containeranalysis

package
Version: v0.2.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 10, 2020 License: Apache-2.0 Imports: 15 Imported by: 6

Documentation

Index

Constants

View Source
const (
	PkgVulnerability     = "PACKAGE_VULNERABILITY"
	AttestationAuthority = "ATTESTATION_AUTHORITY"
)

Container Analysis Library Specific Constants.

Variables

This section is empty.

Functions

This section is empty.

Types

type Cache

type Cache struct {
	// contains filtered or unexported fields
}

Cache struct defines Cache for container analysis client. Implements ReadWriteClient interface.

func NewCache

func NewCache() (*Cache, error)

NewCache Create a new Cache for container analysis client.

func (Cache) AttestationNote

func (c Cache) AttestationNote(aa *kritisv1beta1.AttestationAuthority) (*grafeas.Note, error)

AttestationNote returns a note if it exists for given AttestationAuthority

func (Cache) Attestations

Attestations gets Attestations for a specified image and a specified AttestationAuthority from cache or from client.

func (Cache) Close added in v0.1.1

func (c Cache) Close()

Close closes client connections

func (Cache) CreateAttestationNote

func (c Cache) CreateAttestationNote(aa *kritisv1beta1.AttestationAuthority) (*grafeas.Note, error)

CreateAttestationNote creates an attestation note from AttestationAuthority

func (Cache) CreateAttestationOccurrence added in v0.2.0

func (c Cache) CreateAttestationOccurrence(n *grafeas.Note, image string, p *secrets.PGPSigningSecret, proj string) (*grafeas.Occurrence, error)

CreateAttestationOccurrence creates an Attestation occurrence for a given image, secret, and project.

func (Cache) Vulnerabilities

func (c Cache) Vulnerabilities(image string) ([]metadata.Vulnerability, error)

Vulnerabilities gets Package Vulnerabilities Occurrences for a specified image.

type Client

type Client struct {
	// contains filtered or unexported fields
}

Client struct implements ReadWriteClient and ReadOnlyClient interfaces.

func New

func New() (*Client, error)

TODO: separate constructor methods for r/w and r/o clients

func (Client) AttestationNote

func (c Client) AttestationNote(aa *kritisv1beta1.AttestationAuthority) (*grafeas.Note, error)

AttestationNote returns a note if it exists for given AttestationAuthority

func (Client) Attestations

func (c Client) Attestations(containerImage string, aa *kritisv1beta1.AttestationAuthority) ([]metadata.PGPAttestation, error)

Attestations gets AttesationAuthority Occurrences for a specified image, using the note specified in the AttestationAuthority provided. This may take a few seconds to retrieve an attestation occurrence, if it was created very recently. For GenericAttestationPolicy, this has little impact as it's expected that attestations will be created before a pod admission request is sent. For ImageSecurityPolicy, which effectively caches the previous policy decision in an attestation, the policy will be re-evaluated if an attestation occurrence has not yet been retrieved. In most cases, it's expected that ImageSecurityPolicy will return the same decision, as vulnerability scannig process takes longer than a few seconds to run and update metadata.

func (Client) Close added in v0.1.1

func (c Client) Close()

Close closes client connections

func (Client) CreateAttestationNote

func (c Client) CreateAttestationNote(aa *kritisv1beta1.AttestationAuthority) (*grafeas.Note, error)

CreateAttestationNote creates an attestation note from AttestationAuthority

func (Client) CreateAttestationOccurrence added in v0.2.0

func (c Client) CreateAttestationOccurrence(note *grafeas.Note,
	containerImage string,
	pgpSigningKey *secrets.PGPSigningSecret, proj string) (*grafeas.Occurrence, error)

CreateAttestationOccurrence creates an Attestation occurrence for a given image and secret.

func (Client) DeleteAttestationNote

func (c Client) DeleteAttestationNote(aa *kritisv1beta1.AttestationAuthority) error

DeleteAttestationNote deletes a note for given AttestationAuthority

func (Client) DeleteOccurrence

func (c Client) DeleteOccurrence(ID string) error

DeleteOccurrence deletes an occurrence with given ID

func (Client) Vulnerabilities

func (c Client) Vulnerabilities(containerImage string) ([]metadata.Vulnerability, error)

Vulnerabilities gets Package Vulnerabilities Occurrences for a specified image.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
t or T : Toggle theme light dark auto
y or Y : Canonical URL