Documentation
¶
Index ¶
- Variables
- func DeregisterAnalyzer(t Type)
- func DeregisterConfigAnalyzer(t Type)
- func RegisterAnalyzer(analyzer analyzer)
- func RegisterConfigAnalyzer(analyzer configAnalyzer)
- type AnalysisInput
- type AnalysisOptions
- type AnalysisResult
- type AnalyzerGroup
- func (ag AnalyzerGroup) AnalyzeFile(ctx context.Context, wg *sync.WaitGroup, limit *semaphore.Weighted, ...) error
- func (ag AnalyzerGroup) AnalyzeImageConfig(targetOS types.OS, configBlob []byte) []types.Package
- func (ag AnalyzerGroup) AnalyzerVersions() map[string]int
- func (ag AnalyzerGroup) ImageConfigAnalyzerVersions() map[string]int
- type AnalyzerOptions
- type CustomGroup
- type Group
- type Initializer
- type LicenseScannerOption
- type Opener
- type SecretScannerOption
- type Type
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // ErrUnknownOS occurs when unknown OS is analyzed. ErrUnknownOS = xerrors.New("unknown OS") // ErrPkgAnalysis occurs when the analysis of packages is failed. ErrPkgAnalysis = xerrors.New("failed to analyze packages") // ErrNoPkgsDetected occurs when the required files for an OS package manager are not detected ErrNoPkgsDetected = xerrors.New("no packages detected") )
View Source
var ( // TypeOSes has all OS-related analyzers TypeOSes = []Type{ TypeOSRelease, TypeAlpine, TypeAmazon, TypeCBLMariner, TypeDebian, TypePhoton, TypeCentOS, TypeRocky, TypeAlma, TypeFedora, TypeOracle, TypeRedHatBase, TypeSUSE, TypeUbuntu, TypeApk, TypeDpkg, TypeDpkgLicense, TypeRpm, TypeRpmqa, TypeApkRepo, } // TypeLanguages has all language analyzers TypeLanguages = []Type{ TypeBundler, TypeGemSpec, TypeCargo, TypeComposer, TypeJar, TypePom, TypeGradleLock, TypeNpmPkgLock, TypeNodePkg, TypeYarn, TypePnpm, TypeNuget, TypeDotNetCore, TypePythonPkg, TypePip, TypePipenv, TypePoetry, TypeGoBinary, TypeGoMod, TypeRustBinary, TypeConanLock, } // TypeLockfiles has all lock file analyzers TypeLockfiles = []Type{ TypeBundler, TypeNpmPkgLock, TypeYarn, TypePnpm, TypePip, TypePipenv, TypePoetry, TypeGoMod, TypePom, TypeConanLock, TypeGradleLock, } // TypeIndividualPkgs has all analyzers for individual packages TypeIndividualPkgs = []Type{TypeGemSpec, TypeNodePkg, TypePythonPkg, TypeGoBinary, TypeJar, TypeRustBinary} // TypeConfigFiles has all config file analyzers TypeConfigFiles = []Type{TypeYaml, TypeJSON, TypeDockerfile, TypeTerraform, TypeCloudFormation, TypeHelm} )
Functions ¶
func DeregisterConfigAnalyzer ¶
func DeregisterConfigAnalyzer(t Type)
DeregisterConfigAnalyzer is mainly for testing
func RegisterAnalyzer ¶
func RegisterAnalyzer(analyzer analyzer)
func RegisterConfigAnalyzer ¶
func RegisterConfigAnalyzer(analyzer configAnalyzer)
Types ¶
type AnalysisInput ¶
type AnalysisInput struct {
Dir string
FilePath string
Info os.FileInfo
Content dio.ReadSeekerAt
Options AnalysisOptions
}
type AnalysisOptions ¶
type AnalysisOptions struct {
Offline bool
}
type AnalysisResult ¶
type AnalysisResult struct {
OS *types.OS
Repository *types.Repository
PackageInfos []types.PackageInfo
Applications []types.Application
Secrets []types.Secret
Licenses []types.LicenseFile
SystemInstalledFiles []string // A list of files installed by OS package manager
// Files holds necessary file contents for the respective post-handler
Files map[types.HandlerType][]types.File
// Digests contains SHA-256 digests of unpackaged files
// used to search for SBOM attestation.
Digests map[string]string
// For Red Hat
BuildInfo *types.BuildInfo
// CustomResources hold analysis results from custom analyzers.
// It is for extensibility and not used in OSS.
CustomResources []types.CustomResource
// contains filtered or unexported fields
}
func NewAnalysisResult ¶
func NewAnalysisResult() *AnalysisResult
func (*AnalysisResult) Merge ¶
func (r *AnalysisResult) Merge(new *AnalysisResult)
func (*AnalysisResult) Sort ¶
func (r *AnalysisResult) Sort()
type AnalyzerGroup ¶
type AnalyzerGroup struct {
// contains filtered or unexported fields
}
func NewAnalyzerGroup ¶
func NewAnalyzerGroup(opt AnalyzerOptions) (AnalyzerGroup, error)
func (AnalyzerGroup) AnalyzeFile ¶
func (ag AnalyzerGroup) AnalyzeFile(ctx context.Context, wg *sync.WaitGroup, limit *semaphore.Weighted, result *AnalysisResult, dir, filePath string, info os.FileInfo, opener Opener, disabled []Type, opts AnalysisOptions) error
func (AnalyzerGroup) AnalyzeImageConfig ¶
func (AnalyzerGroup) AnalyzerVersions ¶
func (ag AnalyzerGroup) AnalyzerVersions() map[string]int
AnalyzerVersions returns analyzer version identifier used for cache keys.
func (AnalyzerGroup) ImageConfigAnalyzerVersions ¶
func (ag AnalyzerGroup) ImageConfigAnalyzerVersions() map[string]int
ImageConfigAnalyzerVersions returns analyzer version identifier used for cache keys.
type AnalyzerOptions ¶
type AnalyzerOptions struct {
Group Group
FilePatterns []string
DisabledAnalyzers []Type
SecretScannerOption SecretScannerOption
LicenseScannerOption LicenseScannerOption
}
AnalyzerOptions is used to initialize analyzers
type CustomGroup ¶
type CustomGroup interface {
Group() Group
}
CustomGroup returns a group name for custom analyzers This is mainly intended to be used in Aqua products.
type Initializer ¶
type Initializer interface {
Init(AnalyzerOptions) error
}
Initializer represents analyzers that need to take parameters from users
type LicenseScannerOption ¶
type LicenseScannerOption struct {
// Use license classifier to get better results though the classification is expensive.
Full bool
}
type Opener ¶
type Opener func() (dio.ReadSeekCloserAt, error)
type SecretScannerOption ¶
type SecretScannerOption struct {
ConfigPath string
}
type Type ¶
type Type string
const ( // ====== // OS // ====== TypeOSRelease Type = "os-release" TypeAlpine Type = "alpine" TypeAmazon Type = "amazon" TypeCBLMariner Type = "cbl-mariner" TypeDebian Type = "debian" TypePhoton Type = "photon" TypeCentOS Type = "centos" TypeRocky Type = "rocky" TypeAlma Type = "alma" TypeFedora Type = "fedora" TypeOracle Type = "oracle" TypeRedHatBase Type = "redhat" TypeSUSE Type = "suse" TypeUbuntu Type = "ubuntu" // OS Package TypeApk Type = "apk" TypeDpkg Type = "dpkg" TypeDpkgLicense Type = "dpkg-license" // For analyzing licenses TypeRpm Type = "rpm" TypeRpmqa Type = "rpmqa" // OS Package Repository TypeApkRepo Type = "apk-repo" // Ruby TypeBundler Type = "bundler" TypeGemSpec Type = "gemspec" // Rust TypeRustBinary Type = "rustbinary" TypeCargo Type = "cargo" // PHP TypeComposer Type = "composer" // Java TypeJar Type = "jar" TypePom Type = "pom" TypeGradleLock Type = "gradle-lockfile" // Node.js TypeNpmPkgLock Type = "npm" TypeNodePkg Type = "node-pkg" TypeYarn Type = "yarn" TypePnpm Type = "pnpm" // .NET TypeNuget Type = "nuget" TypeDotNetCore Type = "dotnet-core" // Python TypePythonPkg Type = "python-pkg" TypePip Type = "pip" TypePipenv Type = "pipenv" TypePoetry Type = "poetry" // Go TypeGoBinary Type = "gobinary" TypeGoMod Type = "gomod" // C/C++ TypeConanLock Type = "conan-lock" // ============ // Non-packaged // ============ TypeExecutable Type = "executable" // ============ // Image Config // ============ TypeApkCommand Type = "apk-command" // ================= // Structured Config // ================= TypeYaml Type = "yaml" TypeJSON Type = "json" TypeDockerfile Type = "dockerfile" TypeTerraform Type = "terraform" TypeCloudFormation Type = "cloudFormation" TypeHelm Type = "helm" // ======== // License // ======== TypeLicenseFile Type = "license-file" // ======== // Secrets // ======== TypeSecret Type = "secret" // ======= // Red Hat // ======= TypeRedHatContentManifestType Type = "redhat-content-manifest" TypeRedHatDockerfileType Type = "redhat-dockerfile" )
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.