clair: github.com/coreos/clair Index | Files | Directories

package clair

import "github.com/coreos/clair"

Index

Package Files

analyzer.go ancestry.go blob.go notifier.go updater.go

Variables

var (
    // StorageError represents an analyze error caused by the storage
    StorageError = AnalyzeError("failed to query the database.")
    // RetrieveBlobError represents an analyze error caused by failure of
    // downloading or extracting layer blobs.
    RetrieveBlobError = AnalyzeError("failed to download layer blob.")
    // ExtractBlobError represents an analyzer error caused by failure of
    // extracting a layer blob by imagefmt.
    ExtractBlobError = AnalyzeError("failed to extract files from layer blob.")
    // FeatureDetectorError is an error caused by failure of feature listing by
    // featurefmt.
    FeatureDetectorError = AnalyzeError("failed to scan feature from layer blob files.")
    // NamespaceDetectorError is an error caused by failure of namespace
    // detection by featurens.
    NamespaceDetectorError = AnalyzeError("failed to scan namespace from layer blob files.")
)
var (

    // EnabledUpdaters contains all updaters to be used for update.
    EnabledUpdaters []string
)

func AnalyzeLayer Uses

func AnalyzeLayer(ctx context.Context, store database.Datastore, blobSha256 string, blobFormat string, downloadURI string, downloadHeaders map[string]string) (*database.Layer, error)

AnalyzeLayer retrieves the clair layer with all extracted features and namespaces. If a layer is already scanned by all enabled detectors in the Clair instance, it returns directly. Otherwise, it re-download the layer blob and scan the features and namespaced again.

func EnabledDetectors Uses

func EnabledDetectors() []database.Detector

EnabledDetectors retrieves a list of all detectors installed in the Clair instance.

func GetLastUpdateTime Uses

func GetLastUpdateTime(datastore database.Datastore) (time.Time, bool, error)

GetLastUpdateTime retrieves the latest successful time of update and whether or not it's the first update.

func IsAncestryCached Uses

func IsAncestryCached(store database.Datastore, name string, layerHashes []string) (bool, error)

IsAncestryCached checks if the ancestry is already cached in the database with the current set of detectors.

func RegisterConfiguredDetectors Uses

func RegisterConfiguredDetectors(store database.Datastore)

RegisterConfiguredDetectors populates the database with registered detectors.

func RunNotifier Uses

func RunNotifier(config *notification.Config, datastore database.Datastore, stopper *stopper.Stopper)

RunNotifier begins a process that checks for new notifications that should be sent out to third parties.

func RunUpdater Uses

func RunUpdater(config *UpdaterConfig, datastore database.Datastore, st *stopper.Stopper)

RunUpdater begins a process that updates the vulnerability database at regular intervals.

func SaveAncestry Uses

func SaveAncestry(store database.Datastore, ancestry *database.Ancestry) error

SaveAncestry saves an ancestry to the datastore.

type AnalyzeError Uses

type AnalyzeError string

AnalyzeError represents an failure when analyzing layer or constructing ancestry.

func (AnalyzeError) Error Uses

func (e AnalyzeError) Error() string

type AncestryBuilder Uses

type AncestryBuilder struct {
    // contains filtered or unexported fields
}

AncestryBuilder builds an Ancestry, which contains an ordered list of layers and their features.

func NewAncestryBuilder Uses

func NewAncestryBuilder(detectors []database.Detector) *AncestryBuilder

NewAncestryBuilder creates a new ancestry builder.

ancestry builder takes in the extracted layer information and produce a set of namespaces, features, and the relation between features for the whole image.

func (*AncestryBuilder) AddLeafLayer Uses

func (b *AncestryBuilder) AddLeafLayer(layer *database.Layer)

AddLeafLayer adds a leaf layer to the ancestry builder, and computes the namespaced features.

func (*AncestryBuilder) Ancestry Uses

func (b *AncestryBuilder) Ancestry(name string) *database.Ancestry

Ancestry produces an Ancestry from the builder.

type UpdaterConfig Uses

type UpdaterConfig struct {
    EnabledUpdaters []string
    Interval        time.Duration
}

UpdaterConfig is the configuration for the Updater service.

Directories

PathSynopsis
api
api/v3
api/v3/clairpbPackage clairpb is a generated protocol buffer package.
databasePackage database defines the Clair's models and a common interface for database implementations.
database/pgsqlPackage pgsql implements database.Datastore with PostgreSQL.
database/pgsql/ancestry
database/pgsql/detector
database/pgsql/feature
database/pgsql/keyvalue
database/pgsql/layer
database/pgsql/lock
database/pgsql/migrationsPackage migrations regroups every migrations available to the pgsql database backend.
database/pgsql/monitoring
database/pgsql/namespace
database/pgsql/notification
database/pgsql/page
database/pgsql/testutil
database/pgsql/util
database/pgsql/vulnerability
ext/featurefmtPackage featurefmt exposes functions to dynamically register methods for determining the features present in an image layer.
ext/featurefmt/apkPackage apk implements a featurefmt.Lister for APK packages.
ext/featurefmt/dpkgPackage dpkg implements a featurefmt.Lister for dpkg packages.
ext/featurefmt/rpmPackage rpm implements a featurefmt.Lister for rpm packages.
ext/featurensPackage featurens exposes functions to dynamically register methods for determining a namespace for features present in an image layer.
ext/featurens/alpinereleasePackage alpinerelease implements a featurens.Detector for Alpine Linux based container image layers.
ext/featurens/aptsourcesPackage aptsources implements a featurens.Detector for apt based container image layers.
ext/featurens/lsbreleasePackage lsbrelease implements a featurens.Detector for container image layers containing an lsb-release file.
ext/featurens/osreleasePackage osrelease implements a featurens.Detector for container image layers containing an os-release file.
ext/featurens/redhatreleasePackage redhatrelease implements a featurens.Detector for container image layers containing an redhat-release-like files.
ext/imagefmtPackage imagefmt exposes functions to dynamically register methods to detect different types of container image formats.
ext/imagefmt/aciPackage aci implements an imagefmt.Extractor for appc formatted container image layers.
ext/imagefmt/dockerPackage docker implements an imagefmt.Extractor for docker formatted container image layers.
ext/notificationPackage notification exposes functions to dynamically register methods to deliver notifications from the Clair database.
ext/notification/webhookPackage webhook implements a notification sender for HTTP JSON webhooks.
ext/versionfmtPackage versionfmt exposes functions to dynamically register formats used to parse Feature Versions.
ext/versionfmt/dpkgPackage dpkg implements a versionfmt.Parser for version numbers used in dpkg based software packages.
ext/versionfmt/rpmPackage rpm implements a versionfmt.Parser for version numbers used in rpm based software packages.
ext/vulnmdsrcPackage vulnmdsrc exposes functions to dynamically register vulnerability metadata sources used to update a Clair database.
ext/vulnmdsrc/nvdPackage nvd implements a vulnerability metadata appender using the NIST NVD database.
ext/vulnsrcPackage vulnsrc exposes functions to dynamically register vulnerability sources used to update a Clair database.
ext/vulnsrc/alpinePackage alpine implements a vulnerability source updater using the alpine-secdb git repository.
ext/vulnsrc/amznPackage amzn implements a vulnerability source updater using ALAS (Amazon Linux Security Advisories).
ext/vulnsrc/debianPackage debian implements a vulnerability source updater using the Debian Security Tracker.
ext/vulnsrc/oraclePackage oracle implements a vulnerability source updater using the Oracle Linux OVAL Database.
ext/vulnsrc/rhelPackage rhel implements a vulnerability source updater using the Red Hat Linux OVAL Database.
ext/vulnsrc/susePackage suse implements a vulnerability source updater using the SUSE Linux and openSUSE OVAL Database.
ext/vulnsrc/ubuntuPackage ubuntu implements a vulnerability source updater using the Ubuntu CVE Tracker.
pkg/commonerrPackage commonerr defines reusable error types common throughout the Clair codebase.
pkg/formatter
pkg/fsutilPackage fsutil contains utility functions for file system querying.
pkg/gitutilPackage gitutil implements an easy way to update a git repository to a local temporary directory.
pkg/grpcutilPackage grpcutil implements various utilities around managing gRPC services.
pkg/httputilPackage httputil implements common HTTP functionality used throughout the Clair codebase.
pkg/paginationPackage pagination implements a series of utilities for dealing with paginating lists of objects for an API.
pkg/stopper
pkg/strutil
pkg/tarutilPackage tarutil implements some tar utility functions.
pkg/timeutilPackage timeutil implements extra utilities dealing with time not found in the standard library.
pkg/version

Package clair imports 28 packages (graph) and is imported by 13 packages. Updated 2019-09-11. Refresh now. Tools for package owners.