scan

package
v0.16.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 7, 2024 License: MIT Imports: 14 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var Command *cli.Command = &cli.Command{
	Name:    "scan",
	Aliases: []string{"s"},
	Usage:   "Scan image using Trivy",
	Flags: []cli.Flag{
		&cli.StringFlag{
			Name:    "severity",
			Aliases: []string{"S"},
			Usage:   "The severity to use when scanning the image: can be any combination of CRITICAL, HIGH, MEDIUM, LOW, or UNKNOWN separated by commas",
			Value:   "CRITICAL,HIGH",
			EnvVars: []string{"3LV_SEVERITY"},
		},
		&cli.StringSliceFlag{
			Name:    "formats",
			Aliases: []string{"F"},
			Usage:   "The formats to use when outputting the scan results: can be table, json, sarif or markdown.",
			Value:   cli.NewStringSlice("table"),
			Action: func(c *cli.Context, formats []string) error {
				for _, format := range formats {
					if format != "table" && format != "json" && format != "sarif" && format != "markdown" {
						return cli.Exit("Invalid format provided", 1)
					}
				}

				return nil
			},
			EnvVars: []string{"3LV_FORMATS"},
		},
		&cli.BoolFlag{
			Name:    "disable-error",
			Aliases: []string{"D"},
			Usage:   "Disable error exit code on vulnerabilities found",
			Value:   false,
			EnvVars: []string{"3LV_DISABLE_ERROR"},
		},
		&cli.BoolFlag{
			Name:    "skip-db-update",
			Usage:   "Skip update Trivy vulnerability database",
			Value:   false,
			EnvVars: []string{"3LV_SKIP_DB_UPDATE"},
		},
	},
	Action: Scan,
}

Functions

func Scan 

func Scan(c *cli.Context) error

func ScanImage 

func ScanImage(
	imageName string,
	severity string,
	formats []string,
	disableError bool,
	skipDBUpdate bool,
) error

Types

type TrivyResult added in v0.9.0 

type TrivyResult struct {
	SchemaVersion int    `json:"SchemaVersion"`
	CreatedAt     string `json:"CreatedAt"`
	ArtifactName  string `json:"ArtifactName"`
	ArtifactType  string `json:"ArtifactType"`
	Metadata      struct {
		OS struct {
			Family string `json:"Family"`
			Name   string `json:"Name"`
			EOSL   bool   `json:"EOSL"`
		} `json:"OS"`
		ImageID     string   `json:"ImageID"`
		DiffIDs     []string `json:"DiffIDs"`
		RepoTags    []string `json:"RepoTags"`
		RepoDigests []string `json:"RepoDigests"`
		ImageConfig struct {
			Architecture  string `json:"architecture"`
			Container     string `json:"container"`
			Created       string `json:"created"`
			DockerVersion string `json:"docker_version"`
			History       []struct {
				Created    string `json:"created"`
				CreatedBy  string `json:"created_by"`
				EmptyLayer bool   `json:"empty_layer"`
			} `json:"history"`
			OS     string `json:"os"`
			Rootfs struct {
				Type    string   `json:"type"`
				DiffIDs []string `json:"diff_ids"`
			} `json:"rootfs"`
			Config struct {
				Cmd   []string `json:"Cmd"`
				Env   []string `json:"Env"`
				Image string   `json:"Image"`
			} `json:"config"`
		} `json:"ImageConfig"`
	} `json:"Metadata"`
	Results []TrivyVulnerabilityResult `json:"Results"`
}

type TrivyVulnerabilityResult added in v0.11.15 

type TrivyVulnerabilityResult struct {
	Target          string `json:"Target"`
	Class           string `json:"Class"`
	Type            string `json:"Type"`
	Vulnerabilities []struct {
		VulnerabilityID string `json:"VulnerabilityID"`
		PkgID           string `json:"PkgID"`
		PkgName         string `json:"PkgName"`
		PkgIdentifier   struct {
			PURL string `json:"PURL"`
			UID  string `json:"UID"`
		} `json:"PkgIdentifier"`
		InstalledVersion string `json:"InstalledVersion"`
		Status           string `json:"Status"`
		Layer            struct {
			Digest string `json:"Digest"`
			DiffID string `json:"DiffID"`
		} `json:"Layer"`
		SeveritySource string `json:"SeveritySource"`
		PrimaryURL     string `json:"PrimaryURL"`
		DataSource     struct {
			ID   string `json:"ID"`
			Name string `json:"Name"`
			URL  string `json:"URL"`
		} `json:"DataSource"`
		Title          string   `json:"Title"`
		Description    string   `json:"Description"`
		Severity       string   `json:"Severity"`
		CweIDs         []string `json:"CweIDs"`
		VendorSeverity struct {
			Azure      int `json:"azure"`
			Nvd        int `json:"nvd"`
			OracleOval int `json:"oracle-oval"`
			Photon     int `json:"photon"`
			Redhat     int `json:"redhat"`
			Ubuntu     int `json:"ubuntu"`
		} `json:"VendorSeverity"`
		CVSS struct {
			Nvd struct {
				V2Vector string  `json:"V2Vector"`
				V3Vector string  `json:"V3Vector"`
				V2Score  float64 `json:"V2Score"`
				V3Score  float64 `json:"V3Score"`
			} `json:"nvd"`
			Redhat struct {
				V3Vector string  `json:"V3Vector"`
				V3Score  float64 `json:"V3Score"`
			} `json:"redhat"`
		} `json:"CVSS"`
		References       []string `json:"References"`
		PublishedDate    string   `json:"PublishedDate"`
		LastModifiedDate string   `json:"LastModifiedDate"`
	} `json:"Vulnerabilities"`
}

type TrivyVulnerabilityResultsWithArtifactName added in v0.11.15 

type TrivyVulnerabilityResultsWithArtifactName struct {
	ArtifactName string                     `json:"ArtifactName"`
	Results      []TrivyVulnerabilityResult `json:"Results"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.