From 4efbe9539344ca76b2fa3048a19f7555730829f6 Mon Sep 17 00:00:00 2001
From: Skydust <evann.jallet@gmail.com>
Date: Tue, 26 Nov 2024 20:47:29 +0100
Subject: [PATCH] Added a double grype scan to show the suppressed scans
 without fail-on

---
 entrypoint.sh | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/entrypoint.sh b/entrypoint.sh
index 420df5d..6c2486e 100644
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -35,12 +35,16 @@ if [ -n "$INPUT_PLATFORM" ]; then
   GRYPE_OPTIONS+=("--platform" "$INPUT_PLATFORM")
 fi
 
+GRYPE_OPTIONS+=("registry:${IMAGE_NAME}")
+
+# shellcheck disable=SC2145
+echo "Running grype container scanning with options: ${GRYPE_OPTIONS[@]} --show-suppressed"
+grype "${GRYPE_OPTIONS[@]}" "--show-suppressed"
+
 if [ -n "$INPUT_FAIL_ON" ]; then
   GRYPE_OPTIONS+=("--fail-on" "$INPUT_FAIL_ON")
 fi
 
-GRYPE_OPTIONS+=("registry:${IMAGE_NAME}")
-
 # shellcheck disable=SC2145
 echo "Running grype container scanning with options: ${GRYPE_OPTIONS[@]}"
 grype "${GRYPE_OPTIONS[@]}"