mirror/catalog
1
0
Fork 0
mirror of https://github.com/tektoncd/catalog.git synced 2024-11-21 05:55:35 +00:00
Code Issues Releases Activity
main
catalog/task/grype/0.1
History
vinamra28 e763a4473e Use latest git-clone in Task's tests 
With git-clone version 0.8 and onwards, it started running as non-root
and GKE clusters were having some issues, so, we temporarily moved all
tasks to use git-clone version 0.7. Ref: https://github.com/tektoncd/catalog/pull/1079

Since we have now moved to kind clusters in our CI, this issue is now
resolved and thus moving all tasks to use latest version of git-clone

Signed-off-by: vinamra28 <jvinamra776@gmail.com>
2023-09-22 09:32:22 +01:00
..
tests Use latest git-clone in Task's tests 2023-09-22 09:32:22 +01:00
grype.yaml Updated multi arch docker image value for trivy, syft, grype task and fixed lint failures 2023-07-21 03:27:54 +01:00
README.md feat: add syft 2022-09-09 13:16:30 +02:00

README.md

grype

This task allows the use of the grype for Tekton Pipelines.

What's Grype?

A vulnerability scanner for container images and filesystems. Easily install the binary to try it out. Works with Syft, the powerful SBOM (software bill of materials) tool for container images and filesystems. For more detail, please see.

Parameters

  • GRYPE_IMAGE: Optional address of the grype container image to be used for task.

    default: "docker.io/anchore/grype@sha256:84ec572a9d39e6c4774cbaf5678e73c772d394651c6cdee1c21f74203ff68685"

  • ARGS: The arguments to pass to grype CLI. This parameter is required to run this task.

Examples

Run grype --help for Grype usage.

Using the Tekton CLI (tkn):

tkn task start grype -p ARGS="--help" --workspace name=source-dir,emptyDir=""

Scan Alpine Image:

tkn task start grype -p ARGS="docker.io/alpine:3.13" --workspace name=source-dir,emptyDir=""

Platforms

The Task can be run on linux/amd64 and linux/arm64 platforms.