Documentation ¶
Index ¶
- Variables
- func KnownErrorName(err error) string
- type ArtifactPod
- type Config
- func (c *Config) IgnoreDir(path string) bool
- func (c *Config) IgnoreDirPrefix(path string) bool
- func (c *Config) IgnoreDirWithComponent(path string, component *OpenshiftComponent) bool
- func (c *Config) IgnoreFile(path string) bool
- func (c *Config) IgnoreFileByRpm(path string, rpm string) bool
- func (c *Config) IgnoreFileWithComponent(path string, component *OpenshiftComponent) bool
- func (c *Config) IgnoreFileWithTag(path string, tag *imagev1.TagReference) bool
- func (c *Config) Log()
- func (c *Config) NewDefaultConfig()
- type ConfigFile
- type ErrIgnore
- type ErrIgnoreList
- type ErrorLevel
- type IgnoreLists
- type JavaComponent
- type KnownError
- type OpenshiftComponent
- type OpensslInfo
- type ScanResult
- func (r *ScanResult) IsLevel(level ErrorLevel) bool
- func (r *ScanResult) IsSuccess() bool
- func (r *ScanResult) SetComponent(component *OpenshiftComponent) *ScanResult
- func (r *ScanResult) SetError(err error) *ScanResult
- func (r *ScanResult) SetOpenssl(info OpensslInfo) *ScanResult
- func (r *ScanResult) SetPath(path string) *ScanResult
- func (r *ScanResult) SetRPM(rpm string) *ScanResult
- func (r *ScanResult) SetTag(tag *v1.TagReference) *ScanResult
- func (r *ScanResult) SetValidationError(err *ValidationError) *ScanResult
- func (r *ScanResult) Skipped() *ScanResult
- func (r *ScanResult) Status() string
- func (r *ScanResult) Success() *ScanResult
- type ScanResults
- type ValidationError
Constants ¶
This section is empty.
Variables ¶
var ( ErrGoInvalidTag = errors.New("go binary has invalid build tag(s) set") ErrGoMissingSymbols = errors.New("go binary does not contain required symbol(s)") ErrGoMissingTag = errors.New("go binary does not contain required tag(s)") ErrGoNoCgoInit = errors.New("x_cgo_init or _cgo_topofstack not found") ErrGoNoTags = errors.New("go binary has no build tags set (should have strictfipsruntime)") ErrGoNotCgoEnabled = errors.New("go binary is not CGO_ENABLED") ErrGoNotGoExperiment = errors.New("go binary does not enable GOEXPERIMENT=strictfipsruntime") ErrLibcryptoMany = errors.New("openssl: found multiple different libcrypto versions") ErrLibcryptoMissing = errors.New("openssl: did not find libcrypto library within binary") ErrLibcryptoSoMissing = errors.New("could not find dependent openssl version within container image") ErrNotDynLinked = errors.New("executable is not dynamically linked") )
Well-known errors returned by scan. If you modify this list, do not forget to run 'go generate'.
var KnownErrors = map[string]error{ "ErrGoInvalidTag": ErrGoInvalidTag, "ErrGoMissingSymbols": ErrGoMissingSymbols, "ErrGoMissingTag": ErrGoMissingTag, "ErrGoNoCgoInit": ErrGoNoCgoInit, "ErrGoNoTags": ErrGoNoTags, "ErrGoNotCgoEnabled": ErrGoNotCgoEnabled, "ErrGoNotGoExperiment": ErrGoNotGoExperiment, "ErrLibcryptoMany": ErrLibcryptoMany, "ErrLibcryptoMissing": ErrLibcryptoMissing, "ErrLibcryptoSoMissing": ErrLibcryptoSoMissing, "ErrNotDynLinked": ErrNotDynLinked, }
Functions ¶
func KnownErrorName ¶
KnownErrorName returns a name of the KnownError, if found, or empty string.
Types ¶
type ArtifactPod ¶
type Config ¶
type Config struct { Components []string `json:"components"` FailOnWarnings bool `json:"fail_on_warnings"` FilterFile string `json:"filter_file"` FromFile string `json:"from_file"` FromURL string `json:"from_url"` InsecurePull bool `json:"insecure_pull"` Limit int `json:"limit"` ContainerImageComponent string `json:"container_image_component"` ContainerImage string `json:"container_image"` OutputFile string `json:"output_file"` OutputFormat string `json:"output_format"` Parallelism int `json:"parallelism"` Java bool `json:"java"` PrintExceptions bool `json:"print_exceptions"` PullSecret string `json:"pull_secret"` TimeLimit time.Duration `json:"time_limit"` Verbose bool `json:"verbose"` UseRPMScan bool `json:"use_rpm_scan"` ConfigFile }
func (*Config) IgnoreDirPrefix ¶
IgnoreDirPrefix is similar to IgnoreDir. The difference is, this method performs a a prefix match, meaning that "/a/b/c" path supplied will return true if c.FilterDirs contains "/a" or "/a/b". This method should be used from code that receives the list of files (such as rpm -ql input), rather than traverses a file tree.
func (*Config) IgnoreDirWithComponent ¶
func (c *Config) IgnoreDirWithComponent(path string, component *OpenshiftComponent) bool
func (*Config) IgnoreFile ¶
func (*Config) IgnoreFileWithComponent ¶
func (c *Config) IgnoreFileWithComponent(path string, component *OpenshiftComponent) bool
func (*Config) IgnoreFileWithTag ¶
func (c *Config) IgnoreFileWithTag(path string, tag *imagev1.TagReference) bool
func (*Config) NewDefaultConfig ¶
func (c *Config) NewDefaultConfig()
NewDefaultConfig initializes the configuration with default values for testing.
type ConfigFile ¶
type ConfigFile struct { FilterFiles []string `json:"filter_files" toml:"filter_files"` FilterDirs []string `json:"filter_dirs" toml:"filter_dirs"` FilterImages []string `json:"filter_images" toml:"filter_images"` JavaDisabledAlgorithms []string `json:"java_fips_disabled_algorithms" toml:"java_fips_disabled_algorithms"` PayloadIgnores map[string]IgnoreLists `toml:"payload"` TagIgnores map[string]IgnoreLists `toml:"tag"` RPMIgnores map[string]IgnoreLists `toml:"rpm"` ErrIgnores ErrIgnoreList `json:"ignore" toml:"ignore"` }
ConfigFile is a part of Config. It contains fields that can be set via a configuration files.
func (*ConfigFile) Add ¶
func (c *ConfigFile) Add(add *ConfigFile) error
func (*ConfigFile) Validate ¶
func (c *ConfigFile) Validate() (err, warn error)
Validate validates the configuration. Currently it checks that all the file and directory paths are absolute and clean, and that there are no overlaps between each entry files and dirs. It returns errors and warnings; errors are considered fatal, while warnings are more like FYI.
type ErrIgnore ¶
type ErrIgnore struct { Error KnownError `toml:"error"` Files []string `toml:"files"` Dirs []string `toml:"dirs"` }
type ErrIgnoreList ¶
type ErrIgnoreList []ErrIgnore
type IgnoreLists ¶
type IgnoreLists struct { FilterFiles []string `json:"filter_files" toml:"filter_files"` FilterDirs []string `json:"filter_dirs" toml:"filter_dirs"` ErrIgnores ErrIgnoreList `json:"ignore" toml:"ignore"` }
type JavaComponent ¶
type KnownError ¶
KnownError is a type used to parse "error = Err*" values in toml config.
func (KnownError) String ¶
func (e KnownError) String() string
String is used when printing the current configuration.
func (*KnownError) UnmarshalText ¶
func (e *KnownError) UnmarshalText(text []byte) error
UnmarshalText is used when parsing toml config.
type OpenshiftComponent ¶
type ScanResult ¶
type ScanResult struct { Component *OpenshiftComponent Tag *v1.TagReference RPM string Path string Skip bool Error *ValidationError }
func NewScanResult ¶
func NewScanResult() *ScanResult
func (*ScanResult) IsLevel ¶
func (r *ScanResult) IsLevel(level ErrorLevel) bool
func (*ScanResult) IsSuccess ¶
func (r *ScanResult) IsSuccess() bool
func (*ScanResult) SetComponent ¶
func (r *ScanResult) SetComponent(component *OpenshiftComponent) *ScanResult
func (*ScanResult) SetError ¶
func (r *ScanResult) SetError(err error) *ScanResult
func (*ScanResult) SetOpenssl ¶
func (r *ScanResult) SetOpenssl(info OpensslInfo) *ScanResult
func (*ScanResult) SetPath ¶
func (r *ScanResult) SetPath(path string) *ScanResult
func (*ScanResult) SetRPM ¶
func (r *ScanResult) SetRPM(rpm string) *ScanResult
func (*ScanResult) SetTag ¶
func (r *ScanResult) SetTag(tag *v1.TagReference) *ScanResult
func (*ScanResult) SetValidationError ¶
func (r *ScanResult) SetValidationError(err *ValidationError) *ScanResult
func (*ScanResult) Skipped ¶
func (r *ScanResult) Skipped() *ScanResult
func (*ScanResult) Status ¶
func (r *ScanResult) Status() string
func (*ScanResult) Success ¶
func (r *ScanResult) Success() *ScanResult
type ScanResults ¶
type ScanResults struct {
Items []*ScanResult
}
func NewScanResults ¶
func NewScanResults() *ScanResults
func (*ScanResults) Append ¶
func (sr *ScanResults) Append(result *ScanResult) *ScanResults
type ValidationError ¶
type ValidationError struct { Level ErrorLevel Error error }
func NewValidationError ¶
func NewValidationError(err error) *ValidationError
func (*ValidationError) GetError ¶
func (ve *ValidationError) GetError() error
func (*ValidationError) IsError ¶
func (ve *ValidationError) IsError() bool
func (*ValidationError) IsWarning ¶
func (ve *ValidationError) IsWarning() bool
func (*ValidationError) SetWarning ¶
func (ve *ValidationError) SetWarning() *ValidationError