build: sub docker-scout with grype

Metalheads-it · Nov 1, 2024 · a73f0ed · a73f0ed
1 parent 54255a5
commit a73f0ed
Showing 1 changed file with 6 additions and 2 deletions.
diff --git a/.github/workflows/pr-check..yml b/.github/workflows/pr-check..yml
@@ -82,6 +82,10 @@ jobs:
             - name: Load Docker image
               run: docker load -i metal-api.tar
 
-            - name: Run Docker Scout for Vulnerability Scanning
+            - name: Install Grype
               run: |
-                  docker scout quickview metalheads/metal-api:pr-${{ github.event.pull_request.number }}
+                  curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh
+
+            - name: Run Grype for Vulnerability Scanning
+              run: |
+                  ./grype metalheads/metal-api:pr-${{ github.event.pull_request.number }} --fail-on high