sbom

package
v0.0.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 27, 2022 License: Apache-2.0 Imports: 45 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	Success string = "success"
	Failed  string = "failed"
)
View Source 
const (
	Indexing edn.Keyword = "sbom.state/INDEXING"
	Indexed  edn.Keyword = "sbom.state/INDEXED"
)

Variables

View Source 
var NamespaceMapping = map[string]string{
	"oracle": "oraclelinux",
	"ol":     "oraclelinux",
	"amazon": "amazonlinux",
	"amzn":   "amazonlinux",
	"rhel":   "redhatlinux",
}
View Source 
var PackageTypeMapping = map[string]string{
	"apk":            "alpine",
	"debian":         "deb",
	"ubuntu":         "deb",
	"node-pkg":       "npm",
	"java":           "maven",
	"gobinary":       "golang",
	"go":             "golang",
	"go-module":      "golang",
	"java-archive":   "maven",
	"jenkins-plugin": "maven",
	"python":         "pypi",
	"python-pkg":     "pypi",
	"jar":            "maven",
	"gemspec":        "gem",
	"centos":         "rpm",
	"oracle":         "rpm",
	"ol":             "rpm",
	"amzn":           "rpm",
	"amazon":         "rpm",
	"redhat":         "rpm",
	"photon":         "rpm",
	"sles":           "rpm",
	"rhel":           "rpm",
	"pip":            "pypi",
	"rubygems":       "gem",
	"rust":           "cargo",
	"crates.io":      "cargo",
	"packagist":      "composer",
}

Functions

func ToAdvisoryUrl 

func ToAdvisoryUrl(pkg Package) string

func UploadSbom 

func UploadSbom(sb *Sbom, img *v1.Image, workspace string, apikey string) error

UploadSbom transact an image and its data into the data plane

Types

type Advisory 

type Advisory struct {
	Source      string      `edn:"vulnerability/source" json:"source"`
	SourceId    string      `edn:"vulnerability/source-id" json:"source_id"`
	References  []Reference `edn:"vulnerability/references" json:"references"`
	Description string      `edn:"vulnerability/description" json:"description,omitempty"`
	Cwes        []Cwe       `edn:"vulnerability/cwes" json:"cwes,omitempty"`
	Urls        []Url       `edn:"vulnerability/urls" json:"urls,omitempty"`
}

type BlobEntity 

type BlobEntity struct {
	skill.Entity `entity-type:"docker.image/blob"`
	Size         int64  `edn:"docker.image.blob/size"`
	Digest       string `edn:"docker.image.blob/digest"`
	DiffId       string `edn:"docker.image.blob/diff-id"`
}

type Cve 

type Cve struct {
	Purl            string    `edn:"purl" json:"purl"`
	Source          string    `edn:"source" json:"source"`
	SourceId        string    `edn:"source-id" json:"source_id"`
	VulnerableRange string    `edn:"vulnerable-range" json:"vulnerable_range"`
	AdvisoryUrl     string    `edn:"url" json:"-"`
	FixedBy         string    `edn:"fixed-by" json:"fixed_by,omitempty"`
	Advisory        *Advisory `edn:"v" json:"vendor_advisory,omitempty"`
	Cve             *Advisory `edn:"cve" json:"nist_cve,omitempty"`
}

type Cwe 

type Cwe struct {
	SourceId string `edn:"vulnerability.cwe/source-id" json:"source_id"`
	Name     string `edn:"vulnerability.cwe/name" json:"name,omitempty"`
}

type DependencyEntity 

type DependencyEntity struct {
	skill.Entity `entity-type:"package/dependency"`
	Scopes       []string      `edn:"package.dependency/scopes"`
	Parent       ImageEntity   `edn:"package.dependency/parent"`
	Package      PackageEntity `edn:"package.dependency/package"`
	Files        []FileEntity  `edn:"package.dependency/files"`
}

type Descriptor 

type Descriptor struct {
	Name        string `json:"name"`
	Version     string `json:"version"`
	SbomVersion string `json:"sbom_version"`
}

type Distro 

type Distro struct {
	OsName    string `json:"os_name,omitempty"`
	OsVersion string `json:"os_version,omitempty"`
	OsDistro  string `json:"os_distro,omitempty"`
}

type EnvironmentVariableEntity 

type EnvironmentVariableEntity struct {
	skill.Entity `entity-type:"docker.image.environment/variable"`
	Name         string `edn:"docker.image.environment.variable/name"`
	Value        string `edn:"docker.image.environment.variable/value"`
}

type FileEntity 

type FileEntity struct {
	skill.Entity `entity-type:"package/file"`
	Id           string `edn:"package.file/id"`
	Path         string `edn:"package.file/path"`
	Digest       string `edn:"package.file/digest"`
}

type ImageEntity 

type ImageEntity struct {
	skill.Entity         `entity-type:"docker/image"`
	Digest               string                       `edn:"docker.image/digest"`
	CreatedAt            *time.Time                   `edn:"docker.image/created-at,omitempty"`
	Repository           *RepositoryEntity            `edn:"docker.image/repository,omitempty"`
	Repositories         *[]RepositoryEntity          `edn:"docker.image/repositories,omitempty"`
	Tags                 *skill.ManyRef               `edn:"docker.image/tags,omitempty"`
	Labels               *[]LabelEntity               `edn:"docker.image/labels,omitempty"`
	Ports                *[][2]string                 `edn:"docker.image/ports,omitempty"`
	Env                  *[][2]string                 `edn:"docker.image/env,omitempty"`
	EnvironmentVariables *[]EnvironmentVariableEntity `edn:"docker.image/environment-variables,omitempty"`
	Layers               *[]LayerEntity               `edn:"docker.image/layers,omitempty"`
	BlobDigest           string                       `edn:"docker.image/blob-digest,omitempty"`
	DiffChainId          string                       `edn:"docker.image/diff-chain-id,omitempty"`
	Sha                  string                       `edn:"docker.image/sha,omitempty"`

	SbomState        edn.Keyword `edn:"sbom/state"`
	SbomVersion      string      `edn:"sbom/version,omitempty"`
	SbomLastUpdated  *time.Time  `edn:"sbom/last-updated,omitempty"`
	SbomPackageCount int         `edn:"sbom/package-count,omitempty"`

	Dependencies *skill.ManyRef `edn:"artifact/dependencies,omitempty"`
}

type ImageSource 

type ImageSource struct {
	Name        string         `json:"name"`
	Digest      string         `json:"digest"`
	Tags        *[]string      `json:"tags,omitempty"`
	Manifest    *v1.Manifest   `json:"manifest"`
	Config      *v1.ConfigFile `json:"config"`
	RawManifest string         `json:"raw_manifest"`
	RawConfig   string         `json:"raw_config"`
	Distro      Distro         `json:"distro"`
	Platform    Platform       `json:"platform"`
	Size        int64          `json:"size"`
}

type IndexResult 

type IndexResult struct {
	Name     string
	Packages []Package
	Status   string
	Error    error
	Distro   Distro
}

type LabelEntity 

type LabelEntity struct {
	skill.Entity `entity-type:"docker.image/label"`
	Name         string `edn:"docker.image.label/name"`
	Value        string `edn:"docker.image.label/value"`
}

type LayerEntity 

type LayerEntity struct {
	skill.Entity `entity-type:"docker.image/layer"`
	Ordinal      int        `edn:"docker.image.layer/ordinal"`
	ImageDigest  string     `edn:"docker.image.layer/image-digest"`
	Blob         BlobEntity `edn:"docker.image.layer/blob"`
	CreatedAt    time.Time  `edn:"docker.image.layer/created-at"`
	CreatedBy    string     `edn:"docker.image.layer/created-by"`
	BlobDigest   string     `edn:"docker.image.layer/blob-digest"`
	ChainId      string     `edn:"docker.image.layer/chain-id"`
}

type LayerMapping 

type LayerMapping struct {
	ByDiffId        map[string]string
	ByDigest        map[string]string
	OrdinalByDiffId map[string]int
	DiffIdByOrdinal map[int]string
	DigestByOrdinal map[int]string
}

type Location 

type Location struct {
	Path   string `json:"path"`
	Digest string `json:"digest"`
	DiffId string `json:"diff_id"`
}

type Package 

type Package struct {
	Type          string     `json:"type"`
	Namespace     string     `json:"namespace,omitempty"`
	Name          string     `json:"name"`
	Version       string     `json:"version"`
	Purl          string     `json:"purl"`
	Author        string     `json:"author,omitempty"`
	Description   string     `json:"description,omitempty"`
	Licenses      []string   `json:"licenses,omitempty"`
	Url           string     `json:"url,omitempty"`
	Size          int        `json:"size,omitempty"`
	InstalledSize int        `json:"installed_size,omitempty"`
	Locations     []Location `json:"locations"`
	Files         []Location `json:"files,omitempty"`
	Parent        string     `json:"parent,omitempty"`
}

func NormalizePackages 

func NormalizePackages(pkgs []Package) ([]Package, error)

type PackageEntity 

type PackageEntity struct {
	skill.Entity `entity-type:"package"`
	Purl         string   `edn:"package/url"`
	Type         string   `edn:"package/type"`
	Namespace    string   `edn:"package/namespace,omitempty"`
	Name         string   `edn:"package/name"`
	Version      string   `edn:"package/version"`
	Author       string   `edn:"package/author,omitempty"`
	Licenses     []string `edn:"package/licenses,omitempty"`
	Description  string   `edn:"package/description,omitempty"`
	Url          string   `edn:"package/homepage,omitempty"`
	Size         int      `edn:"package/size,omitempty"`
	AdvisoryUrl  string   `edn:"package/advisory-url"`
}

type Platform 

type Platform struct {
	Os           string `json:"os"`
	Architecture string `json:"architecture"`
	Variant      string `json:"variant,omitempty"`
}

type PlatformEntity 

type PlatformEntity struct {
	skill.Entity `entity-type:"docker/platform"`
	Image        ImageEntity `edn:"docker.platform/image"`
	Os           string      `edn:"docker.platform/os"`
	Architecture string      `edn:"docker.platform/architecture"`
	Variant      string      `edn:"docker.platform/variant,omitempty"`
}

type Reference 

type Reference struct {
	Source string  `edn:"vulnerability.reference/source" json:"source"`
	Scores []Score `edn:"vulnerability.reference/scores" json:"scores"`
}

type RepositoryEntity 

type RepositoryEntity struct {
	skill.Entity `entity-type:"docker/repository"`
	Host         string        `edn:"docker.repository/host"`
	Name         string        `edn:"docker.repository/repository"`
	Platforms    skill.ManyRef `edn:"docker.repository/platforms"`
	Type         edn.Keyword   `edn:"docker.repository/type,omitempty"`
}

type Sbom 

type Sbom struct {
	Source          Source     `json:"source"`
	Artifacts       []Package  `json:"artifacts"`
	Vulnerabilities []Cve      `json:"vulnerabilities,omitempty"`
	Descriptor      Descriptor `json:"descriptor"`
}

func IndexImage 

func IndexImage(image string, client client.APIClient) (*Sbom, *v1.Image, error)

func IndexPath 

func IndexPath(path string, name string) (*Sbom, *v1.Image, error)

type Score 

type Score struct {
	Type  string `edn:"vulnerability.reference.score/type" json:"type"`
	Value string `edn:"vulnerability.reference.score/value" json:"value"`
}

type Source 

type Source struct {
	Type  string      `json:"type"`
	Image ImageSource `json:"image"`
}

type TagEntity 

type TagEntity struct {
	skill.Entity `entity-type:"docker/tag"`
	Name         string           `edn:"docker.tag/name"`
	UpdatedAt    time.Time        `edn:"docker.tag/updated-at"`
	Repository   RepositoryEntity `edn:"docker.tag/repository"`
	Digest       string           `edn:"docker.tag/digest"`
	Image        ImageEntity      `edn:"docker.tag/image"`
}

type Url 

type Url struct {
	Name  string `edn:"vulnerability.url/name" json:"name"`
	Value string `edn:"vulnerability.url/value" json:"value,omitempty"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.