grype icon indicating copy to clipboard operation
grype copied to clipboard
verified publisher icon anchore

How to print results to both stdout and a file?

Open Dentrax opened this issue 3 years ago • 2 comments

By default, grype prints all results in table format to stdout. In the pipeline I want to show the vulnerabilities in human-readable table format and also exporting the scan results into a file but audit/provenance purposes.

$ grype oci-dir:output --fail-on critical -o json --file result.json

Report written to "result.json"
1 error occurred:
	* discovered vulnerabilities at or above the severity threshold

Current workaround is to run grype twice with different flags (which decreases UX and increases pipeline duration):

$ grype oci-dir:output || true
$ grype oci-dir:output --fail-on critical -o json --file result.json

I could $ cat result.json here to show content of file, but it's too verbose and does not make sense to print the entire file into stdout.

Any thoughts how to achieve this?

cc @developer-guy

Dentrax avatar Jun 27 '22 14:06 Dentrax

@Dentrax I think we could update the commands surface area to give you the ability to both print the results and write to some destination. @wagoodman would you want this to be added as an additional flag?

spiffcs avatar Jun 27 '22 14:06 spiffcs

This could be accomplished with the request in #648 (syft already can do this) That issue also has example output flags

joshbressers avatar Jun 29 '22 12:06 joshbressers

Thanks for the issue @Dentrax! I'm going to close this as a duplicate of #648, as it was opened first and has a little more detail -- but please let me know if I've missed something!

kzantow avatar Nov 08 '22 16:11 kzantow