diff options
| author | Valery Piashchynski <[email protected]> | 2022-02-04 20:17:02 +0300 |
|---|---|---|
| committer | Valery Piashchynski <[email protected]> | 2022-02-04 20:17:02 +0300 |
| commit | a438a3aff3160489d2f0aa1d21b43e379e6a2f6e (patch) | |
| tree | a8d278cfae2fb4337cc253a41c96b098a42fb02f | |
| parent | 00292f298177c20742e8f40aab735e131d808bf4 (diff) | |
use grype binary to scan images
Signed-off-by: Valery Piashchynski <[email protected]>
| -rw-r--r-- | .github/workflows/tests.yml | 6 | ||||
| -rw-r--r-- | .grype.yaml | 4 |
2 files changed, 10 insertions, 0 deletions
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index e4991b91..082e3360 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -148,3 +148,9 @@ jobs: - name: Try to execute run: docker run --rm rr:local -v + + - name: Install grype + run: curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin + + - name: Scan Image + run: grype rr:local diff --git a/.grype.yaml b/.grype.yaml new file mode 100644 index 00000000..e65794d2 --- /dev/null +++ b/.grype.yaml @@ -0,0 +1,4 @@ +ignore: + # temporary ignore this CVE as false positive on the Go package + - vulnerability: CVE-2015-5237 + - vulnerability: CVE-2021-22570 |