GrypeScanner

Introduction

Grype is a vulnerability scanner for container images and filesystems. This jenkins plugin scans a given target and saves a report as job artifact.

Getting started

This jenkins plugin installs grype in the job workspace directory and performs scan. See section Installation/Recommended for more installation details.

Grype as a build step:

Grype plugin

Grype plugin

Possible scan targets:

Grype plugin

Scan result report as job artifact:

Grype plugin

Scan results:

Grype plugin

Grype plugin

Usage in a pipeline:

pipeline
{
  agent any
  options
  {
    skipStagesAfterUnstable()
  }
  stages
  {
    stage('Build')
    {
      steps
      {
        grypeScan scanDest: 'dir:/tmp', repName: 'myScanResult.txt'
      }
    }
  }
}

LICENSE

Licensed under MIT, see LICENSE

Version: 1.5
Released:
Requires Jenkins 2.277.1
ID: grypescanner
Installs: 137
View detailed version information
Links
GitHub
Open issues (Github)
Report an issue (Github)
Pipeline Step Reference
Javadoc
Labels
This plugin has no labels
Maintainers
Dimitri Tenenbaum
Help us improve this page!
To propose a change submit a pull request to the plugin page on GitHub.