plugin

package
v0.1.6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 5, 2025 License: Apache-2.0 Imports: 2 Imported by: 5

Documentation

Overview

Package plugin collects the common code used by extractor and detector plugins.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ValidateRequirements added in v0.1.3 

func ValidateRequirements(p Plugin, capabs *Capabilities) error

ValidateRequirements checks that the specified scanning capabilities satisfy the requirements of a given plugin.

Types

type Capabilities added in v0.1.3 

type Capabilities struct {
	// A specific OS type a Plugin needs to be run on.
	OS OS
	// Whether network access is provided.
	Network bool
	// Whether the scanned artifacts can be access through direct filesystem calls.
	// True on hosts where the scan target is mounted onto the host's filesystem directly.
	// In these cases the plugin can open direct file paths with e.g. os.Open(path).
	// False if the artifact is not on the host but accessed through an abstract FS interface
	// (e.g. scanning a remote container image). In these cases the plugin must use the FS interface
	// to access the filesystem.
	DirectFS bool
	// Whether the scanner is scanning the real running system it's on. Examples where this is not the case:
	// * We're scanning a virtual filesystem unrelated to the host where SCALIBR is running.
	// * We're scanning a real filesystem of e.g. a container image that's mounted somewhere on disk.
	RunningSystem bool
}

Capabilities lists capabilities that the scanning environment provides for the plugins. A plugin can't be enabled if it has more requirements than what the scanning environment provides.

type OS added in v0.1.3 

type OS int

OS is the OS the scanner is running on, or a specific OS type a Plugin needs to be run on. 

const (
	OSAny     OS = iota
	OSLinux   OS = iota
	OSWindows OS = iota
	OSMac     OS = iota
	// OSUnix is used only when specifying Plugin requirements.
	// Specifies that the plugin needs to be run either on Linux or Mac.
	OSUnix OS = iota
)

OS values

type Plugin 

type Plugin interface {
	// A unique name used to identify this plugin.
	Name() string
	// Plugin version, should get bumped whenever major changes are made.
	Version() int
	// Requirements about the scanning environment, e.g. "needs to have network access".
	Requirements() *Capabilities
}

Plugin is the part of the plugin interface that's shared between extractors and detectors.

type ScanStatus 

type ScanStatus struct {
	Status        ScanStatusEnum
	FailureReason string
}

ScanStatus is the status of a scan run. In case the scan fails, FailureReason contains details.

func (*ScanStatus) String 

func (s *ScanStatus) String() string

String returns a string representation of the scan status.

type ScanStatusEnum 

type ScanStatusEnum int

ScanStatusEnum is the enum for the scan status. 

const (
	ScanStatusUnspecified ScanStatusEnum = iota
	ScanStatusSucceeded
	ScanStatusPartiallySucceeded
	ScanStatusFailed
)

ScanStatusEnum values.

type Status 

type Status struct {
	Name    string
	Version int
	Status  *ScanStatus
}

Status contains the status and version of the inventory+vuln plugins that ran.

func StatusFromErr 

func StatusFromErr(p Plugin, partial bool, err error) *Status

StatusFromErr returns a successful or failed plugin scan status for a given plugin based on an error.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.