Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🌱 Use grype for scanning SBOM and images #1056

Closed
Tracked by #2131
mudler opened this issue Mar 7, 2023 · 0 comments · Fixed by #1057
Closed
Tracked by #2131

🌱 Use grype for scanning SBOM and images #1056

mudler opened this issue Mar 7, 2023 · 0 comments · Fixed by #1057
Labels
ci enhancement New feature or request lane/coco

Comments

@mudler
Copy link
Member

mudler commented Mar 7, 2023
edited
Loading

Is your feature request related to a problem? Please describe.
We use trivy, that so far collects reports only for debian and ubuntu-* flavors

Describe the solution you'd like
We can also use grype, and upload a SARIF file to Github as we do already with trivy. Moreover can be also used with #1055 and also analyze SBOM output. We can also think to release this file separately too later on
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
ci enhancement New feature or request lane/coco
Projects
🧙Issue tracking board
Archived in project
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

🤖 Add grype scan reports kairos-io/kairos
1 participant
@mudler