Documentation
¶
Overview ¶
Package image provides models used in the scan commend
Index ¶
- Constants
- func MakeVulnerabilityURL(id string) string
- type Advisories
- type BdComponent
- type BdTool
- type BomDescriptor
- type Component
- type CvssItem
- type Document
- type Identifier
- type License
- type Metadata
- type PolicyViolation
- type Rating
- type SBOM
- type ScannedImage
- type Score
- type Source
- type ValidatedImage
- type ValidatedImageOption
- type Violation
- type Violations
- type Vulnerability
- type VulnerabilityCyclon
Constants ¶
const ( // SeverityCritical is a supported severity. SeverityCritical = "CRITICAL" // SeverityHigh is a supported severity. SeverityHigh = "HIGH" // SeverityMedium is a supported severity. SeverityMedium = "MEDIUM" // SeverityLow is a supported severity. SeverityLow = "LOW" // SeverityUnknown is a supported severity. SeverityUnknown = "UNKNOWN" )
Variables ¶
This section is empty.
Functions ¶
func MakeVulnerabilityURL ¶ added in v1.6.3
MakeVulnerabilityURL create vulnerability url.
Types ¶
type Advisories ¶ added in v1.6.3
type Advisories struct {
Advisory []string `xml:"v:advisory"`
}
Advisories holds all the links for a vulnerability.
type BdComponent ¶ added in v1.6.3
BdComponent represents the software/package being cataloged.
type BdTool ¶ added in v1.6.3
type BdTool struct {
XMLName xml.Name `xml:"tool"`
Vendor string `xml:"vendor,omitempty"` // The vendor of the tool used to create the BOM.
Name string `xml:"name,omitempty"` // The name of the tool used to create the BOM.
Version string `xml:"version"` // The version of the tool used to create the BOM.
}
BdTool represents the tool that created the BOM report.
type BomDescriptor ¶ added in v1.6.3
type BomDescriptor struct {
XMLName xml.Name `xml:"metadata"`
Timestamp string `xml:"timestamp,omitempty"` // The date and time (timestamp) when the document was created
Tools []BdTool `xml:"tools>tool"` // The tool used to create the BOM.
Component *BdComponent `xml:"component"` // The Component that the BOM describes.
}
BomDescriptor represents all metadata surrounding the BOM report (such as when the BOM was made, with which tool, and the item being cataloged).
func NewBomDescriptor ¶ added in v1.6.3
func NewBomDescriptor(name, version string, userInput string, digest string) *BomDescriptor
NewBomDescriptor returns a new BomDescriptor tailored for the current time and "syft" tool details.
type Component ¶ added in v1.6.3
type Component struct {
XMLName xml.Name `xml:"component"`
// Required; Describes if the Component is a library, framework, application, container, operating system, firmware,
// hardware device, or file
Type string `xml:"type,attr"`
// The organization that supplied the Component.
// The supplier may often be the manufacture, but may also be a distributor or repackager.
Supplier string `xml:"supplier,omitempty"`
// The person(s) or organization(s) that authored the Component
Author string `xml:"author,omitempty"`
// The person(s) or organization(s) that published the Component
Publisher string `xml:"publisher,omitempty"`
// The high-level classification that a project self-describes as. This will often be a shortened,
// single name of the company or project that produced the Component, or the source package or domain name.
Group string `xml:"group,omitempty"`
// Required; The name of the Component as defined by the project
Name string `xml:"name"`
// Required; The version of the Component as defined by the project
Version string `xml:"version"`
// A description of the Component
Description string `xml:"description,omitempty"`
// A node describing zero or more License names, SPDX License IDs or expressions
Licenses *[]License `xml:"licenses>License"`
// Specifies the package-url (PackageURL). The purl,
// if specified, must be valid and conform to the specification defined at: https://github.com/package-url/purl-spec
PackageURL string `xml:"purl,omitempty"`
Vulnerabilities *[]VulnerabilityCyclon `xml:"v:vulnerabilities>v:vulnerability,omitempty"`
}
Component represents a single element in the CycloneDX BOM.
type Document ¶ added in v1.6.3
type Document struct {
XMLName xml.Name `xml:"bom"`
XMLNs string `xml:"xmlns,attr"`
XMLNsV string `xml:"xmlns:v,attr"`
Version int `xml:"version,attr"`
SerialNumber string `xml:"serialNumber,attr"`
BomDescriptor *BomDescriptor `xml:"metadata"`
Components []Component `xml:"components>component"`
}
Document represents a CycloneDX VulnerabilityCyclon Document.
type Identifier ¶
type Identifier struct {
FullTag string `json:"full_tag"`
Registry string `json:"registry"`
Repo string `json:"repo"`
Tag string `json:"tag"`
ManifestDigest string `json:"manifest_digest"`
RepoDigests []string `json:"repo_digests"`
}
Identifier is the identifier for an image.
func (*Identifier) Footer ¶
func (i *Identifier) Footer() string
Footer for Identifier will provide the overview link.
type License ¶ added in v1.6.3
type License struct {
XMLName xml.Name `xml:"license"`
// A valid SPDX License ID
ID string `xml:"id,omitempty"`
// If SPDX does not define the License used, this field may be used to provide the License name.
Name string `xml:"name,omitempty"`
}
License represents a single software License for a Component.
type Metadata ¶
type Metadata struct {
Distro string `json:"distro"`
DistroVersion string `json:"distro_version"`
ImageSize uint `json:"image_size"`
LayerCount uint `json:"layer_count"`
}
Metadata is the metadata of the image.
type PolicyViolation ¶
type PolicyViolation struct {
Policy string `json:"policy"`
Rule string `json:"rule"`
Risk string `json:"risk"`
Violation Violations `json:"violation"`
}
PolicyViolation represent a violation of a policy.
func (PolicyViolation) GetPolicyName ¶
func (p PolicyViolation) GetPolicyName() string
GetPolicyName implements the GetPolicyName method needed for presenting policy table by the presenter.
func (PolicyViolation) GetRisk ¶
func (p PolicyViolation) GetRisk() string
GetRisk implements the GetRisk method needed for presenting policy table by the presenter.
func (PolicyViolation) GetRuleName ¶
func (p PolicyViolation) GetRuleName() string
GetRuleName implements the GetRuleName method needed for presenting policy table by the presenter.
func (PolicyViolation) GetViolation ¶
func (p PolicyViolation) GetViolation() string
GetViolation implements the GetViolation method needed for presenting policy table by the presenter.
type Rating ¶ added in v1.6.3
type Rating struct {
Score *Score `xml:"v:score,omitempty"`
Severity string `xml:"v:severity,omitempty"`
Method string `xml:"v:method,omitempty"`
Vector string `xml:"v:vector,omitempty"`
}
Rating has information about the intensity of a vulnerability.
type SBOM ¶ added in v1.6.3
type SBOM struct {
// FullTag is the full tag of the bom
FullTag string
// ManifestDigest is the sha256 of this image manifest json
ManifestDigest string
// Packages enumerates the packages in the bill of materials
Packages bom.JSONDocument
}
SBOM response model from image scanning service.
type ScannedImage ¶
type ScannedImage struct {
Identifier `json:",inline"`
ImageMetadata Metadata `json:"image_metadata"`
Account string `json:"account"`
ScanStatus string `json:"scan_status"`
Vulnerabilities []Vulnerability `json:"vulnerabilities"`
PolicyViolations []PolicyViolation `json:"policy_violations,omitempty"`
Packages bom.JSONDocument `json:"packages"`
}
ScannedImage response model from image scanning service.
func (*ScannedImage) CycloneDXDoc ¶ added in v1.6.3
func (s *ScannedImage) CycloneDXDoc() ([]byte, error)
CycloneDXDoc returns all the vulnerabilities of the ScannedImage result as list of rows.
func (*ScannedImage) Header ¶
func (s *ScannedImage) Header() []string
Header is the header columns of the ScannedImage result.
func (*ScannedImage) Rows ¶
func (s *ScannedImage) Rows() [][]string
Rows returns all the vulnerabilities of the ScannedImage result as list of rows.
func (*ScannedImage) Title ¶
func (s *ScannedImage) Title() string
Title is the title of the ScannedImage result.
type Score ¶ added in v1.6.3
type Score struct {
Base float64 `xml:"v:base"`
Impact float64 `xml:"v:impact"`
Exploitability float64 `xml:"v:exploitability"`
}
Score provides the different ways to measure how serious a vulnerability is.
type Source ¶ added in v1.6.3
Source is the origin of the vulnerability, like GitHub Advisories or NVD, along with a URL constructed with the vulnerability ID.
type ValidatedImage ¶
type ValidatedImage struct {
Identifier `json:",inline"`
PolicyViolations []PolicyViolation `json:"policy_violations"`
}
ValidatedImage response model from guardrails validator service.
func NewValidatedImage ¶
func NewValidatedImage(identifier Identifier, violations []PolicyViolation, opts ValidatedImageOption) *ValidatedImage
NewValidatedImage will initialize a validated image.
func (*ValidatedImage) Header ¶
func (v *ValidatedImage) Header() []string
Header is the header columns of the ValidatedImage result.
func (*ValidatedImage) Rows ¶
func (v *ValidatedImage) Rows() [][]string
Rows returns all the violations of the ValidatedImage result as list of rows.
func (*ValidatedImage) Title ¶
func (v *ValidatedImage) Title() string
Title is the title of the ValidatedImage result.
type ValidatedImageOption ¶
ValidatedImageOption is the option for showing validated image result.
type Violation ¶
type Violation struct {
Image string `json:"image"`
Vulnerabilities []Vulnerability `json:"vulnerabilities"`
}
Violation stores violation made by an image.
type Violations ¶
type Violations struct {
ViolatedImages []Violation `json:"scanned"`
}
Violations represents scanning violations made by images.
type Vulnerability ¶
type Vulnerability struct {
ID string `json:"id" ,xml:"id"`
Package string `json:"package" ,xml:"package"`
Name string `json:"package_name" ,xml:"package_name"`
Version string `json:"package_version" ,xml:"package_version"`
Type string `json:"package_type" ,xml:"package_type"`
Severity string `json:"severity" ,xml:"severity"`
Link string `json:"link,omitempty" ,xml:"link,omitempty"`
Description string `json:"description,omitempty" ,xml:"description,omitempty"`
FixAvailable string `json:"fix_available" ,xml:"fix_available"`
Cvss CvssItem `json:"cvss" ,xml:"cvss"`
}
Vulnerability denotes the vulnerability items.
func (Vulnerability) GetCvssV2 ¶
func (v Vulnerability) GetCvssV2() string
GetCvssV2 return the Cvss.V2 of the vulnerability.
func (Vulnerability) GetCvssV3 ¶
func (v Vulnerability) GetCvssV3() string
GetCvssV3 return the Cvss.V3 of the vulnerability.
func (Vulnerability) GetFixAvailable ¶
func (v Vulnerability) GetFixAvailable() string
GetFixAvailable return the FixAvailable of the vulnerability.
func (Vulnerability) GetID ¶
func (v Vulnerability) GetID() string
GetID return the ID of the vulnerability.
func (Vulnerability) GetPackage ¶
func (v Vulnerability) GetPackage() string
GetPackage return the Package of the vulnerability.
func (Vulnerability) GetSeverity ¶
func (v Vulnerability) GetSeverity() string
GetSeverity return the Severity of the vulnerability.
func (Vulnerability) GetType ¶
func (v Vulnerability) GetType() string
GetType return the Type of the vulnerability.
type VulnerabilityCyclon ¶ added in v1.6.3
type VulnerabilityCyclon struct {
Ref string `xml:"ref,attr"`
ID string `xml:"v:id"`
Source Source `xml:"v:source"`
Ratings []Rating `xml:"v:ratings>v:rating"`
Description string `xml:"v:description,omitempty"`
Advisories *Advisories `xml:"v:advisories,omitempty"`
}
VulnerabilityCyclon is the actual description of a vulnerable artifact.
Source Files