Usage

CLI

Note the first time you run the command each day can be quite slow as it downloads the databases. Subsequent runs should be much more performant.

Hoppr Plugin Configuration

Name	Default	Options	Notes
output_dir	`self.context.collect_root_dir + "/generic"`	Local directory path	Default leverages the output location for hoppr which allows for any output to be included in the bundle.
base_report_name	`hopprcop-vulnerability-results`	String
scanners	`hopprcop.gemnasium.gemnasium_scanner.GemnasiumScanner` `hopprcop.grype. grype_scanner.GrypeScanner` `hopprcop.ossindex.oss_index_scanner.OSSIndexScanner`	`hopprcop.gemnasium.gemnasium_scanner.GemnasiumScanner` `hopprcop.grype.grype_scanner.GrypeScanner` `hopprcop.ossindex.oss_index_scanner.OSSIndexScanner` `hopprcop.trivy.trivy_scanner.TrivyScanner`
result_formats	`embedded_cyclone_dx_vex`	`embedded_cyclone_dx_vex` `linked_cyclone_dx_vex` `table` `html` `cyclone_dx` `gitlab`	`embedded_cyclone_dx_vex` and `linked_cyclone_dx_vex` are hoppr specific outputs and handle either embedding vulnerability information inside of the hoppr delivered bom or linking to it via a VEX Bom. The other options are default hoppr-cop formats.

Example Hoppr Transfer File Configuration

schemaVersion: v1
kind: Transfer
stages:
  Vulnerability Check:
    plugins:
    - name: "hopprcop.hoppr_plugin.hopprcop_plugin"
      config:
        result_formats:
          - embedded_cyclone_dx_vex
          - html
        scanners: 
          - hopprcop.gemnasium.gemnasium_scanner.GemnasiumScanner
          - hopprcop.grype.grype_scanner.GrypeScanner
          - hopprcop.ossindex.oss_index_scanner.OSSIndexScanner
          - hopprcop.trivy.trivy_scanner.TrivyScanner

max_processes: 3