Documentation
¶
Index ¶
- Constants
- func CleanDigestAlgorithmName(name string) string
- func Hashers(names ...string) ([]crypto.Hash, error)
- type BackendAdapter
- func (a *BackendAdapter) GetCVEExceptions(ctx context.Context) (domain.CVEExceptions, error)
- func (a *BackendAdapter) ReportError(ctx context.Context, err error) error
- func (a *BackendAdapter) SendStatus(ctx context.Context, step int) error
- func (a *BackendAdapter) SubmitCVE(ctx context.Context, cve domain.CVEManifest, cvep domain.CVEManifest) error
- type GrypeAdapter
- type SyftAdapter
Constants ¶
const ActionName = "vuln scan"
const ReporterName = "ca-vuln-scan"
Variables ¶
This section is empty.
Functions ¶
func CleanDigestAlgorithmName ¶ added in v0.3.0
Types ¶
type BackendAdapter ¶ added in v0.3.0
type BackendAdapter struct {
// contains filtered or unexported fields
}
func NewBackendAdapter ¶ added in v0.3.0
func NewBackendAdapter(accountID, apiServerRestURL, eventReceiverRestURL, accessKey string) *BackendAdapter
func (*BackendAdapter) GetCVEExceptions ¶ added in v0.3.0
func (a *BackendAdapter) GetCVEExceptions(ctx context.Context) (domain.CVEExceptions, error)
func (*BackendAdapter) ReportError ¶ added in v0.3.14
func (a *BackendAdapter) ReportError(ctx context.Context, err error) error
ReportError reports the given error to the platform
func (*BackendAdapter) SendStatus ¶ added in v0.3.0
func (a *BackendAdapter) SendStatus(ctx context.Context, step int) error
SendStatus sends the given status and details to the platform
func (*BackendAdapter) SubmitCVE ¶ added in v0.3.0
func (a *BackendAdapter) SubmitCVE(ctx context.Context, cve domain.CVEManifest, cvep domain.CVEManifest) error
SubmitCVE submits the given CVE to the platform
type GrypeAdapter ¶
type GrypeAdapter struct {
// contains filtered or unexported fields
}
GrypeAdapter implements CVEScanner from ports using Grype's API
func NewGrypeAdapter ¶
func NewGrypeAdapter(listingURL string) *GrypeAdapter
NewGrypeAdapter initializes the GrypeAdapter structure DB loading is done via readiness probes
func NewGrypeAdapterFixedDB ¶ added in v0.2.99
func NewGrypeAdapterFixedDB() *GrypeAdapter
func (*GrypeAdapter) DBVersion ¶
func (g *GrypeAdapter) DBVersion(context.Context) string
DBVersion returns the vulnerabilities DB checksum which is used to tag CVE manifests
func (*GrypeAdapter) Ready ¶
func (g *GrypeAdapter) Ready(ctx context.Context) bool
Ready returns the status of the vulnerabilities DB
func (*GrypeAdapter) ScanSBOM ¶
func (g *GrypeAdapter) ScanSBOM(ctx context.Context, sbom domain.SBOM) (domain.CVEManifest, error)
ScanSBOM generates a CVE manifest by scanning an SBOM
type SyftAdapter ¶
type SyftAdapter struct {
// contains filtered or unexported fields
}
SyftAdapter implements SBOMCreator from ports using Syft's API
func NewSyftAdapter ¶
func NewSyftAdapter(scanTimeout time.Duration, maxImageSize int64) *SyftAdapter
NewSyftAdapter initializes the SyftAdapter struct
func (*SyftAdapter) CreateSBOM ¶
func (s *SyftAdapter) CreateSBOM(ctx context.Context, name, imageID, imageTag string, options domain.RegistryOptions) (domain.SBOM, error)
CreateSBOM creates an SBOM for a given imageID, restrict parallelism to prevent disk space issues, a timeout prevents the process from hanging for too long. Format is syft JSON and the resulting SBOM is tagged with the Syft version.
func (*SyftAdapter) Version ¶
func (s *SyftAdapter) Version() string
Version returns Syft's version which is used to tag SBOMs
Source Files