etc

Documentation

Index

• func Check(config Config) error
• func GetScannerMetadata() harbor.Scanner
• func LogLevel() slog.Level
• type API
  • func (c *API) IsTLSEnabled() bool
• type BuildInfo
• type Config
  • func GetConfig() (Config, error)
• type JobQueue
• type RedisPool
• type RedisStore
• type Tunnel

Functions

func Check

func Check(config Config) error

Check checks config values to fail fast in case of any problems that we might have due to invalid config.

func GetScannerMetadata

func GetScannerMetadata() harbor.Scanner

func LogLevel

func LogLevel() slog.Level

Types

type API

type API struct {
	Addr           string        `env:"SCANNER_API_SERVER_ADDR" envDefault:":8080"`
	TLSCertificate string        `env:"SCANNER_API_SERVER_TLS_CERTIFICATE"`
	TLSKey         string        `env:"SCANNER_API_SERVER_TLS_KEY"`
	ClientCAs      []string      `env:"SCANNER_API_SERVER_CLIENT_CAS"`
	ReadTimeout    time.Duration `env:"SCANNER_API_SERVER_READ_TIMEOUT" envDefault:"15s"`
	WriteTimeout   time.Duration `env:"SCANNER_API_SERVER_WRITE_TIMEOUT" envDefault:"15s"`
	IdleTimeout    time.Duration `env:"SCANNER_API_SERVER_IDLE_TIMEOUT" envDefault:"60s"`
	MetricsEnabled bool          `env:"SCANNER_API_SERVER_METRICS_ENABLED" envDefault:"true"`
}

func (*API) IsTLSEnabled

func (c *API) IsTLSEnabled() bool

type BuildInfo

type BuildInfo struct {
	Version string
	Commit  string
	Date    string
}

type Config

type Config struct {
	API        API
	Tunnel     Tunnel
	RedisStore RedisStore
	JobQueue   JobQueue
	RedisPool  RedisPool
}

func GetConfig

func GetConfig() (Config, error)

type JobQueue

type JobQueue struct {
	Namespace         string `env:"SCANNER_JOB_QUEUE_REDIS_NAMESPACE" envDefault:"harbor.scanner.tunnel:job-queue"`
	WorkerConcurrency int    `env:"SCANNER_JOB_QUEUE_WORKER_CONCURRENCY" envDefault:"1"`
}

type RedisPool

type RedisPool struct {
	URL               string        `env:"SCANNER_REDIS_URL" envDefault:"redis://localhost:6379"`
	MaxActive         int           `env:"SCANNER_REDIS_POOL_MAX_ACTIVE" envDefault:"5"`
	MaxIdle           int           `env:"SCANNER_REDIS_POOL_MAX_IDLE" envDefault:"5"`
	IdleTimeout       time.Duration `env:"SCANNER_REDIS_POOL_IDLE_TIMEOUT" envDefault:"5m"`
	ConnectionTimeout time.Duration `env:"SCANNER_REDIS_POOL_CONNECTION_TIMEOUT" envDefault:"1s"`
	ReadTimeout       time.Duration `env:"SCANNER_REDIS_POOL_READ_TIMEOUT" envDefault:"1s"`
	WriteTimeout      time.Duration `env:"SCANNER_REDIS_POOL_WRITE_TIMEOUT" envDefault:"1s"`
}

type RedisStore

type RedisStore struct {
	Namespace  string        `env:"SCANNER_STORE_REDIS_NAMESPACE" envDefault:"harbor.scanner.tunnel:data-store"`
	ScanJobTTL time.Duration `env:"SCANNER_STORE_REDIS_SCAN_JOB_TTL" envDefault:"1h"`
}

type Tunnel

type Tunnel struct {
	CacheDir         string        `env:"SCANNER_TUNNEL_CACHE_DIR" envDefault:"/home/scanner/.cache/tunnel"`
	ReportsDir       string        `env:"SCANNER_TUNNEL_REPORTS_DIR" envDefault:"/home/scanner/.cache/reports"`
	DebugMode        bool          `env:"SCANNER_TUNNEL_DEBUG_MODE" envDefault:"false"`
	VulnType         string        `env:"SCANNER_TUNNEL_VULN_TYPE" envDefault:"os,library"`
	SecurityChecks   string        `env:"SCANNER_TUNNEL_SECURITY_CHECKS" envDefault:"vuln"`
	Severity         string        `env:"SCANNER_TUNNEL_SEVERITY" envDefault:"UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL"`
	IgnoreUnfixed    bool          `env:"SCANNER_TUNNEL_IGNORE_UNFIXED" envDefault:"false"`
	IgnorePolicy     string        `env:"SCANNER_TUNNEL_IGNORE_POLICY"`
	SkipUpdate       bool          `env:"SCANNER_TUNNEL_SKIP_UPDATE" envDefault:"false"`
	SkipJavaDBUpdate bool          `env:"SCANNER_TUNNEL_SKIP_JAVA_DB_UPDATE" envDefault:"false"`
	OfflineScan      bool          `env:"SCANNER_TUNNEL_OFFLINE_SCAN" envDefault:"false"`
	GitHubToken      string        `env:"SCANNER_TUNNEL_GITHUB_TOKEN"`
	Insecure         bool          `env:"SCANNER_TUNNEL_INSECURE" envDefault:"false"`
	Timeout          time.Duration `env:"SCANNER_TUNNEL_TIMEOUT" envDefault:"5m0s"`
}