From ad4d081a9a443062ac8aea111cea2568d456790a Mon Sep 17 00:00:00 2001
From: Ishaan Jaff <ishaanjaffer0324@gmail.com>
Date: Sat, 18 Jan 2025 17:35:00 -0800
Subject: [PATCH] litellm sec scans (#7864)

---
 .circleci/config.yml | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 34f4588ddb6c..3c8ec30b4533 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -1095,7 +1095,22 @@ jobs:
             pip install "asyncio==3.4.3"
             pip install "PyGithub==1.59.1"
             pip install "openai==1.54.0 "
-            # Run pytest and generate JUnit XML report
+      - run:
+          name: Install Grype
+          command: |
+            curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sudo sh -s -- -b /usr/local/bin
+      - run:
+          name: Build and Scan Docker Images
+          command: |
+            # Build and scan Dockerfile.database
+            echo "Building and scanning Dockerfile.database..."
+            docker build -t litellm-database:latest -f ./docker/Dockerfile.database .
+            grype litellm-database:latest --fail-on high
+
+            # Build and scan main Dockerfile
+            echo "Building and scanning main Dockerfile..."
+            docker build -t litellm:latest .
+            grype litellm:latest --fail-on high
       - run:
           name: Build Docker image
           command: docker build -t my-app:latest -f ./docker/Dockerfile.database .