GrypeScanner

Introduction

Grype is a vulnerability scanner for container images and filesystems. This jenkins plugin scans a given target and saves a report as job artifact.

Getting started

This jenkins plugin installs grype in the job workspace directory and performs scan. See section Installation/Recommended for more installation details.

Grype as a build step:

Grype plugin

Grype plugin

Possible scan targets:

Grype plugin

Scan result as job artifact:

Grype plugin

Scan results:

Grype plugin

Usage in a pipeline:

pipeline
{
 agent any
  options
 {
  skipStagesAfterUnstable()
 }
 stages
 {
  stage('Build')
  {
   steps
   {
   step([$class: 'GrypeScannerStep', scanDest: 'dir:/tmp', repName: 'myScanResult.txt'])
   }
  }
 }
}

Issues

TODO Decide where you're going to host your issues, the default is Jenkins JIRA, but you can also enable GitHub issues, If you use GitHub issues there's no need for this section; else add the following line:

Report issues and enhancements in the Jenkins issue tracker.

Contributing

TODO review the default CONTRIBUTING file and make sure it is appropriate for your plugin, if not then add your own one adapted from the base file

Refer to our contribution guidelines

LICENSE

Licensed under MIT, see LICENSE