Exit with a different return code for a failed scan

[Oh-Py-God]

What would you like to be added: Set the return code to a different number other than 0 or 1 when a scan fails. There may be 1 or more than 1 error codes for failed scans. For example, the image was not found or the image could not be fetched due to a network issue.

Why is this needed: As of grype version 0.78.0, -f / --fail-on would set the return code to 1 in case a vulnerability is found greater than the threshold. However, this does not handle the scenarios where a scan fails due to any particular reason.

While using grype in a CI/CD pipeline, this would be helpful to know if the scan failed or the threshold was crossed.

Additional context: As shown in the attached image, grype returns 1 at both the scenarios:

• Scenario 1: Grype discovered vulnerabilities at or above the severity threshold.
• Scenario 2: Grype scan failed as image pull failed.

[tgerla]

Hi @Oh-Py-God, thank you for the request. We will put this in the backlog. Is this something you're interested in working on? We are happy to help get you started if so. Thanks!

[Oh-Py-God]

@tgerla I'd like to work on the fix for this. Let me know the steps please.