)
}@function
def example(source: dagger.File) -> dagger.Grype:
return (
dag.grype()
.with_scan_file(source)
)@func()
example(source: File): Grype {
return dag
.grype()
.withScanFile(source)
}withScanImage() 🔗
Scan container image (for chaining)
Return Type
Grype !Arguments
| Name | Type | Default Value | Description |
|---|---|---|---|
| source | String ! | - | Image to scan |
| sourceType | String | "registry" | Source type |
| severity | String | "" | Specify the minimum vulnerability severity to trigger an "error" level ACS result |
| fail | Boolean | true | Set to false to avoid failing based on severity-cutoff |
| outputFormat | String ! | "table" | Report output formatter |
Example
dagger -m github.com/opopops/daggerverse/grype@f5b2b0725aaecd1d771479f2e1c886dad9ac554d call \
with-scan-image --source string --output-format stringfunc (m *MyModule) Example(source string, outputFormat string) *dagger.Grype {
return dag.
Grype().
WithScanImage(source, outputFormat)
}@function
def example(source: str, output_format: str) -> dagger.Grype:
return (
dag.grype()
.with_scan_image(source, output_format)
)@func()
example(source: string, outputFormat: string): Grype {
return dag
.grype()
.withScanImage(source, outputFormat)
}