Documentation ¶
Overview ¶
Package image provides models used in the scan commend
Index ¶
- Constants
- func MakeVulnerabilityURL(id string) string
- type Advisories
- type BdComponent
- type BdTool
- type BomDescriptor
- type Component
- type CvssItem
- type Document
- type Identifier
- type License
- type Metadata
- type PolicyViolation
- type Rating
- type SBOM
- type ScannedImage
- type Score
- type Source
- type ValidatedImage
- type ValidatedImageOption
- type Violation
- type Violations
- type Vulnerability
- type VulnerabilityCyclon
Constants ¶
const ( // SeverityCritical is a supported severity. SeverityCritical = "CRITICAL" // SeverityHigh is a supported severity. SeverityHigh = "HIGH" // SeverityMedium is a supported severity. SeverityMedium = "MEDIUM" // SeverityLow is a supported severity. SeverityLow = "LOW" // SeverityUnknown is a supported severity. SeverityUnknown = "UNKNOWN" )
Variables ¶
This section is empty.
Functions ¶
func MakeVulnerabilityURL ¶ added in v1.6.3
MakeVulnerabilityURL create vulnerability url.
Types ¶
type Advisories ¶ added in v1.6.3
type Advisories struct {
Advisory []string `xml:"v:advisory"`
}
Advisories holds all the links for a vulnerability.
type BdComponent ¶ added in v1.6.3
BdComponent represents the software/package being cataloged.
type BdTool ¶ added in v1.6.3
type BdTool struct { XMLName xml.Name `xml:"tool"` Vendor string `xml:"vendor,omitempty"` // The vendor of the tool used to create the BOM. Name string `xml:"name,omitempty"` // The name of the tool used to create the BOM. Version string `xml:"version"` // The version of the tool used to create the BOM. }
BdTool represents the tool that created the BOM report.
type BomDescriptor ¶ added in v1.6.3
type BomDescriptor struct { XMLName xml.Name `xml:"metadata"` Timestamp string `xml:"timestamp,omitempty"` // The date and time (timestamp) when the document was created Tools []BdTool `xml:"tools>tool"` // The tool used to create the BOM. Component *BdComponent `xml:"component"` // The Component that the BOM describes. }
BomDescriptor represents all metadata surrounding the BOM report (such as when the BOM was made, with which tool, and the item being cataloged).
func NewBomDescriptor ¶ added in v1.6.3
func NewBomDescriptor(name, version string, userInput string, digest string) *BomDescriptor
NewBomDescriptor returns a new BomDescriptor tailored for the current time and "syft" tool details.
type Component ¶ added in v1.6.3
type Component struct { XMLName xml.Name `xml:"component"` // Required; Describes if the Component is a library, framework, application, container, operating system, firmware, // hardware device, or file Type string `xml:"type,attr"` // The organization that supplied the Component. // The supplier may often be the manufacture, but may also be a distributor or repackager. Supplier string `xml:"supplier,omitempty"` // The person(s) or organization(s) that authored the Component Author string `xml:"author,omitempty"` // The person(s) or organization(s) that published the Component Publisher string `xml:"publisher,omitempty"` // The high-level classification that a project self-describes as. This will often be a shortened, // single name of the company or project that produced the Component, or the source package or domain name. Group string `xml:"group,omitempty"` // Required; The name of the Component as defined by the project Name string `xml:"name"` // Required; The version of the Component as defined by the project Version string `xml:"version"` // A description of the Component Description string `xml:"description,omitempty"` // A node describing zero or more License names, SPDX License IDs or expressions Licenses *[]License `xml:"licenses>License"` // Specifies the package-url (PackageURL). The purl, // if specified, must be valid and conform to the specification defined at: https://github.com/package-url/purl-spec PackageURL string `xml:"purl,omitempty"` Vulnerabilities *[]VulnerabilityCyclon `xml:"v:vulnerabilities>v:vulnerability,omitempty"` }
Component represents a single element in the CycloneDX BOM.
type Document ¶ added in v1.6.3
type Document struct { XMLName xml.Name `xml:"bom"` XMLNs string `xml:"xmlns,attr"` XMLNsV string `xml:"xmlns:v,attr"` Version int `xml:"version,attr"` SerialNumber string `xml:"serialNumber,attr"` BomDescriptor *BomDescriptor `xml:"metadata"` Components []Component `xml:"components>component"` }
Document represents a CycloneDX VulnerabilityCyclon Document.
type Identifier ¶
type Identifier struct { FullTag string `json:"full_tag"` Registry string `json:"registry"` Repo string `json:"repo"` Tag string `json:"tag"` ManifestDigest string `json:"manifest_digest"` RepoDigests []string `json:"repo_digests"` }
Identifier is the identifier for an image.
func (*Identifier) Footer ¶
func (i *Identifier) Footer() string
Footer for Identifier will provide the overview link.
type License ¶ added in v1.6.3
type License struct { XMLName xml.Name `xml:"license"` // A valid SPDX License ID ID string `xml:"id,omitempty"` // If SPDX does not define the License used, this field may be used to provide the License name. Name string `xml:"name,omitempty"` }
License represents a single software License for a Component.
type Metadata ¶
type Metadata struct { Distro string `json:"distro"` DistroVersion string `json:"distro_version"` ImageSize uint `json:"image_size"` LayerCount uint `json:"layer_count"` }
Metadata is the metadata of the image.
type PolicyViolation ¶
type PolicyViolation struct { Policy string `json:"policy"` Rule string `json:"rule"` Risk string `json:"risk"` Violation Violations `json:"violation"` }
PolicyViolation represent a violation of a policy.
func (PolicyViolation) GetPolicyName ¶
func (p PolicyViolation) GetPolicyName() string
GetPolicyName implements the GetPolicyName method needed for presenting policy table by the presenter.
func (PolicyViolation) GetRisk ¶
func (p PolicyViolation) GetRisk() string
GetRisk implements the GetRisk method needed for presenting policy table by the presenter.
func (PolicyViolation) GetRuleName ¶
func (p PolicyViolation) GetRuleName() string
GetRuleName implements the GetRuleName method needed for presenting policy table by the presenter.
func (PolicyViolation) GetViolation ¶
func (p PolicyViolation) GetViolation() string
GetViolation implements the GetViolation method needed for presenting policy table by the presenter.
type Rating ¶ added in v1.6.3
type Rating struct { Score *Score `xml:"v:score,omitempty"` Severity string `xml:"v:severity,omitempty"` Method string `xml:"v:method,omitempty"` Vector string `xml:"v:vector,omitempty"` }
Rating has information about the intensity of a vulnerability.
type SBOM ¶ added in v1.6.3
type SBOM struct { // FullTag is the full tag of the bom FullTag string // ManifestDigest is the sha256 of this image manifest json ManifestDigest string // Packages enumerates the packages in the bill of materials Packages bom.JSONDocument }
SBOM response model from image scanning service.
type ScannedImage ¶
type ScannedImage struct { Identifier `json:",inline"` ImageMetadata Metadata `json:"image_metadata"` Account string `json:"account"` ScanStatus string `json:"scan_status"` Vulnerabilities []Vulnerability `json:"vulnerabilities"` PolicyViolations []PolicyViolation `json:"policy_violations,omitempty"` Packages bom.JSONDocument `json:"packages"` }
ScannedImage response model from image scanning service.
func (*ScannedImage) CycloneDXDoc ¶ added in v1.6.3
func (s *ScannedImage) CycloneDXDoc() ([]byte, error)
CycloneDXDoc returns all the vulnerabilities of the ScannedImage result as list of rows.
func (*ScannedImage) Header ¶
func (s *ScannedImage) Header() []string
Header is the header columns of the ScannedImage result.
func (*ScannedImage) Rows ¶
func (s *ScannedImage) Rows() [][]string
Rows returns all the vulnerabilities of the ScannedImage result as list of rows.
func (*ScannedImage) Title ¶
func (s *ScannedImage) Title() string
Title is the title of the ScannedImage result.
type Score ¶ added in v1.6.3
type Score struct { Base float64 `xml:"v:base"` Impact float64 `xml:"v:impact"` Exploitability float64 `xml:"v:exploitability"` }
Score provides the different ways to measure how serious a vulnerability is.
type Source ¶ added in v1.6.3
Source is the origin of the vulnerability, like GitHub Advisories or NVD, along with a URL constructed with the vulnerability ID.
type ValidatedImage ¶
type ValidatedImage struct { Identifier `json:",inline"` PolicyViolations []PolicyViolation `json:"policy_violations"` }
ValidatedImage response model from guardrails validator service.
func NewValidatedImage ¶
func NewValidatedImage(identifier Identifier, violations []PolicyViolation, opts ValidatedImageOption) *ValidatedImage
NewValidatedImage will initialize a validated image.
func (*ValidatedImage) Header ¶
func (v *ValidatedImage) Header() []string
Header is the header columns of the ValidatedImage result.
func (*ValidatedImage) Rows ¶
func (v *ValidatedImage) Rows() [][]string
Rows returns all the violations of the ValidatedImage result as list of rows.
func (*ValidatedImage) Title ¶
func (v *ValidatedImage) Title() string
Title is the title of the ValidatedImage result.
type ValidatedImageOption ¶
ValidatedImageOption is the option for showing validated image result.
type Violation ¶
type Violation struct { Image string `json:"image"` Vulnerabilities []Vulnerability `json:"vulnerabilities"` }
Violation stores violation made by an image.
type Violations ¶
type Violations struct {
ViolatedImages []Violation `json:"scanned"`
}
Violations represents scanning violations made by images.
type Vulnerability ¶
type Vulnerability struct { ID string `json:"id" ,xml:"id"` Package string `json:"package" ,xml:"package"` Name string `json:"package_name" ,xml:"package_name"` Version string `json:"package_version" ,xml:"package_version"` Type string `json:"package_type" ,xml:"package_type"` Severity string `json:"severity" ,xml:"severity"` Link string `json:"link,omitempty" ,xml:"link,omitempty"` Description string `json:"description,omitempty" ,xml:"description,omitempty"` FixAvailable string `json:"fix_available" ,xml:"fix_available"` Cvss CvssItem `json:"cvss" ,xml:"cvss"` }
Vulnerability denotes the vulnerability items.
func (Vulnerability) GetCvssV2 ¶
func (v Vulnerability) GetCvssV2() string
GetCvssV2 return the Cvss.V2 of the vulnerability.
func (Vulnerability) GetCvssV3 ¶
func (v Vulnerability) GetCvssV3() string
GetCvssV3 return the Cvss.V3 of the vulnerability.
func (Vulnerability) GetFixAvailable ¶
func (v Vulnerability) GetFixAvailable() string
GetFixAvailable return the FixAvailable of the vulnerability.
func (Vulnerability) GetID ¶
func (v Vulnerability) GetID() string
GetID return the ID of the vulnerability.
func (Vulnerability) GetPackage ¶
func (v Vulnerability) GetPackage() string
GetPackage return the Package of the vulnerability.
func (Vulnerability) GetSeverity ¶
func (v Vulnerability) GetSeverity() string
GetSeverity return the Severity of the vulnerability.
func (Vulnerability) GetType ¶
func (v Vulnerability) GetType() string
GetType return the Type of the vulnerability.
type VulnerabilityCyclon ¶ added in v1.6.3
type VulnerabilityCyclon struct { Ref string `xml:"ref,attr"` ID string `xml:"v:id"` Source Source `xml:"v:source"` Ratings []Rating `xml:"v:ratings>v:rating"` Description string `xml:"v:description,omitempty"` Advisories *Advisories `xml:"v:advisories,omitempty"` }
VulnerabilityCyclon is the actual description of a vulnerable artifact.