Documentation ¶
Index ¶
Constants ¶
View Source
const (
// Plugin the name of this plugin.
Plugin = "Trivy"
)
View Source
const PolicyReportSource string = "Trivy"
Variables ¶
This section is empty.
Functions ¶
func GetScoreFromCVSS ¶
func NewPlugin ¶
func NewPlugin(clock ext.Clock, idGenerator ext.IDGenerator) vulnerabilityreport.Plugin
NewPlugin constructs a new vulnerabilityreport.Plugin, which is using an upstream Trivy container image to scan Kubernetes workloads.
This Plugin supports both Standalone and ClientServer modes depending on the settings returned by Config.GetMode.
The ClientServer mode is usually more performant, however it requires a Trivy server accessible at the configurable Config.GetServerURL.
Types ¶
type Config ¶
type Config struct {
imgvuln.PluginConfig
}
Config defines configuration params for the Trivy vulnerabilityreport.Plugin.
func (Config) GetImageRef ¶
func (Config) GetInsecureRegistries ¶
func (Config) GetServerURL ¶
func (Config) IgnoreFileExists ¶
type ScanReport ¶
type ScanReport struct { Target string `json:"Target"` Vulnerabilities []Vulnerability `json:"Vulnerabilities"` }
type Vulnerability ¶
type Vulnerability struct { VulnerabilityID string `json:"VulnerabilityID"` PkgName string `json:"PkgName"` InstalledVersion string `json:"InstalledVersion"` FixedVersion string `json:"FixedVersion"` Title string `json:"Title"` Description string `json:"Description"` Severity v1alpha1.Severity `json:"Severity"` Layer Layer `json:"Layer"` PrimaryURL string `json:"PrimaryURL"` References []string `json:"References"` Cvss map[string]*CVSS `json:"CVSS"` }
Click to show internal directories.
Click to hide internal directories.