Documentation
¶
Index ¶
- Constants
- Variables
- func ImageTags(image *Image) []string
- func PackageToPackageUrl(pkp Package) *packageurl.PackageURL
- func SupportedTag(image *Image) string
- func Tags(image *Image) []string
- func ToAdvisoryUrl(pkg Package) string
- func ToPackageUrl(url string) (packageurl.PackageURL, error)
- type Advisory
- type BaseImage
- type BaseImageMatch
- type BaseImagesByDiffIdsQuery
- type BaseImagesResult
- type Cve
- type Cwe
- type Descriptor
- type Distro
- type Image
- type ImageByDigestQuery
- type ImageSource
- type IndexImage
- type IndexManifestList
- type IndexResult
- type LayerMapping
- type Location
- type ManifestList
- type Package
- type Platform
- type Reference
- type Report
- type Repository
- type Sbom
- type Score
- type Secret
- type SecretFinding
- type SecretSource
- type Source
- type Url
- type VulnerabilitiesByPurl
- type VulnerabilitiesByPurls
- type Vulnerability
Constants ¶
View Source
const ( Success string = "success" Failed string = "failed" )
Variables ¶
View Source
var NamespaceMapping = map[string]string{
"oracle": "oraclelinux",
"ol": "oraclelinux",
"amazon": "amazonlinux",
"amzn": "amazonlinux",
"rhel": "redhatlinux",
}
View Source
var PackageTypeMapping = map[string]string{
"apk": "alpine",
"debian": "deb",
"ubuntu": "deb",
"node-pkg": "npm",
"java": "maven",
"gobinary": "golang",
"go": "golang",
"go-module": "golang",
"java-archive": "maven",
"jenkins-plugin": "maven",
"python": "pypi",
"python-pkg": "pypi",
"jar": "maven",
"gemspec": "gem",
"centos": "rpm",
"oracle": "rpm",
"ol": "rpm",
"amzn": "rpm",
"amazon": "rpm",
"redhat": "rpm",
"photon": "rpm",
"sles": "rpm",
"rhel": "rpm",
"pip": "pypi",
"rubygems": "gem",
"rust": "cargo",
"crates.io": "cargo",
"packagist": "composer",
}
Functions ¶
func PackageToPackageUrl ¶ added in v0.0.7
func PackageToPackageUrl(pkp Package) *packageurl.PackageURL
func SupportedTag ¶ added in v0.0.8
func ToAdvisoryUrl ¶
func ToPackageUrl ¶
Types ¶
type Advisory ¶
type Advisory struct {
Source string `edn:"vulnerability/source" json:"source"`
SourceId string `edn:"vulnerability/source-id" json:"source_id"`
References []Reference `edn:"vulnerability/references" json:"references"`
Description string `edn:"vulnerability/description" json:"description,omitempty"`
Cwes []Cwe `edn:"vulnerability/cwes" json:"cwes,omitempty"`
Urls []Url `edn:"vulnerability/urls" json:"urls,omitempty"`
}
type BaseImage ¶ added in v0.0.11
type BaseImage struct {
CreatedAt string `graphql:"createdAt" json:"created_at,omitempty"`
Digest string `graphql:"digest" json:"digest,omitempty"`
Repository struct {
Badge string `graphql:"badge" json:"badge,omitempty"`
Host string `graphql:"hostName" json:"host,omitempty"`
Repo string `graphql:"repoName" json:"repo,omitempty"`
SupportedTags []string `graphql:"supportedTags" json:"supported_tags,omitempty"`
PreferredTags []string `graphql:"preferredTags" json:"preferred_tags,omitempty"`
} `graphql:"repository" json:"repository"`
Tags []struct {
Current bool `graphql:"current" json:"current"`
Name string `graphql:"name" json:"name,omitempty"`
Supported bool `graphql:"supported" json:"supported"`
} `graphql:"tags" json:"tags,omitempty"`
DockerFile struct {
Commit struct {
Repository struct {
Org string `graphql:"orgName" json:"org,omitempty"`
Repo string `graphql:"repoName" json:"repo,omitempty"`
} `graphql:"repository" json:"repository,omitempty"`
Sha string `graphql:"sha" json:"sha,omitempty"`
} `json:"commit,omitempty"`
Path string `graphql:"path" json:"path,omitempty"`
} `graphql:"dockerFile" json:"docker_file,omitempty"`
PackageCount int `graphql:"packageCount" json:"package_count,omitempty"`
VulnerabilityReport struct {
Critical int `graphql:"critical" json:"critical,omitempty"`
High int `graphql:"high" json:"high,omitempty"`
Medium int `graphql:"medium" json:"medium,omitempty"`
Low int `graphql:"low" json:"low,omitempty"`
Unspecified int `graphql:"unspecified" json:"unspecified,omitempty"`
Total int `graphql:"total" json:"total,omitempty"`
} `graphql:"vulnerabilityReport" json:"vulnerability_report"`
}
type BaseImageMatch ¶ added in v0.0.17
type BaseImagesByDiffIdsQuery ¶ added in v0.0.11
type BaseImagesByDiffIdsQuery struct {
ImagesByDiffIds []BaseImageMatch `graphql:"imagesByDiffIds(context: {}, diffIds: $diffIds)"`
}
type BaseImagesResult ¶ added in v0.0.11
type Cve ¶
type Cve struct {
Purl string `edn:"purl" json:"purl"`
Source string `edn:"source" json:"source"`
SourceId string `edn:"source-id" json:"source_id"`
VulnerableRange string `edn:"vulnerable-range" json:"vulnerable_range"`
AdvisoryUrl string `edn:"url" json:"-"`
FixedBy string `edn:"fixed-by" json:"fixed_by,omitempty"`
Advisory *Advisory `edn:"v" json:"vendor_advisory,omitempty"`
Cve *Advisory `edn:"cve" json:"nist_cve,omitempty"`
}
type Descriptor ¶
type Image ¶ added in v0.0.8
type Image struct {
TeamId string `edn:"atomist/team-id"`
Digest string `edn:"docker.image/digest"`
CreatedAt time.Time `edn:"docker.image/created-at"`
Tags []string `edn:"docker.image/tags"`
Tag []struct {
Name string `edn:"docker.tag/name"`
} `edn:"docker.image/tag"`
ManifestList []ManifestList `edn:"docker.image/manifest-list"`
Repository Repository `edn:"docker.image/repository"`
File struct {
Path string `edn:"git.file/path"`
} `edn:"docker.image/file"`
Commit struct {
Sha string `edn:"git.commit/sha"`
Repo struct {
Name string `edn:"git.repo/name"`
Org struct {
Name string `edn:"git.org/name"`
} `edn:"git.repo/org"`
} `edn:"git.commit/repo"`
} `edn:"docker.image/commit"`
Report []Report `edn:"vulnerability.report/report"`
}
type ImageByDigestQuery ¶ added in v0.0.17
type ImageByDigestQuery struct {
ImageDetailsByDigest BaseImage `` /* 129-byte string literal not displayed */
}
type ImageSource ¶
type ImageSource struct {
Name string `json:"name"`
Digest string `json:"digest"`
Tags *[]string `json:"tags,omitempty"`
Manifest *v1.Manifest `json:"manifest,omitempty"`
Config *v1.ConfigFile `json:"config,omitempty"`
RawManifest string `json:"raw_manifest"`
RawConfig string `json:"raw_config"`
Distro Distro `json:"distro"`
Platform Platform `json:"platform"`
Size int64 `json:"size"`
Details *BaseImage `json:"details,omitempty"`
}
type IndexImage ¶ added in v0.0.8
type IndexImage struct {
Digest string `json:"digest"`
CreatedAt time.Time `json:"createdAt"`
Platform struct {
Os string `json:"os"`
Arch string `json:"arch"`
Variant string `json:"variant"`
} `json:"platform"`
Layers []struct {
Digest string `json:"digest"`
Size int `json:"size"`
LastModified time.Time `json:"lastModified"`
} `json:"layers"`
DigestChainId string `json:"digestChainId"`
DiffIdChainId string `json:"diffIdChainId"`
}
type IndexManifestList ¶ added in v0.0.8
type IndexManifestList struct {
Name string `json:"name"`
Tags []string `json:"tags"`
Digest string `json:"digest"`
Images []IndexImage `json:"images"`
}
type IndexResult ¶
type LayerMapping ¶
type ManifestList ¶ added in v0.0.8
type Package ¶
type Package struct {
Type string `json:"type"`
Namespace string `json:"namespace,omitempty"`
Name string `json:"name"`
Version string `json:"version"`
Purl string `json:"purl"`
Author string `json:"author,omitempty"`
Description string `json:"description,omitempty"`
Licenses []string `json:"licenses,omitempty"`
Url string `json:"url,omitempty"`
Size int `json:"size,omitempty"`
InstalledSize int `json:"installed_size,omitempty"`
Locations []Location `json:"locations"`
Files []Location `json:"files,omitempty"`
Parent string `json:"parent,omitempty"`
}
func FilterGenericPackages ¶ added in v0.0.35
func MergePackages ¶
func MergePackages(results ...IndexResult) []Package
func NormalizePackages ¶
type Report ¶ added in v0.0.8
type Report struct {
Total int64 `edn:"vulnerability.report/total"`
Critical int64 `edn:"vulnerability.report/critical"`
High int64 `edn:"vulnerability.report/high"`
Medium int64 `edn:"vulnerability.report/medium"`
Low int64 `edn:"vulnerability.report/low"`
Unspecified int64 `edn:"vulnerability.report/unspecified"`
}
type Repository ¶ added in v0.0.8
type Sbom ¶
type Sbom struct {
Source Source `json:"source"`
Artifacts []Package `json:"artifacts"`
Vulnerabilities []VulnerabilitiesByPurl `json:"vulnerabilities,omitempty"`
Secrets []Secret `json:"secrets,omitempty"`
Descriptor Descriptor `json:"descriptor"`
}
type Secret ¶ added in v0.0.25
type Secret struct {
Source SecretSource `json:"source"`
Findings []SecretFinding `json:"findings"`
}
type SecretFinding ¶ added in v0.0.25
type SecretSource ¶ added in v0.0.25
type Source ¶
type Source struct {
Type string `json:"type"`
Image ImageSource `json:"image"`
BaseImages []BaseImageMatch `json:"base_images,omitempty"`
}
type VulnerabilitiesByPurl ¶ added in v0.0.20
type VulnerabilitiesByPurl struct {
Purl string `graphql:"purl" json:"purl,omitempty"`
Vulnerabilities []Vulnerability `graphql:"vulnerabilities" json:"vulnerabilities,omitempty"`
}
type VulnerabilitiesByPurls ¶ added in v0.0.20
type VulnerabilitiesByPurls struct {
VulnerabilitiesByPackage []VulnerabilitiesByPurl `graphql:"vulnerabilitiesByPackage(context: {}, packageUrls: $purls)"`
}
type Vulnerability ¶ added in v0.0.20
type Vulnerability struct {
Source string `graphql:"source" json:"source,omitempty"`
SourceId string `graphql:"sourceId" json:"source_id,omitempty"`
Description string `graphql:"description" json:"description,omitempty"`
VulnerableRange string `graphql:"vulnerableRange" json:"vulnerable_range,omitempty"`
FixedBy string `graphql:"fixedBy" json:"fixed_by,omitempty"`
Url string `graphql:"url" json:"url,omitempty"`
Cvss struct {
Score float32 `graphql:"score" json:"score,omitempty"`
Severity string `graphql:"severity" json:"severity,omitempty"`
Vector string `graphql:"vector" json:"vector,omitempty"`
Version string `graphql:"version" json:"version,omitempty"`
} `graphql:"cvss" json:"cvss,omitempty"`
Cwes []struct {
CweId string `graphql:"cweId" json:"cwe_id,omitempty"`
Name string `graphql:"description" json:"name,omitempty"`
} `graphql:"cwes" json:"cwes,omitempty"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.