The following plugin provides functionality available through
Pipeline-compatible steps. Read more about how to integrate steps into your
Pipeline in the
section of the
For a list of other such plugins, see the
Pipeline Steps Reference
grypeScan: Vulnerability scan with grype
Allow usage of grype
, a vulnerability scanner for container images and filesystems.
scanDest : String
Scan targets can be explicitly provided with a following scheme:
- docker:yourrepo/yourimage:tag use images from the Docker daemon
- docker-archive:path/to/yourimage.tar use a tarball from disk for archives created from "docker save"
- oci-archive:path/to/yourimage.tar use a tarball from disk for OCI archives (from Skopeo or otherwise)
- oci-dir:path/to/yourimage read directly from a path on disk for OCI layout directories (from Skopeo or otherwise)
- dir:path/to/yourproject read directly from a path on disk (any directory)
- registry:yourrepo/yourimage:tag pull image directly from a registry (no container runtime required)
repName : String
autoInstall : boolean
If active, download and install grype by ececution of install.sh
automatically in job workspace, otherwise 'grype' executable needs to be available in the PATH.
Was this page helpful?
Please submit your feedback about this page through this
Alternatively, if you don't wish to complete the quick form, you can simply
indicate if you found this page helpful?
See existing feedback here.