Documentation
¶
Index ¶
- Constants
- Variables
- type Application
- type ArtifactDetail
- type ArtifactInfo
- type ArtifactReference
- type ArtifactType
- type BlobInfo
- type Config
- type DockerOption
- type Image
- type ImageMetadata
- type Layer
- type MisconfResult
- type MisconfResults
- type Misconfiguration
- type OS
- type Package
- type PackageInfo
- type PolicyInputOption
- type PolicyInputSelector
- type PolicyMetadata
- type SrcPackage
Constants ¶
View Source
const ( ArtifactJSONSchemaVersion = 1 BlobJSONSchemaVersion = 2 )
View Source
const ( // Programming language dependencies Bundler = "bundler" GemSpec = "gemspec" Cargo = "cargo" Composer = "composer" Npm = "npm" NuGet = "nuget" Pip = "pip" Pipenv = "pipenv" Poetry = "poetry" PythonPkg = "python-pkg" NodePkg = "node-pkg" Yarn = "yarn" Jar = "jar" GoBinary = "gobinary" GoMod = "gomod" JavaScript = "javascript" // Config files YAML = "yaml" JSON = "json" TOML = "toml" Dockerfile = "dockerfile" HCL = "hcl" Terraform = "terraform" Kubernetes = "kubernetes" CloudFormation = "cloudformation" Ansible = "ansible" )
Variables ¶
View Source
var ( InvalidURLPattern = xerrors.New("invalid url pattern") ErrNoRpmCmd = xerrors.New("no rpm command") )
Functions ¶
This section is empty.
Types ¶
type Application ¶
type ArtifactDetail ¶
type ArtifactDetail struct {
OS *OS `json:",omitempty"`
Packages []Package `json:",omitempty"`
Applications []Application `json:",omitempty"`
Misconfigurations []Misconfiguration `json:",omitempty"`
// HistoryPackages are packages extracted from RUN instructions
HistoryPackages []Package `json:",omitempty"`
}
ArtifactDetail is generated by applying blobs
type ArtifactInfo ¶
type ArtifactInfo struct {
SchemaVersion int
Architecture string
Created time.Time
DockerVersion string
OS string
// HistoryPackages are packages extracted from RUN instructions
HistoryPackages []Package `json:",omitempty"`
}
ArtifactInfo is stored in cache
type ArtifactReference ¶
type ArtifactReference struct {
Name string // image name, tar file name, directory or repository name
Type ArtifactType
ID string
BlobIDs []string
ImageMetadata ImageMetadata
}
ArtifactReference represents a reference of container image, local filesystem and repository
type ArtifactType ¶
type ArtifactType string
ArtifactType represents a type of artifact
const ( ArtifactContainerImage ArtifactType = "container_image" ArtifactFilesystem ArtifactType = "filesystem" ArtifactRemoteRepository ArtifactType = "repository" )
type BlobInfo ¶
type BlobInfo struct {
SchemaVersion int
Digest string `json:",omitempty"`
DiffID string `json:",omitempty"`
OS *OS `json:",omitempty"`
PackageInfos []PackageInfo `json:",omitempty"`
Applications []Application `json:",omitempty"`
Misconfigurations []Misconfiguration `json:",omitempty"`
OpaqueDirs []string `json:",omitempty"`
WhiteoutFiles []string `json:",omitempty"`
// SystemFiles represents installed files by OS package manager
// This field is used only in hooks and removed after that.
SystemFiles []string `json:",omitempty"`
}
BlobInfo is stored in cache
type DockerOption ¶
type DockerOption struct {
// Auth
UserName string
Password string
// RegistryToken is a bearer token to be sent to a registry
RegistryToken string
// ECR
AwsAccessKey string
AwsSecretKey string
AwsSessionToken string
AwsRegion string
// GCP
GcpCredPath string
InsecureSkipTLSVerify bool
NonSSL bool
SkipPing bool // this is ignored now
Timeout time.Duration
}
type ImageMetadata ¶
type MisconfResult ¶
type MisconfResult struct {
Namespace string `json:",omitempty"`
Query string `json:",omitempty"`
Message string `json:",omitempty"`
PolicyMetadata `json:",omitempty"`
// For debugging
Traces []string `json:",omitempty"`
}
type MisconfResults ¶
type MisconfResults []MisconfResult
func (MisconfResults) Len ¶
func (r MisconfResults) Len() int
func (MisconfResults) Less ¶
func (r MisconfResults) Less(i, j int) bool
func (MisconfResults) Swap ¶
func (r MisconfResults) Swap(i, j int)
type Misconfiguration ¶
type Misconfiguration struct {
FileType string `json:",omitempty"`
FilePath string `json:",omitempty"`
Successes MisconfResults `json:",omitempty"`
Warnings MisconfResults `json:",omitempty"`
Failures MisconfResults `json:",omitempty"`
Exceptions MisconfResults `json:",omitempty"`
Layer Layer `json:",omitempty"`
}
func ToMisconfigurations ¶
func ToMisconfigurations(misconfs map[string]Misconfiguration) []Misconfiguration
type Package ¶
type Package struct {
Name string `json:",omitempty"`
Version string `json:",omitempty"`
Release string `json:",omitempty"`
Epoch int `json:",omitempty"`
Arch string `json:",omitempty"`
SrcName string `json:",omitempty"`
SrcVersion string `json:",omitempty"`
SrcRelease string `json:",omitempty"`
SrcEpoch int `json:",omitempty"`
Modularitylabel string `json:",omitempty"` // only for Red Hat based distributions
License string `json:",omitempty"`
Layer Layer `json:",omitempty"`
Type string `json:",omitempty"`
// Each package metadata have the file path, while the package from lock files does not have.
FilePath string `json:",omitempty"`
}
type PackageInfo ¶
type PolicyInputOption ¶
type PolicyInputOption struct {
Combine bool `mapstructure:"combine"`
Selectors []PolicyInputSelector `mapstructure:"selector"`
}
type PolicyInputSelector ¶
type PolicyInputSelector struct {
Type string `mapstructure:"type"`
}
type PolicyMetadata ¶
type PolicyMetadata struct {
ID string `json:",omitempty"`
Type string `json:",omitempty"`
Title string `json:",omitempty"`
Description string `json:",omitempty"`
Severity string `json:",omitempty"`
RecommendedActions string `json:",omitempty" mapstructure:"recommended_actions"`
References []string `json:",omitempty"`
}
type SrcPackage ¶
Source Files
Click to show internal directories.
Click to hide internal directories.