Loading docker/grype.yml +2 −3 Original line number Diff line number Diff line Loading @@ -11,15 +11,14 @@ variables: GRYPE_CVE_BLACKLIST_REGEX: "" .grype: # TODO: replace alpine and before script with our custom image # TODO: replace alpine and installation with our custom image image: alpine:3 stage: test before_script: script: - apk add --no-cache curl # versions are pinned to these because of a bug in grype v0.36.0 - curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin v0.35.1 - curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.31.1 script: - echo ${GRYPE_IMAGE} # 0) get the SBOM from syft - syft packages ${GRYPE_IMAGE} -o json > ${SYFT_OUTPUT_FILE} Loading Loading
docker/grype.yml +2 −3 Original line number Diff line number Diff line Loading @@ -11,15 +11,14 @@ variables: GRYPE_CVE_BLACKLIST_REGEX: "" .grype: # TODO: replace alpine and before script with our custom image # TODO: replace alpine and installation with our custom image image: alpine:3 stage: test before_script: script: - apk add --no-cache curl # versions are pinned to these because of a bug in grype v0.36.0 - curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin v0.35.1 - curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.31.1 script: - echo ${GRYPE_IMAGE} # 0) get the SBOM from syft - syft packages ${GRYPE_IMAGE} -o json > ${SYFT_OUTPUT_FILE} Loading
