types

package
v0.0.0-...-00dab56 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 29, 2024 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrGoInvalidTag       = errors.New("go binary has invalid build tag(s) set")
	ErrGoMissingSymbols   = errors.New("go binary does not contain required symbol(s)")
	ErrGoMissingTag       = errors.New("go binary does not contain required tag(s)")
	ErrGoNoCgoInit        = errors.New("x_cgo_init or _cgo_topofstack not found")
	ErrGoNoTags           = errors.New("go binary has no build tags set (should have strictfipsruntime)")
	ErrGoNotCgoEnabled    = errors.New("go binary is not CGO_ENABLED")
	ErrGoNotGoExperiment  = errors.New("go binary does not enable GOEXPERIMENT=strictfipsruntime")
	ErrLibcryptoMany      = errors.New("openssl: found multiple different libcrypto versions")
	ErrLibcryptoMissing   = errors.New("openssl: did not find libcrypto library within binary")
	ErrLibcryptoSoMissing = errors.New("could not find dependent openssl version within container image")
	ErrNotDynLinked       = errors.New("executable is not dynamically linked")
)

Well-known errors returned by scan. If you modify this list, do not forget to run 'go generate'.

View Source 
var KnownErrors = map[string]error{
	"ErrGoInvalidTag":       ErrGoInvalidTag,
	"ErrGoMissingSymbols":   ErrGoMissingSymbols,
	"ErrGoMissingTag":       ErrGoMissingTag,
	"ErrGoNoCgoInit":        ErrGoNoCgoInit,
	"ErrGoNoTags":           ErrGoNoTags,
	"ErrGoNotCgoEnabled":    ErrGoNotCgoEnabled,
	"ErrGoNotGoExperiment":  ErrGoNotGoExperiment,
	"ErrLibcryptoMany":      ErrLibcryptoMany,
	"ErrLibcryptoMissing":   ErrLibcryptoMissing,
	"ErrLibcryptoSoMissing": ErrLibcryptoSoMissing,
	"ErrNotDynLinked":       ErrNotDynLinked,
}

Functions

func KnownErrorName 

func KnownErrorName(err error) string

KnownErrorName returns a name of the KnownError, if found, or empty string.

Types

type ArtifactPod 

type ArtifactPod struct {
	APIVersion string       `json:"apiVersion"`
	Items      []corev1.Pod `json:"items"`
}

type Config 

type Config struct {
	Components              []string      `json:"components"`
	FailOnWarnings          bool          `json:"fail_on_warnings"`
	FilterFile              string        `json:"filter_file"`
	FromFile                string        `json:"from_file"`
	FromURL                 string        `json:"from_url"`
	InsecurePull            bool          `json:"insecure_pull"`
	Limit                   int           `json:"limit"`
	ContainerImageComponent string        `json:"container_image_component"`
	ContainerImage          string        `json:"container_image"`
	OutputFile              string        `json:"output_file"`
	OutputFormat            string        `json:"output_format"`
	Parallelism             int           `json:"parallelism"`
	Java                    bool          `json:"java"`
	PrintExceptions         bool          `json:"print_exceptions"`
	PullSecret              string        `json:"pull_secret"`
	TimeLimit               time.Duration `json:"time_limit"`
	Verbose                 bool          `json:"verbose"`
	UseRPMScan              bool          `json:"use_rpm_scan"`

	ConfigFile
}

func (*Config) IgnoreDir 

func (c *Config) IgnoreDir(path string) bool

func (*Config) IgnoreDirPrefix 

func (c *Config) IgnoreDirPrefix(path string) bool

IgnoreDirPrefix is similar to IgnoreDir. The difference is, this method performs a a prefix match, meaning that "/a/b/c" path supplied will return true if c.FilterDirs contains "/a" or "/a/b". This method should be used from code that receives the list of files (such as rpm -ql input), rather than traverses a file tree.

func (*Config) IgnoreDirWithComponent 

func (c *Config) IgnoreDirWithComponent(path string, component *OpenshiftComponent) bool

func (*Config) IgnoreFile 

func (c *Config) IgnoreFile(path string) bool

func (*Config) IgnoreFileByRpm 

func (c *Config) IgnoreFileByRpm(path string, rpm string) bool

func (*Config) IgnoreFileWithComponent 

func (c *Config) IgnoreFileWithComponent(path string, component *OpenshiftComponent) bool

func (*Config) IgnoreFileWithTag 

func (c *Config) IgnoreFileWithTag(path string, tag *imagev1.TagReference) bool

func (*Config) Log 

func (c *Config) Log()

func (*Config) NewDefaultConfig 

func (c *Config) NewDefaultConfig()

NewDefaultConfig initializes the configuration with default values for testing.

type ConfigFile 

type ConfigFile struct {
	FilterFiles            []string `json:"filter_files" toml:"filter_files"`
	FilterDirs             []string `json:"filter_dirs" toml:"filter_dirs"`
	FilterImages           []string `json:"filter_images" toml:"filter_images"`
	JavaDisabledAlgorithms []string `json:"java_fips_disabled_algorithms" toml:"java_fips_disabled_algorithms"`

	PayloadIgnores map[string]IgnoreLists `toml:"payload"`
	TagIgnores     map[string]IgnoreLists `toml:"tag"`
	RPMIgnores     map[string]IgnoreLists `toml:"rpm"`
	ErrIgnores     ErrIgnoreList          `json:"ignore" toml:"ignore"`
}

ConfigFile is a part of Config. It contains fields that can be set via a configuration files.

func (*ConfigFile) Add 

func (c *ConfigFile) Add(add *ConfigFile) error

func (*ConfigFile) Validate 

func (c *ConfigFile) Validate() (err, warn error)

Validate validates the configuration. Currently it checks that all the file and directory paths are absolute and clean, and that there are no overlaps between each entry files and dirs. It returns errors and warnings; errors are considered fatal, while warnings are more like FYI.

type ErrIgnore 

type ErrIgnore struct {
	Error KnownError `toml:"error"`
	Files []string   `toml:"files"`
	Dirs  []string   `toml:"dirs"`
}

type ErrIgnoreList 

type ErrIgnoreList []ErrIgnore

func (ErrIgnoreList) Ignore 

func (i ErrIgnoreList) Ignore(file string, err error) bool

Ignore checks if the particular error err is to be ignored for a specified file.

type ErrorLevel 

type ErrorLevel int64
const (
	Error ErrorLevel = iota
	Warning
)

type IgnoreLists 

type IgnoreLists struct {
	FilterFiles []string      `json:"filter_files" toml:"filter_files"`
	FilterDirs  []string      `json:"filter_dirs" toml:"filter_dirs"`
	ErrIgnores  ErrIgnoreList `json:"ignore" toml:"ignore"`
}

type JavaComponent 

type JavaComponent struct {
	Entrypoint []string
	Cmd        []string
	WorkingDir string
}

type KnownError 

type KnownError struct {
	Err error
	Str string
}

KnownError is a type used to parse "error = Err*" values in toml config.

func (KnownError) String 

func (e KnownError) String() string

String is used when printing the current configuration.

func (*KnownError) UnmarshalText 

func (e *KnownError) UnmarshalText(text []byte) error

UnmarshalText is used when parsing toml config.

type OpenshiftComponent 

type OpenshiftComponent struct {
	Component           string `json:"component"`
	SourceLocation      string `json:"source_location"`
	MaintainerComponent string `json:"maintainer_component"`
	IsBundle            bool   `json:"is_bundle"`
}

type OpensslInfo 

type OpensslInfo struct {
	Present bool
	FIPS    bool
	Error   error
	Path    string
}

type ScanResult 

type ScanResult struct {
	Component *OpenshiftComponent
	Tag       *v1.TagReference
	RPM       string
	Path      string
	Skip      bool
	Error     *ValidationError
}

func NewScanResult 

func NewScanResult() *ScanResult

func (*ScanResult) IsLevel 

func (r *ScanResult) IsLevel(level ErrorLevel) bool

func (*ScanResult) IsSuccess 

func (r *ScanResult) IsSuccess() bool

func (*ScanResult) SetComponent 

func (r *ScanResult) SetComponent(component *OpenshiftComponent) *ScanResult

func (*ScanResult) SetError 

func (r *ScanResult) SetError(err error) *ScanResult

func (*ScanResult) SetOpenssl 

func (r *ScanResult) SetOpenssl(info OpensslInfo) *ScanResult

func (*ScanResult) SetPath 

func (r *ScanResult) SetPath(path string) *ScanResult

func (*ScanResult) SetRPM 

func (r *ScanResult) SetRPM(rpm string) *ScanResult

func (*ScanResult) SetTag 

func (r *ScanResult) SetTag(tag *v1.TagReference) *ScanResult

func (*ScanResult) SetValidationError 

func (r *ScanResult) SetValidationError(err *ValidationError) *ScanResult

func (*ScanResult) Skipped 

func (r *ScanResult) Skipped() *ScanResult

func (*ScanResult) Status 

func (r *ScanResult) Status() string

func (*ScanResult) Success 

func (r *ScanResult) Success() *ScanResult

type ScanResults 

type ScanResults struct {
	Items []*ScanResult
}

func NewScanResults 

func NewScanResults() *ScanResults

func (*ScanResults) Append 

func (sr *ScanResults) Append(result *ScanResult) *ScanResults

type ValidationError 

type ValidationError struct {
	Level ErrorLevel
	Error error
}

func NewValidationError 

func NewValidationError(err error) *ValidationError

func (*ValidationError) GetError 

func (ve *ValidationError) GetError() error

func (*ValidationError) IsError 

func (ve *ValidationError) IsError() bool

func (*ValidationError) IsWarning 

func (ve *ValidationError) IsWarning() bool

func (*ValidationError) SetWarning 

func (ve *ValidationError) SetWarning() *ValidationError

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.