This is a watcher repository surrounding Anchore's Grype to package the current vulnerabilty database into the container image. This makes it easier to run Grype in an offline or air-gapped environment.
As this is a wrapper around the Grype image, the usage is the same as the Grype image. The only difference is that the Grype image is now kchason/grype-packed
instead of anchore/grype
.
For example, to scan a container image:
docker run --rm \
--volume /var/run/docker.sock:/var/run/docker.sock \
--name Grype kchason/grype-packed:latest \
$(ImageName):$(ImageTag)
Full documentation is available in the Grype repository: https://github.com/anchore/grype
All images are based off the latest Grype image (anchore/grype:latest
).
The latest image in this repository (kchason/grype-packed:latest
) is the most up to date image. Images are alternatively tagged with their build date which contains the date the image was built in the format YYYYMMDD
(e.g. kchason/grype-packed:20240801
).