trivy

package

v0.6.0-alpha.1 Latest Latest Go to latest Published: Oct 12, 2020 License: Apache-2.0 Imports: 24 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/aquasecurity/starboard

Documentation ¶

Index ¶

Variables
type Config
type Converter
- func NewConverter() Converter
type ScanReport
type Scanner
- func NewScanner(config Config, opts kube.ScannerOpts, clientset kubernetes.Interface) *Scanner
type Vulnerability

Constants ¶

This section is empty.

Variables ¶

View Source

var DefaultConverter = NewConverter()

Functions ¶

This section is empty.

Types ¶

type Config ¶ added in v0.6.0

type Config interface {
	GetTrivyImageRef() string
}

type Converter ¶

type Converter interface {
	Convert(config Config, imageRef string, reader io.Reader) (starboardv1alpha1.VulnerabilityScanResult, error)
}

Converter is the interface that wraps the Convert method.

Convert converts the vulnerabilities model used by Trivy to a generic model defined by the Custom Security Resource Specification.

func NewConverter ¶ added in v0.2.2

func NewConverter() Converter

type ScanReport ¶

type ScanReport struct {
	Target          string          `json:"Target"`
	Vulnerabilities []Vulnerability `json:"Vulnerabilities"`
}

type Scanner ¶ added in v0.2.6

type Scanner struct {
	// contains filtered or unexported fields
}

func NewScanner ¶

func NewScanner(config Config, opts kube.ScannerOpts, clientset kubernetes.Interface) *Scanner

NewScanner constructs a new vulnerability Scanner with the specified options and Kubernetes client Interface.

func (*Scanner) GetVulnerabilityReportsByScanJob ¶ added in v0.2.6

func (s *Scanner) GetVulnerabilityReportsByScanJob(ctx context.Context, job *batch.Job) (reports vulnerabilities.WorkloadVulnerabilities, err error)

func (*Scanner) PrepareScanJob ¶ added in v0.2.6

func (s *Scanner) PrepareScanJob(_ context.Context, workload kube.Object, spec core.PodSpec, credentials map[string]docker.Auth) (*batch.Job, *core.Secret, error)

func (*Scanner) Scan ¶ added in v0.2.6

func (s *Scanner) Scan(ctx context.Context, workload kube.Object) (reports vulnerabilities.WorkloadVulnerabilities, owner meta.Object, err error)

func (*Scanner) ScanByPodSpec ¶ added in v0.2.6

func (s *Scanner) ScanByPodSpec(ctx context.Context, workload kube.Object, spec core.PodSpec) (map[string]sec.VulnerabilityScanResult, error)

type Vulnerability ¶

type Vulnerability struct {
	VulnerabilityID  string       `json:"VulnerabilityID"`
	PkgName          string       `json:"PkgName"`
	InstalledVersion string       `json:"InstalledVersion"`
	FixedVersion     string       `json:"FixedVersion"`
	Title            string       `json:"Title"`
	Description      string       `json:"Description"`
	Severity         sec.Severity `json:"Severity"`
	LayerID          string       `json:"LayerID"`
	References       []string     `json:"References"`
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL