The aim of this repo is to summarize some resources around Grype to take the best ouf this great tool.
To learn more about this project, take a glance at :
For an optimal usage of these resources, you'll need :
gitbrewinstalledpython3andpip
brew tap anchore/grype
brew install grype
We'll use termgraph, "A command-line tool that draws basic graphs in the terminal," :
python3 -m pip install termgraph
Finally clone this repo :
gh repo clone opt-nc/grype-contribs
cd grype-contribs
👉 You are ready.
Since v0.42.0, and
its issue #724
it is possible to transform analysis report with templates.
This feature makes it possible to build nicely useable and highly customizable reports.
clear
# Put your image here
export IMAGE=nginx:latest
echo "☝️ About to analyze $IMAGE with grype ❕"
grype $IMAGE -o template -t tmpl/csv-vulnerability_id-severity-no-headers.tmpl > work/analysis.csv
cat work/analysis.csv
echo ""
echo "✅ grype analysis done."
echo "$(tail -n +2 work/analysis.csv)" > work/analysis.csv
echo "➕ Aggregating datas :"
awk -F, '{a[$1]+=$2;}END{for(i in a)print i", "a[i];}' work/analysis.csv > work/analysis-aggregated.csv
cat work/analysis-aggregated.csv
echo "📊 Charting analysis"
termgraph work/analysis-aggregated.csv --title "🛡️ Grype report for [${IMAGE}] 🐳"
# Visit https://github.com/opt-nc/grype-tools/ for more tools around reporting and templatesclear
export IMAGE=nginx:latest
echo "☝️ About to analyze $IMAGE with grype ❕"
grype $IMAGE -o template -t tmpl/html-table.tmpl > work/analysis.html
firefox work/analysis.html
- Better
htmltemplate - Concatenate multiple reports within a same csv for advanced JupterNotebook and other reporting tools (OpenSearch, ELK, PowerBI,...)
- Jupter NoteBooks on
json - Nicer HTML reports
- Package as a Makefile
- Develop markdown template and implement pandoc toolchain for various exports
- JupyterBook report template based on raw csv export