Skip to content

dtbaum/grypescanner-plugin

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
images
images
 
 
src/main
src/main
 
 
Jenkinsfile
Jenkinsfile
 
 
LICENSE.md
LICENSE.md
 
 
README.md
README.md
 
 
pom.xml
pom.xml
 
 

Repository files navigation

Grype vulnerability scanner

Introduction

Grype is a vulnerability scanner for container images and filesystems. This jenkins plugin scans a given target and saves a report as job artifact.

Getting started

This jenkins plugin installs grype in the job workspace directory and performs scan. See section Installation/Recommended for more installation details.

Grype as a build step:

Grype plugin

Grype plugin

Possible scan targets:

Grype plugin

Scan result as job artifact:

Grype plugin

Scan results:

Grype plugin

Usage in a pipeline:

pipeline
{
 agent any
  options
 {
  skipStagesAfterUnstable()
 }
 stages
 {
  stage('Build')
  {
   steps
   {
   step([$class: 'GrypeScannerStep', scanDest: 'dir:/tmp', repName: 'myScanResult.txt'])
   }
  }
 }
}

Issues

TODO Decide where you're going to host your issues, the default is Jenkins JIRA, but you can also enable GitHub issues, If you use GitHub issues there's no need for this section; else add the following line:

Report issues and enhancements in the Jenkins issue tracker.

Contributing

TODO review the default CONTRIBUTING file and make sure it is appropriate for your plugin, if not then add your own one adapted from the base file

Refer to our contribution guidelines

LICENSE

Licensed under MIT, see LICENSE

About

Jenkins plugin for grype integration

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

5 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages