Skip to content

Commit 242ff81

Browse files
vitalykorolevvitalykorolev
authored
Merge pull request #291 from vitalykorolev/MLE-17055_remove-scan-filter
MLE-17055 remove grype scan filter
2 parents bebf98c + b3de597 commit 242ff81

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

makefile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -235,7 +235,7 @@ image-scan:
235235

236236
@echo "=====Scan dependent Docker images in charts/values.yaml" $(if $(saveOutput), | tee -a dep-image-scan.txt,)
237237
@for depImage in $(shell grep -E "^\s*\bimage:\s+(.*)" charts/values.yaml | sed 's/image: //g' | sed 's/"//g'); do\
238-
echo " - $${depImage}" $(if $(saveOutput), | tee -a dep-image-scan.txt,) ; \
239-
docker run --rm -v /var/run/docker.sock:/var/run/docker.sock anchore/grype:latest $${depImage} | grep 'High\|Critical' $(if $(saveOutput), | tee -a dep-image-scan.txt,);\
238+
echo "= $${depImage}:" $(if $(saveOutput), | tee -a dep-image-scan.txt,) ; \
239+
docker run --rm -v /var/run/docker.sock:/var/run/docker.sock anchore/grype:latest --output json $${depImage} | jq -r '[(.matches[] | [.artifact.name, .artifact.version, .vulnerability.id, .vulnerability.severity])] | .[] | @tsv' | sort -k4 | column -t $(if $(saveOutput), | tee -a dep-image-scan.txt,);\
240240
echo $(if $(saveOutput), | tee -a dep-image-scan.txt,) ;\
241241
done

0 commit comments

Comments
 (0)