Documentation
¶
Overview ¶
Package trivy provides primitives for working with Trivy.
Index ¶
- Constants
- func GetMirroredImage(image string, mirrors map[string]string) (string, error)
- func GetScoreFromCVSS(CVSSs map[string]*CVSS) *float64
- func NewPlugin(clock ext.Clock, idGenerator ext.IDGenerator) vulnerabilityreport.Plugin
- type CVSS
- type Config
- func (c Config) GetImageRef() (string, error)
- func (c Config) GetInsecureRegistries() map[string]bool
- func (c Config) GetMirrors() map[string]string
- func (c Config) GetMode() (Mode, error)
- func (c Config) GetResourceRequirements() (corev1.ResourceRequirements, error)
- func (c Config) GetServerURL() (string, error)
- func (c Config) IgnoreFileExists() bool
- type Layer
- type Mode
- type ScanReport
- type ScanResult
- type Vulnerability
Constants ¶
View Source
const (
// Plugin the name of this plugin.
Plugin = "Trivy"
)
Variables ¶
This section is empty.
Functions ¶
func GetMirroredImage ¶ added in v0.12.0
func GetScoreFromCVSS ¶ added in v0.11.0
func NewPlugin ¶
func NewPlugin(clock ext.Clock, idGenerator ext.IDGenerator) vulnerabilityreport.Plugin
NewPlugin constructs a new vulnerabilityreport.Plugin, which is using an upstream Trivy container image to scan Kubernetes workloads.
This Plugin supports both Standalone and ClientServer modes depending on the settings returned by Config.GetMode.
The ClientServer mode is usually more performant, however it requires a Trivy server accessible at the configurable Config.GetServerURL.
Types ¶
type Config ¶
type Config struct {
starboard.PluginConfig
}
Config defines configuration params for this plugin.
func (Config) GetImageRef ¶ added in v0.11.0
GetImageRef returns upstream Trivy container image reference.
func (Config) GetInsecureRegistries ¶ added in v0.11.0
func (Config) GetMirrors ¶ added in v0.12.0
func (Config) GetResourceRequirements ¶ added in v0.11.0
func (c Config) GetResourceRequirements() (corev1.ResourceRequirements, error)
GetResourceRequirements creates ResourceRequirements from the Config.
func (Config) GetServerURL ¶ added in v0.11.0
func (Config) IgnoreFileExists ¶ added in v0.11.0
type ScanReport ¶
type ScanReport struct {
Results []ScanResult `json:"Results"`
}
type ScanResult ¶ added in v0.13.0
type ScanResult struct {
Target string `json:"Target"`
Vulnerabilities []Vulnerability `json:"Vulnerabilities"`
}
type Vulnerability ¶
type Vulnerability struct {
VulnerabilityID string `json:"VulnerabilityID"`
PkgName string `json:"PkgName"`
InstalledVersion string `json:"InstalledVersion"`
FixedVersion string `json:"FixedVersion"`
Title string `json:"Title"`
Description string `json:"Description"`
Severity v1alpha1.Severity `json:"Severity"`
Layer Layer `json:"Layer"`
PrimaryURL string `json:"PrimaryURL"`
References []string `json:"References"`
Cvss map[string]*CVSS `json:"CVSS"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.