actions/grype-container-scanning
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Adding only fixed option

Browse Source
This commit is contained in:
Skydust
2025-04-14 07:47:39 +02:00
parent 6e9c97d981
commit fdb4a7fc24
2 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
action.yml
View File

@@ -23,6 +23,10 @@ inputs:
description: Fail if a vulnerability is rated above or equal. [negligible,low,medium,high,critical] description: Fail if a vulnerability is rated above or equal. [negligible,low,medium,high,critical]
required: false required: false
default: "high" default: "high"
onlyFixed:
description: Fails if a vulnerability is above failOn and fixed only
required: false
default: "true"
runs: runs:
using: docker using: docker

5
entrypoint.sh
View File

@@ -5,6 +5,7 @@ INPUT_IMAGE_PREFIX=$imagePrefix
INPUT_CONFIG_PATH=$config INPUT_CONFIG_PATH=$config
INPUT_PLATFORM=$platform INPUT_PLATFORM=$platform
INPUT_FAIL_ON=$failOn INPUT_FAIL_ON=$failOn
INPUT_ONLY_FIXED=$onlyFixed
set -e set -e
@@ -25,6 +26,10 @@ fi;
GRYPE_OPTIONS=("-v" "--by-cve" "--show-suppressed") GRYPE_OPTIONS=("-v" "--by-cve" "--show-suppressed")
if [ "$INPUT_ONLY_FIXED" == "true" ]; then
GRYPE_OPTIONS+=("--only-fixed")
fi
if [ -n "$INPUT_CONFIG_PATH" ] && [ -f "$INPUT_CONFIG_PATH" ]; then if [ -n "$INPUT_CONFIG_PATH" ] && [ -f "$INPUT_CONFIG_PATH" ]; then
GRYPE_OPTIONS+=("--config" "$INPUT_CONFIG_PATH") GRYPE_OPTIONS+=("--config" "$INPUT_CONFIG_PATH")
fi fi