GrypeScanner

Introduction

Grype is a vulnerability scanner for container images and filesystems. This jenkins plugin scans a given target and saves a report as job artifact.

Getting started

This jenkins plugin installs grype in the job workspace directory and performs scan. See section Installation/Recommended for more installation details.

Grype as a build step:

Grype plugin

Grype plugin

Possible scan targets:

Grype plugin

Scan result report as job artifact:

Grype plugin

Scan results:

Grype plugin

Grype plugin

Usage in a pipeline:

pipeline
{
  agent any
  options
  {
    skipStagesAfterUnstable()
  }
  stages
  {
    stage('Build')
    {
      steps
      {
        grypeScan scanDest: 'dir:/tmp', repName: 'myScanResult.txt'
      }
    }
  }
}

LICENSE

Licensed under MIT, see LICENSE