๐Ÿช„ Introducing jq tricks to Grype-Contribs

adriens - Jul 27 '22 - - Dev Community

๐Ÿ—ž๏ธ About

I'm quite excited to announce the arrival of a set of new productivity resources for Grype in :

GitHub logo opt-nc / grype-contribs

A set of resources around Anchore's grype tool

โ” About

The aim of this repo is to summarize some resources around Grype to take the best ouf this great tool.

๐Ÿ”– Discover grype-contribs

To learn more about this project, take a glance at :

asciicast

๐Ÿงฐ Prerequisites

For an optimal usage of these resources, you'll need :

  • git
  • brew installed
  • python3 and pip

Install tools

brew tap anchore/grype
brew install grype

We'll use termgraph, "A command-line tool that draws basic graphs in the terminal," :

python3 -m pip install termgraph

Finally clone this repo :

gh repo clone opt-nc/grype-contribs
cd grype-contribs

๐Ÿ‘‰ You are ready.

๐Ÿ“œ Templating

Since v0.42.0, and its issue #724 it is possible to transform analysis report with templates.

This feature makes it possible to build nicely useable and highly customizable reports.

๐Ÿ“Š Aggregated report in the terminal (termgraph)

โ€ฆ
Enter fullscreen mode Exit fullscreen mode

๐Ÿช„ jq tricks

This time we opened a new topic around Grype reporting :

Export vulnerabilities as well formated csv wthin a single line of code

๐Ÿ’ฐ ROI ๐Ÿ“Š

With clean csv, you can easily create and share your analysis wit JupyterNotebook... see dedicated issue in the pipe :

๐Ÿฟ Demo

๐Ÿ”ฎ Next jq trick coming

๐Ÿช„ Implement jq trick to group and count by severity #8

Provide the jq query that takes in input a grype -o json command and returns

"Negligible",0
"Low",4
"High",10

see Group vulnerabilities by severity

๐Ÿฆ Tweet : image

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .