Documentation ¶
Index ¶
- Constants
- Variables
- func ImageTags(image *Image) []string
- func PackageToPackageUrl(pkp Package) *packageurl.PackageURL
- func SupportedTag(image *Image) string
- func Tags(image *Image) []string
- func ToAdvisoryUrl(pkg Package) string
- func ToPackageUrl(url string) (packageurl.PackageURL, error)
- type Advisory
- type BaseImage
- type BaseImageMatch
- type BaseImagesByDiffIdsQuery
- type BaseImagesResult
- type Cve
- type Cwe
- type Descriptor
- type Distro
- type Image
- type ImageByDigestQuery
- type ImageSource
- type IndexImage
- type IndexManifestList
- type IndexResult
- type LayerMapping
- type Location
- type ManifestList
- type Package
- type Platform
- type Reference
- type Report
- type Repository
- type Sbom
- type Score
- type Secret
- type SecretFinding
- type SecretSource
- type Source
- type Url
- type VulnerabilitiesByPurl
- type VulnerabilitiesByPurls
- type Vulnerability
Constants ¶
View Source
const ( Success string = "success" Failed string = "failed" )
Variables ¶
View Source
var NamespaceMapping = map[string]string{
"oracle": "oraclelinux",
"ol": "oraclelinux",
"amazon": "amazonlinux",
"amzn": "amazonlinux",
"rhel": "redhatlinux",
}
View Source
var PackageTypeMapping = map[string]string{
"apk": "alpine",
"debian": "deb",
"ubuntu": "deb",
"node-pkg": "npm",
"java": "maven",
"gobinary": "golang",
"go": "golang",
"go-module": "golang",
"java-archive": "maven",
"jenkins-plugin": "maven",
"python": "pypi",
"python-pkg": "pypi",
"jar": "maven",
"gemspec": "gem",
"centos": "rpm",
"oracle": "rpm",
"ol": "rpm",
"amzn": "rpm",
"amazon": "rpm",
"redhat": "rpm",
"photon": "rpm",
"sles": "rpm",
"rhel": "rpm",
"pip": "pypi",
"rubygems": "gem",
"rust": "cargo",
"crates.io": "cargo",
"packagist": "composer",
}
Functions ¶
func PackageToPackageUrl ¶ added in v0.0.7
func PackageToPackageUrl(pkp Package) *packageurl.PackageURL
func SupportedTag ¶ added in v0.0.8
func ToAdvisoryUrl ¶
func ToPackageUrl ¶
Types ¶
type Advisory ¶
type Advisory struct { Source string `edn:"vulnerability/source" json:"source"` SourceId string `edn:"vulnerability/source-id" json:"source_id"` References []Reference `edn:"vulnerability/references" json:"references"` Description string `edn:"vulnerability/description" json:"description,omitempty"` Cwes []Cwe `edn:"vulnerability/cwes" json:"cwes,omitempty"` Urls []Url `edn:"vulnerability/urls" json:"urls,omitempty"` }
type BaseImage ¶ added in v0.0.11
type BaseImage struct { CreatedAt string `graphql:"createdAt" json:"created_at,omitempty"` Digest string `graphql:"digest" json:"digest,omitempty"` Repository struct { Badge string `graphql:"badge" json:"badge,omitempty"` Host string `graphql:"hostName" json:"host,omitempty"` Repo string `graphql:"repoName" json:"repo,omitempty"` SupportedTags []string `graphql:"supportedTags" json:"supported_tags,omitempty"` PreferredTags []string `graphql:"preferredTags" json:"preferred_tags,omitempty"` } `graphql:"repository" json:"repository"` Tags []struct { Current bool `graphql:"current" json:"current"` Name string `graphql:"name" json:"name,omitempty"` Supported bool `graphql:"supported" json:"supported"` } `graphql:"tags" json:"tags,omitempty"` DockerFile struct { Commit struct { Repository struct { Org string `graphql:"orgName" json:"org,omitempty"` Repo string `graphql:"repoName" json:"repo,omitempty"` } `graphql:"repository" json:"repository,omitempty"` Sha string `graphql:"sha" json:"sha,omitempty"` } `json:"commit,omitempty"` Path string `graphql:"path" json:"path,omitempty"` } `graphql:"dockerFile" json:"docker_file,omitempty"` PackageCount int `graphql:"packageCount" json:"package_count,omitempty"` VulnerabilityReport struct { Critical int `graphql:"critical" json:"critical,omitempty"` High int `graphql:"high" json:"high,omitempty"` Medium int `graphql:"medium" json:"medium,omitempty"` Low int `graphql:"low" json:"low,omitempty"` Unspecified int `graphql:"unspecified" json:"unspecified,omitempty"` Total int `graphql:"total" json:"total,omitempty"` } `graphql:"vulnerabilityReport" json:"vulnerability_report"` }
type BaseImageMatch ¶ added in v0.0.17
type BaseImagesByDiffIdsQuery ¶ added in v0.0.11
type BaseImagesByDiffIdsQuery struct {
ImagesByDiffIds []BaseImageMatch `graphql:"imagesByDiffIds(context: {}, diffIds: $diffIds)"`
}
type BaseImagesResult ¶ added in v0.0.11
type Cve ¶
type Cve struct { Purl string `edn:"purl" json:"purl"` Source string `edn:"source" json:"source"` SourceId string `edn:"source-id" json:"source_id"` VulnerableRange string `edn:"vulnerable-range" json:"vulnerable_range"` AdvisoryUrl string `edn:"url" json:"-"` FixedBy string `edn:"fixed-by" json:"fixed_by,omitempty"` Advisory *Advisory `edn:"v" json:"vendor_advisory,omitempty"` Cve *Advisory `edn:"cve" json:"nist_cve,omitempty"` }
type Descriptor ¶
type Image ¶ added in v0.0.8
type Image struct { TeamId string `edn:"atomist/team-id"` Digest string `edn:"docker.image/digest"` CreatedAt time.Time `edn:"docker.image/created-at"` Tags []string `edn:"docker.image/tags"` Tag []struct { Name string `edn:"docker.tag/name"` } `edn:"docker.image/tag"` ManifestList []ManifestList `edn:"docker.image/manifest-list"` Repository Repository `edn:"docker.image/repository"` File struct { Path string `edn:"git.file/path"` } `edn:"docker.image/file"` Commit struct { Sha string `edn:"git.commit/sha"` Repo struct { Name string `edn:"git.repo/name"` Org struct { Name string `edn:"git.org/name"` } `edn:"git.repo/org"` } `edn:"git.commit/repo"` } `edn:"docker.image/commit"` Report []Report `edn:"vulnerability.report/report"` }
type ImageByDigestQuery ¶ added in v0.0.17
type ImageByDigestQuery struct {
ImageDetailsByDigest BaseImage `` /* 129-byte string literal not displayed */
}
type ImageSource ¶
type ImageSource struct { Name string `json:"name"` Digest string `json:"digest"` Tags *[]string `json:"tags,omitempty"` Manifest *v1.Manifest `json:"manifest,omitempty"` Config *v1.ConfigFile `json:"config,omitempty"` RawManifest string `json:"raw_manifest"` RawConfig string `json:"raw_config"` Distro Distro `json:"distro"` Platform Platform `json:"platform"` Size int64 `json:"size"` Details *BaseImage `json:"details,omitempty"` }
type IndexImage ¶ added in v0.0.8
type IndexImage struct { Digest string `json:"digest"` CreatedAt time.Time `json:"createdAt"` Platform struct { Os string `json:"os"` Arch string `json:"arch"` Variant string `json:"variant"` } `json:"platform"` Layers []struct { Digest string `json:"digest"` Size int `json:"size"` LastModified time.Time `json:"lastModified"` } `json:"layers"` DigestChainId string `json:"digestChainId"` DiffIdChainId string `json:"diffIdChainId"` }
type IndexManifestList ¶ added in v0.0.8
type IndexManifestList struct { Name string `json:"name"` Tags []string `json:"tags"` Digest string `json:"digest"` Images []IndexImage `json:"images"` }
type IndexResult ¶
type LayerMapping ¶
type ManifestList ¶ added in v0.0.8
type Package ¶
type Package struct { Type string `json:"type"` Namespace string `json:"namespace,omitempty"` Name string `json:"name"` Version string `json:"version"` Purl string `json:"purl"` Author string `json:"author,omitempty"` Description string `json:"description,omitempty"` Licenses []string `json:"licenses,omitempty"` Url string `json:"url,omitempty"` Size int `json:"size,omitempty"` InstalledSize int `json:"installed_size,omitempty"` Locations []Location `json:"locations"` Files []Location `json:"files,omitempty"` Parent string `json:"parent,omitempty"` }
func FilterGenericPackages ¶ added in v0.0.35
func MergePackages ¶
func MergePackages(results ...IndexResult) []Package
func NormalizePackages ¶
type Report ¶ added in v0.0.8
type Report struct { Total int64 `edn:"vulnerability.report/total"` Critical int64 `edn:"vulnerability.report/critical"` High int64 `edn:"vulnerability.report/high"` Medium int64 `edn:"vulnerability.report/medium"` Low int64 `edn:"vulnerability.report/low"` Unspecified int64 `edn:"vulnerability.report/unspecified"` }
type Repository ¶ added in v0.0.8
type Sbom ¶
type Sbom struct { Source Source `json:"source"` Artifacts []Package `json:"artifacts"` Vulnerabilities []VulnerabilitiesByPurl `json:"vulnerabilities,omitempty"` Secrets []Secret `json:"secrets,omitempty"` Descriptor Descriptor `json:"descriptor"` }
type Secret ¶ added in v0.0.25
type Secret struct { Source SecretSource `json:"source"` Findings []SecretFinding `json:"findings"` }
type SecretFinding ¶ added in v0.0.25
type SecretSource ¶ added in v0.0.25
type Source ¶
type Source struct { Type string `json:"type"` Image ImageSource `json:"image"` BaseImages []BaseImageMatch `json:"base_images,omitempty"` }
type VulnerabilitiesByPurl ¶ added in v0.0.20
type VulnerabilitiesByPurl struct { Purl string `graphql:"purl" json:"purl,omitempty"` Vulnerabilities []Vulnerability `graphql:"vulnerabilities" json:"vulnerabilities,omitempty"` }
type VulnerabilitiesByPurls ¶ added in v0.0.20
type VulnerabilitiesByPurls struct {
VulnerabilitiesByPackage []VulnerabilitiesByPurl `graphql:"vulnerabilitiesByPackage(context: {}, packageUrls: $purls)"`
}
type Vulnerability ¶ added in v0.0.20
type Vulnerability struct { Source string `graphql:"source" json:"source,omitempty"` SourceId string `graphql:"sourceId" json:"source_id,omitempty"` Description string `graphql:"description" json:"description,omitempty"` VulnerableRange string `graphql:"vulnerableRange" json:"vulnerable_range,omitempty"` FixedBy string `graphql:"fixedBy" json:"fixed_by,omitempty"` Url string `graphql:"url" json:"url,omitempty"` Cvss struct { Score float32 `graphql:"score" json:"score,omitempty"` Severity string `graphql:"severity" json:"severity,omitempty"` Vector string `graphql:"vector" json:"vector,omitempty"` Version string `graphql:"version" json:"version,omitempty"` } `graphql:"cvss" json:"cvss,omitempty"` Cwes []struct { CweId string `graphql:"cweId" json:"cwe_id,omitempty"` Name string `graphql:"description" json:"name,omitempty"` } `graphql:"cwes" json:"cwes,omitempty"` }
Click to show internal directories.
Click to hide internal directories.