You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
GitLab utilizes shells of container images to run CI/CD jobs. The Grype container doesn't not provide any shells. While the distroless images do provide a focused base image for CLI images it prevents Grype from being used by all CI/CD platforms where it is intended.
What you expected to happen:
GitLab should be able to utilize a shell and perform any additional pre/post setup actions for Grype.
Steps to reproduce the issue:
Create a project with a pipeline on GitLab.com (or any CI/CD utilizing shells) and attempt to use Grype:
Hi @kuwv, we currently publish a -debug tag, in the format: anchore/grype:<version>-debug (introduced in PR 1106). This should provide a shell that is compatible with GitLab. Would you be able to try this and see if it works for you?
What happened:
GitLab utilizes shells of container images to run CI/CD jobs. The Grype container doesn't not provide any shells. While the distroless images do provide a focused base image for CLI images it prevents Grype from being used by all CI/CD platforms where it is intended.
What you expected to happen:
GitLab should be able to utilize a shell and perform any additional pre/post setup actions for Grype.
Steps to reproduce the issue:
Create a project with a pipeline on GitLab.com (or any CI/CD utilizing shells) and attempt to use Grype:
Anything else we need to know?:
https://docs.gitlab.com/ee/ci/docker/using_docker_images.html#override-the-entrypoint-of-an-image
anchore/syft#833
anchore/syft#1858
The text was updated successfully, but these errors were encountered: