containeranalysis

package

v0.0.0-...-8e01d1d Latest Latest Go to latest Published: May 14, 2020 License: Apache-2.0 Imports: 16 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/aysylu/kritis

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
type Cache
- func NewCache(opts ...option.ClientOption) (*Cache, error)
type Client
- func New(opts ...option.ClientOption) (*Client, error)

Constants ¶

View Source

const (
	PkgVulnerability     = "PACKAGE_VULNERABILITY"
	AttestationAuthority = "ATTESTATION_AUTHORITY"
)

Container Analysis Library Specific Constants.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Cache ¶

type Cache struct {
	// contains filtered or unexported fields
}

Cache struct defines Cache for container analysis client. Implements ReadWriteClient interface.

func NewCache ¶

func NewCache(opts ...option.ClientOption) (*Cache, error)

NewCache Create a new Cache for container analysis client.

func (Cache) AttestationNote ¶

func (c Cache) AttestationNote(aa *kritisv1beta1.AttestationAuthority) (*grafeas.Note, error)

AttestationNote returns a note if it exists for given AttestationAuthority

func (Cache) Attestations ¶

func (c Cache) Attestations(image string, aa *kritisv1beta1.AttestationAuthority) ([]metadata.RawAttestation, error)

Attestations gets Attestations for a specified image and a specified AttestationAuthority from cache or from client.

func (Cache) Close ¶

func (c Cache) Close()

Close closes client connections

func (Cache) CreateAttestationNote ¶

func (c Cache) CreateAttestationNote(aa *kritisv1beta1.AttestationAuthority) (*grafeas.Note, error)

CreateAttestationNote creates an attestation note from AttestationAuthority

func (Cache) CreateAttestationOccurrence ¶

func (c Cache) CreateAttestationOccurrence(noteName string, image string, p *secrets.PGPSigningSecret, proj string) (*grafeas.Occurrence, error)

CreateAttestationOccurrence creates an Attestation occurrence for a given image, secret, and project.

func (Cache) Vulnerabilities ¶

func (c Cache) Vulnerabilities(image string) ([]metadata.Vulnerability, error)

Vulnerabilities gets Package Vulnerabilities Occurrences for a specified image.

type Client ¶

type Client struct {
	// contains filtered or unexported fields
}

Client struct implements ReadWriteClient and ReadOnlyClient interfaces.

func New ¶

func New(opts ...option.ClientOption) (*Client, error)

TODO: separate constructor methods for r/w and r/o clients

func (Client) AttestationNote ¶

func (c Client) AttestationNote(aa *kritisv1beta1.AttestationAuthority) (*grafeas.Note, error)

AttestationNote returns a note if it exists for given AttestationAuthority

func (Client) Attestations ¶

func (c Client) Attestations(containerImage string, aa *kritisv1beta1.AttestationAuthority) ([]metadata.RawAttestation, error)

Attestations gets AttesationAuthority Occurrences for a specified image, using the note specified in the AttestationAuthority provided. This may take a few seconds to retrieve an attestation occurrence, if it was created very recently. For GenericAttestationPolicy, this has little impact as it's expected that attestations will be created before a pod admission request is sent. For ImageSecurityPolicy, which effectively caches the previous policy decision in an attestation, the policy will be re-evaluated if an attestation occurrence has not yet been retrieved. In most cases, it's expected that ImageSecurityPolicy will return the same decision, as vulnerability scannig process takes longer than a few seconds to run and update metadata.

func (Client) Close ¶

func (c Client) Close()

Close closes client connections

func (Client) CreateAttestationNote ¶

func (c Client) CreateAttestationNote(aa *kritisv1beta1.AttestationAuthority) (*grafeas.Note, error)

CreateAttestationNote creates an attestation note from AttestationAuthority

func (Client) CreateAttestationOccurrence ¶

func (c Client) CreateAttestationOccurrence(noteName string, containerImage string, pgpSigningKey *secrets.PGPSigningSecret, proj string) (*grafeas.Occurrence, error)

CreateAttestationOccurrence creates an Attestation occurrence for a given image and secret.

func (Client) DeleteAttestationNote ¶

func (c Client) DeleteAttestationNote(aa *kritisv1beta1.AttestationAuthority) error

DeleteAttestationNote deletes a note for given AttestationAuthority

func (Client) DeleteOccurrence ¶

func (c Client) DeleteOccurrence(ID string) error

DeleteOccurrence deletes an occurrence with given ID

func (Client) Vulnerabilities ¶

func (c Client) Vulnerabilities(containerImage string) ([]metadata.Vulnerability, error)

Vulnerabilities gets Package Vulnerabilities Occurrences for a specified image.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL