update

pipeline.yml

@@ -6,8 +6,6 @@ stages:
 variables:
   GO_VERSION: "1.22"
   GOLANGCI_LINT_VERISON: "v1.58.0"
-  SYFT_VERSION: "v1.3.0"
-  GRYPE_VERSION: "v0.77.2"
 
 include:
   - project: 'developerdurp/yml'

scripts/scanner/grype-install.sh

@@ -0,0 +1,4 @@
+#!/usr/bin/env bash
+#%%MULTILINE_YAML_START
+#Syft install
+nix-shell -p grype

scripts/scanner/syft-install.sh

@@ -0,0 +1,4 @@
+#!/usr/bin/env bash
+#%%MULTILINE_YAML_START
+#Syft install
+nix-shell -p syft

templates/codescan.tpl.yml

@@ -1,15 +1,18 @@
 .generate_sbom:
-  image: registry.internal.durp.info/anchore/syft:${SYFT_VERSION}
+  image: registry.internal.durp.info/nixos/nix:latest
   script:
+    - ./scripts/scanner/syft-install.sh
     - ./scripts/scanner/syft-mkdir.sh
+    - ./scripts/scanner/syft-go.sh
   artifacts:
     expire_in: 1 hour
     paths:
       - $CI_PROJECT_DIR/syft
 
 .generate_cve:
-  image: registry.internal.durp.info/anchore/grype:${GRYPE_VERSION}
+  image: registry.internal.durp.info/nixos/nix:latest
   script:
+    - ./scripts/scanner/grype-install.sh
     - ./scripts/scanner/grype.sh
   artifacts:
     expire_in: 1 hour