The highest tagged major version is v3.

containerscan

package

v2.9.2 Latest Latest Go to latest Published: Oct 18, 2023 License: Apache-2.0 Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/kubescape/kubescape

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func CalculateFixed(Fixes []FixedIn) int
func GenerateContainerScanLayer(layer *ScanResultLayer)
func GenerateVulnerability(v *Vulnerability) error
type ESLayer
type ElasticContainerScanSeveritySummary
type ElasticContainerScanSummaryResult
- func (summary *ElasticContainerScanSummaryResult) Validate() bool
type ElasticContainerVulnerabilityResult
type FixedIn
- func (file *FixedIn) NKeys() int
- func (fx *FixedIn) UnmarshalJSONObject(dec *gojay.Decoder, key string) (err error)
type LayersList
- func (t *LayersList) UnmarshalJSONArray(dec *gojay.Decoder) error
type LinuxPackage
- func (file *LinuxPackage) NKeys() int
- func (pkgnx *LinuxPackage) UnmarshalJSONObject(dec *gojay.Decoder, key string) (err error)
type LinuxPkgs
- func (pkgs *LinuxPkgs) UnmarshalJSONArray(dec *gojay.Decoder) error
type PackageFile
- func (file *PackageFile) NKeys() int
- func (file *PackageFile) UnmarshalJSONObject(dec *gojay.Decoder, key string) (err error)
type PkgFiles
- func (files *PkgFiles) UnmarshalJSONArray(dec *gojay.Decoder) error
type ScanResultLayer
- func (layer *ScanResultLayer) GetFilesByPackage(pkgname string) (files *PkgFiles)
- func (layer *ScanResultLayer) GetPackagesNames() []string
- func (scan *ScanResultLayer) NKeys() int
- func (scan *ScanResultLayer) UnmarshalJSONObject(dec *gojay.Decoder, key string) (err error)
type ScanResultReport
- func GenerateContainerScanReportMock() ScanResultReport
- func GenerateContainerScanReportNoVulMock() ScanResultReport
- func (v *ScanResultReport) AsFNVHash() string
- func (scanresult *ScanResultReport) GetDesignatorsNContext() (*identifiers.PortalDesignator, []identifiers.ArmoContext)
- func (scan *ScanResultReport) NKeys() int
- func (scanresult *ScanResultReport) Summarize() *ElasticContainerScanSummaryResult
- func (scanresult *ScanResultReport) ToFlatVulnerabilities() []*ElasticContainerVulnerabilityResult
- func (scan *ScanResultReport) UnmarshalJSONObject(dec *gojay.Decoder, key string) (err error)
- func (scanresult *ScanResultReport) Validate() bool
type SeverityStats
type VulFixes
- func (t *VulFixes) UnmarshalJSONArray(dec *gojay.Decoder) error
type VulnerabilitiesList
- func (t *VulnerabilitiesList) UnmarshalJSONArray(dec *gojay.Decoder) error
type Vulnerability
- func (v *Vulnerability) IsRCE() bool
- func (v *Vulnerability) NKeys() int
- func (v *Vulnerability) UnmarshalJSONObject(dec *gojay.Decoder, key string) (err error)
type VulnerabilityCategory

Constants ¶

View Source

const (
	//defines Relevancy as enum-like
	Unknown   = "Unknown"
	Relevant  = "Relevant"
	Irelevant = "Irelevant"
	NoSP      = "No signature profile to compare"

	//Clair Severities
	UnknownSeverity    = "Unknown"
	NegligibleSeverity = "Negligible"
	LowSeverity        = "Low"
	MediumSeverity     = "Medium"
	HighSeverity       = "High"
	CriticalSeverity   = "Critical"

	ContainerScanRedisPrefix = "_containerscan"
)

Variables ¶

View Source

var KnownSeverities = map[string]bool{
	UnknownSeverity:    true,
	NegligibleSeverity: true,
	LowSeverity:        true,
	MediumSeverity:     true,
	HighSeverity:       true,
	CriticalSeverity:   true,
}

Functions ¶

func CalculateFixed ¶

func CalculateFixed(Fixes []FixedIn) int

func GenerateContainerScanLayer ¶

func GenerateContainerScanLayer(layer *ScanResultLayer)

GenerateContainerScanLayer - generate a layer with random vuls

func GenerateVulnerability ¶

func GenerateVulnerability(v *Vulnerability) error

GenerateVulnerability - generate a vul (just diff "cve"'s)

Types ¶

type ESLayer ¶

type ESLayer struct {
	LayerHash       string `json:"layerHash"`
	ParentLayerHash string `json:"parentLayerHash"`
}

type ElasticContainerScanSeveritySummary ¶

type ElasticContainerScanSeveritySummary struct {
	Designators identifiers.PortalDesignator `json:"designators"`
	Context     []identifiers.ArmoContext    `json:"context"`

	SeverityStats
	CustomerGUID    string `json:"customerGUID"`
	ContainerScanID string `json:"containersScanID"`
	Timestamp       int64  `json:"timestamp"`
	WLID            string `json:"wlid"`
	ImgTag          string `json:"imageTag"`
	ImgHash         string `json:"imageHash"`
	Cluster         string `json:"cluster"`
	Namespace       string `json:"namespace"`
	ContainerName   string `json:"containerName"`
	Status          string `json:"status"`
	Registry        string `json:"registry"`
	VersionImage    string `json:"versionImage"`
	Version         string `json:"version"`
	DayDate         string `json:"dayDate"`
}

type ElasticContainerScanSummaryResult ¶

type ElasticContainerScanSummaryResult struct {
	SeverityStats
	Designators identifiers.PortalDesignator `json:"designators"`
	Context     []identifiers.ArmoContext    `json:"context"`

	CustomerGUID    string `json:"customerGUID"`
	ContainerScanID string `json:"containersScanID"`

	Timestamp     int64    `json:"timestamp"`
	WLID          string   `json:"wlid"`
	ImgTag        string   `json:"imageTag"`
	ImgHash       string   `json:"imageHash"`
	Cluster       string   `json:"cluster"`
	Namespace     string   `json:"namespace"`
	ContainerName string   `json:"containerName"`
	PackagesName  []string `json:"packages"`

	ListOfDangerousArtifcats []string `json:"listOfDangerousArtifcats"`

	Status string `json:"status"`

	Registry     string `json:"registry"`
	VersionImage string `json:"versionImage"`

	SeveritiesStats []SeverityStats `json:"severitiesStats"`

	Version string `json:"version"`
}

func (*ElasticContainerScanSummaryResult) Validate ¶

func (summary *ElasticContainerScanSummaryResult) Validate() bool

type ElasticContainerVulnerabilityResult ¶

type ElasticContainerVulnerabilityResult struct {
	Designators identifiers.PortalDesignator `json:"designators"`
	Context     []identifiers.ArmoContext    `json:"context"`

	WLID              string    `json:"wlid"`
	ContainerScanID   string    `json:"containersScanID"`
	Layers            []ESLayer `json:"layers"`
	Timestamp         int64     `json:"timestamp"`
	IsFixed           int       `json:"isFixed"`
	IntroducedInLayer string    `json:"layerHash"`
	RelevantLinks     []string  `json:"links"` // Bad SE practice

	Vulnerability `json:",inline"`
}

type FixedIn ¶

type FixedIn struct {
	Name    string `json:"name"`
	ImgTag  string `json:"imageTag"`
	Version string `json:"version"`
}

FixedIn when and which pkg was fixed (which version as well)

func (*FixedIn) NKeys ¶

func (file *FixedIn) NKeys() int

func (*FixedIn) UnmarshalJSONObject ¶

func (fx *FixedIn) UnmarshalJSONObject(dec *gojay.Decoder, key string) (err error)

--------Vul fixed in----------------------------------

type LayersList ¶

type LayersList []ScanResultLayer

VulnerabilitiesList -s.e

func (*LayersList) UnmarshalJSONArray ¶

func (t *LayersList) UnmarshalJSONArray(dec *gojay.Decoder) error

type LinuxPackage ¶

type LinuxPackage struct {
	PackageName    string   `json:"packageName"`
	Files          PkgFiles `json:"files"`
	PackageVersion string   `json:"version"`
}

LinuxPackage- Linux package representation

func (*LinuxPackage) NKeys ¶

func (file *LinuxPackage) NKeys() int

func (*LinuxPackage) UnmarshalJSONObject ¶

func (pkgnx *LinuxPackage) UnmarshalJSONObject(dec *gojay.Decoder, key string) (err error)

UnmarshalJSONObject--- Package

type LinuxPkgs ¶

type LinuxPkgs []LinuxPackage

LinuxPkgs - slice of linux pkgs

func (*LinuxPkgs) UnmarshalJSONArray ¶

func (pkgs *LinuxPkgs) UnmarshalJSONArray(dec *gojay.Decoder) error

type PackageFile ¶

type PackageFile struct {
	Filename string `json:"name"`
}

PackageFile - s.e

func (*PackageFile) NKeys ¶

func (file *PackageFile) NKeys() int

func (*PackageFile) UnmarshalJSONObject ¶

func (file *PackageFile) UnmarshalJSONObject(dec *gojay.Decoder, key string) (err error)

UnmarshalJSONObject - File inside a pkg

type PkgFiles ¶

type PkgFiles []PackageFile

PkgFiles - slice of files belong to specific pkg

func (*PkgFiles) UnmarshalJSONArray ¶

func (files *PkgFiles) UnmarshalJSONArray(dec *gojay.Decoder) error

type ScanResultLayer ¶

type ScanResultLayer struct {
	LayerHash       string              `json:"layerHash"`
	ParentLayerHash string              `json:"parentLayerHash"`
	Vulnerabilities VulnerabilitiesList `json:"vulnerabilities"`
	Packages        LinuxPkgs           `json:"packageToFile"`
}

ScanResultLayer - represents a single layer from container scan result

func (*ScanResultLayer) GetFilesByPackage ¶

func (layer *ScanResultLayer) GetFilesByPackage(pkgname string) (files *PkgFiles)

func (*ScanResultLayer) GetPackagesNames ¶

func (layer *ScanResultLayer) GetPackagesNames() []string

func (*ScanResultLayer) NKeys ¶

func (scan *ScanResultLayer) NKeys() int

func (*ScanResultLayer) UnmarshalJSONObject ¶

func (scan *ScanResultLayer) UnmarshalJSONObject(dec *gojay.Decoder, key string) (err error)

type ScanResultReport ¶

type ScanResultReport struct {
	CustomerGUID             string     `json:"customerGUID"`
	ImgTag                   string     `json:"imageTag"`
	ImgHash                  string     `json:"imageHash"`
	WLID                     string     `json:"wlid"`
	ContainerName            string     `json:"containerName"`
	Timestamp                int64      `json:"timestamp"`
	Layers                   LayersList `json:"layers"`
	ListOfDangerousArtifcats []string   `json:"listOfDangerousArtifcats"`
}

ScanResultReport - the report given from scanner to event receiver

func GenerateContainerScanReportMock ¶

func GenerateContainerScanReportMock() ScanResultReport

GenerateContainerScanReportMock - generate a scan result

func GenerateContainerScanReportNoVulMock ¶

func GenerateContainerScanReportNoVulMock() ScanResultReport

GenerateContainerScanReportMock - generate a scan result

func (*ScanResultReport) AsFNVHash ¶

func (v *ScanResultReport) AsFNVHash() string

func (*ScanResultReport) GetDesignatorsNContext ¶

func (scanresult *ScanResultReport) GetDesignatorsNContext() (*identifiers.PortalDesignator, []identifiers.ArmoContext)

func (*ScanResultReport) NKeys ¶

func (scan *ScanResultReport) NKeys() int

func (*ScanResultReport) Summarize ¶

func (scanresult *ScanResultReport) Summarize() *ElasticContainerScanSummaryResult

func (*ScanResultReport) ToFlatVulnerabilities ¶

func (scanresult *ScanResultReport) ToFlatVulnerabilities() []*ElasticContainerVulnerabilityResult

ToFlatVulnerabilities - returnsgit p

func (*ScanResultReport) UnmarshalJSONObject ¶

func (scan *ScanResultReport) UnmarshalJSONObject(dec *gojay.Decoder, key string) (err error)

func (*ScanResultReport) Validate ¶

func (scanresult *ScanResultReport) Validate() bool

type SeverityStats ¶

type SeverityStats struct {
	Severity                     string `json:"severity,omitempty"`
	TotalCount                   int64  `json:"total"`
	FixAvailableOfTotalCount     int64  `json:"fixedTotal"`
	RelevantCount                int64  `json:"totalRelevant"`
	FixAvailableForRelevantCount int64  `json:"fixedRelevant"`
	RCECount                     int64  `json:"rceTotal"`
	UrgentCount                  int64  `json:"urgent"`
	NeglectedCount               int64  `json:"neglected"`
	HealthStatus                 string `json:"healthStatus"`
}

type VulFixes ¶

type VulFixes []FixedIn

VulFixes - information bout when/how this vul was fixed

func (*VulFixes) UnmarshalJSONArray ¶

func (t *VulFixes) UnmarshalJSONArray(dec *gojay.Decoder) error

type VulnerabilitiesList ¶

type VulnerabilitiesList []Vulnerability

VulnerabilitiesList -s.e

func (*VulnerabilitiesList) UnmarshalJSONArray ¶

func (t *VulnerabilitiesList) UnmarshalJSONArray(dec *gojay.Decoder) error

type Vulnerability ¶

type Vulnerability struct {
	Name               string                `json:"name"`
	ImgHash            string                `json:"imageHash"`
	ImgTag             string                `json:"imageTag"`
	RelatedPackageName string                `json:"packageName"`
	PackageVersion     string                `json:"packageVersion"`
	Link               string                `json:"link"`
	Description        string                `json:"description"`
	Severity           string                `json:"severity"`
	Metadata           interface{}           `json:"metadata"`
	Fixes              VulFixes              `json:"fixedIn"`
	Relevancy          string                `json:"relevant"` // use the related enum
	UrgentCount        int                   `json:"urgent"`
	NeglectedCount     int                   `json:"neglected"`
	HealthStatus       string                `json:"healthStatus"`
	Categories         VulnerabilityCategory `json:"categories"`
}

Vulnerability - a vul object

func (*Vulnerability) IsRCE ¶

func (v *Vulnerability) IsRCE() bool

func (*Vulnerability) NKeys ¶

func (v *Vulnerability) NKeys() int

func (*Vulnerability) UnmarshalJSONObject ¶

func (v *Vulnerability) UnmarshalJSONObject(dec *gojay.Decoder, key string) (err error)

type VulnerabilityCategory ¶

type VulnerabilityCategory struct {
	IsRCE bool `json:"isRce"`
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL