Documentation
¶
Index ¶
Constants ¶
View Source
const ( AzdSecInfoAnnotationPrefix = "azuredefender.io" ContainersVulnerabilityScanInfoAnnotationName = AzdSecInfoAnnotationPrefix + "/containers.vulnerability.scan.info" )
View Source
const (
UnscannedReasonAnnotationKey string = "UnscannedReason"
)
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ContainerVulnerabilityScanInfo ¶
type ContainerVulnerabilityScanInfo struct {
// Name container name in resource spec
Name string `json:"name"`
// Image container's image
Image *Image `json:"image"`
//ScanStatus vulnerability scan status for image
ScanStatus ScanStatus `json:"scanStatus"`
// ScanFindings vulnerability scan findings for image
ScanFindings []*ScanFinding `json:"scanFindings"`
// Additional data to add on annotaitons like URL or error if it skipped ( TODO for some reson omitempty doesnt work here and it is still printed on nil
AdditionalData map[string]string `json:"additionalData,omitempty"`
}
ContainerVulnerabilityScanInfo represents containers vulnerability scan information
type ContainerVulnerabilityScanInfoList ¶
type ContainerVulnerabilityScanInfoList struct {
//GeneratedTimestamp represents the time the scan info list (this) was generated
GeneratedTimestamp time.Time `json:"generatedTimestamp"`
//Containers List of ContainerVulnerabilityScanInfo that represents all the scan info of containers
Containers []*ContainerVulnerabilityScanInfo `json:"containers"`
}
ContainerVulnerabilityScanInfoList a list of container vulnerability scan info
type Image ¶
type Image struct {
// Name is image full reference (name) string (e.g. registry.azurecr.io/repo:tag)
Name string `json:"name"`
// Digest image resolved digest
// TODO: Add doc that this is currently resolved in admission time and could defer in node pull sue to local caching
Digest string `json:"digest"`
}
Image represents container image
type ScanFinding ¶
type ScanFinding struct {
// Patchable represents whether finding is patchable
Patchable bool `json:"patchable"`
// Id represents finding's Id
Id string `json:"id"`
// Severity represents finding's severity (e.g. "High")
Severity string `json:"severity"`
}
ScanFinding represents a single findings of image vulnerability scan
type ScanStatus ¶
type ScanStatus string
ScanStatus represents container image scan status enum
const ( Unscanned ScanStatus = "unscanned" UnhealthyScan ScanStatus = "unhealthyScan" HealthyScan ScanStatus = "healthyScan" )
ScanStatus Enum
type UnscannedReason ¶
type UnscannedReason string
UnscannedReason represents the reason to unscanned status
const ( GetContainersVulnerabilityScanInfoTimeoutUnscannedReason UnscannedReason = "GetContainersVulnerabilityScanInfoGotTimeout" ImageIsNotInACRRegistryUnscannedReason UnscannedReason = "ImageIsNotInACR" ImageDoesNotExistUnscannedReason UnscannedReason = "ImageDoesNotExist" RegistryDoesNotExistUnscannedReason UnscannedReason = "RegistryDoesNotExist" )
UnscannedReason Enum
Source Files
Click to show internal directories.
Click to hide internal directories.