Documentation
¶
Overview ¶
Package image provides functionality to scan a container image by layers for software inventory.
Index ¶
- func NewFromImage(image v1.Image) (scalibrfs.FS, error)
- func NewFromRemoteName(imageName string, imageOptions ...remote.Option) (scalibrfs.FS, error)
- func V1ImageFromRemoteName(imageName string, imageOptions ...remote.Option) (v1.Image, error)
- type ChainLayer
- type File
- type History
- type Image
- type Layer
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewFromImage ¶
NewFromImage creates a SCALIBR filesystem for scanning a container from its image descriptor.
func NewFromRemoteName ¶
NewFromRemoteName pulls a remote container and creates a SCALIBR filesystem for scanning it.
Types ¶
type ChainLayer ¶
type ChainLayer interface {
// FS output an filesystem that consist of the files found in the layer n and all previous layers
// (layer 0, layer 1, ..., layer n).
FS() scalibrfs.FS
// Index is the index of the latest layer in the layer chain.
Index() int
// ChainID is the layer chain ID (sha256 hash) of the layer in the container image.
// https://github.com/opencontainers/image-spec/blob/main/config.md#layer-chainid
ChainID() digest.Digest
// Layer is the latest layer in the layer chain.
Layer() Layer
}
ChainLayer is a filesystem derived from container layers that can be scanned for software inventory. It holds all the files found in layer 0, layer 1, ..., layer n (where n is the layer index). It also holds metadata about the latest container layer such as whether it is empty, its diffID, command, and index.
type File ¶
File is a file in a container image that can be scanned for software inventory. It also holds metadata about the file such as its permissions, type and the real file path.
type History ¶
History holds the creation, modification, and deletion history of a file or inventory. Each field holds an array of integers representing layer indices.
type Image ¶
type Image interface {
// Layers returns the layers of the image.
Layers() ([]Layer, error)
// ChainLayers returns the chain layers of the image.
ChainLayers() ([]ChainLayer, error)
// FS returns a SCALIBR compliant filesystem that represents the image.
FS() scalibrfs.FS
}
Image is a container image that can be scanned for software inventory. It is composed of a set of layers that can be scanned for software inventory.
type Layer ¶
type Layer interface {
// FS outputs a filesystem that consist of the files found in the layer. This includes files that
// were added or modified. Whiteout files are also included in the filesystem if files or
// directories from previous layers were removed.
FS() scalibrfs.FS
// IsEmpty signifies whether the layer is empty. This should correspond with an empty filesystem
// produced by the FS method.
IsEmpty() bool
// DiffID is the hash of the uncompressed layer. Will be an empty string if the layer is empty.
DiffID() digest.Digest
// Command is the specific command that produced the layer.
Command() string
}
Layer is a filesystem derived from a container layer that can be scanned for software inventory. It also holds metadata about the container layer such as whether it is empty, its diffID, index, and command.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
layerscanning
|
|
|
image
Package image provides functionality to scan a linux container image by layers for software inventory.
|
Package image provides functionality to scan a linux container image by layers for software inventory. |
|
testing/fakechainlayer
Package fakechainlayer provides a fake implementation of the image.ChainLayer and scalibrfs.FS interface for testing purposes.
|
Package fakechainlayer provides a fake implementation of the image.ChainLayer and scalibrfs.FS interface for testing purposes. |
|
testing/fakeimage
Package fakeimage provides a fake implementation of the image.Image interface for testing purposes.
|
Package fakeimage provides a fake implementation of the image.Image interface for testing purposes. |
|
testing/fakelayer
Package fakelayer provides a fake implementation of the image.Layer interface for testing purposes.
|
Package fakelayer provides a fake implementation of the image.Layer interface for testing purposes. |
|
testing/fakelayerbuilder
Package fakelayerbuilder uses a yaml file with custom syntax to build up fake layers for testing
|
Package fakelayerbuilder uses a yaml file with custom syntax to build up fake layers for testing |
|
testing/fakev1layer
Package fakev1layer provides a fake implementation of the v1.Layer interface for testing purposes.
|
Package fakev1layer provides a fake implementation of the v1.Layer interface for testing purposes. |
|
trace
Package trace provides functionality to trace the origin of an inventory in a container image.
|
Package trace provides functionality to trace the origin of an inventory in a container image. |
|
Package require provides an interface for specifying which files we are interested in during a container image extraction.
|
Package require provides an interface for specifying which files we are interested in during a container image extraction. |
|
Package symlink provides symlink-related util functions for container extraction.
|
Package symlink provides symlink-related util functions for container extraction. |
|
Package tar provides functionality for saving a container image to a tarball.
|
Package tar provides functionality for saving a container image to a tarball. |
|
Package unpack contains functions to unpack an image.
|
Package unpack contains functions to unpack an image. |
|
Package whiteout defines and implements whiteout related functions to be used in the layer scanning methods and functions.
|
Package whiteout defines and implements whiteout related functions to be used in the layer scanning methods and functions. |