diff --git a/Dockerfile b/Dockerfile
index 800049e2e47dc2a9575c5ebc51cedbb607779d41..adc1035500527ba78edfc3e0d533efd8bb0921b2 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -4,6 +4,7 @@ FROM $DOCKER_REGISTRY/tools/docker/grype:latest AS base
 FROM $DOCKER_REGISTRY/tools/docker/alpine:latest AS common
 
 FROM common AS executor
+SHELL ["/bin/ash", "-euo", "pipefail", "-c"]
 ENV GRYPE_CHECK_FOR_APP_UPDATE="false" \
     GRYPE_DB_CACHE_DIR="/tmp/db" \
     GRYPE_DB_AUTO_UPDATE="false"
@@ -14,7 +15,7 @@ RUN set -ex && \
     mkdir -p ${GRYPE_DB_CACHE_DIR} && \
     chmod -R 0777 ${GRYPE_DB_CACHE_DIR} && \
     echo ${CACHEBUST} && \
-    /bin/grype db update -v
+    if test -n "$(/bin/grype db update -v | grep 'unable to check for vulnerability database update')"; then echo "Update failed!"; exit 1; else true; fi
 
 FROM common AS runtime
 ENV GRYPE_CHECK_FOR_APP_UPDATE="false" \