From 1d065b67b2aa93d348eb6fc54c5aefbdf7108dfd Mon Sep 17 00:00:00 2001 From: Alex Rosenzweig Date: Sun, 23 Jun 2024 14:27:01 +1000 Subject: [PATCH] install grype --- .github/workflows/build_and_publish.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/build_and_publish.yaml b/.github/workflows/build_and_publish.yaml index 130e282..80dff30 100644 --- a/.github/workflows/build_and_publish.yaml +++ b/.github/workflows/build_and_publish.yaml @@ -66,6 +66,10 @@ jobs: - name: Generate SBOM run: syft ${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }} -o json > sbom.json + - name: Install Grype + run: | + curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin + - name: Scan SBOM with Grype run: grype sbom:sbom.json --output sarif > grype-report.sarif