Documentation
¶
Index ¶
Constants ¶
const ( // DefaultAddress is the default address of the Dependency-Track server. DefaultAddress string = "http://localhost:8080" // EnvAddress sets the address the Dependency-Track server. EnvAddress string = "DEPENDENCY_TRACK_ADDR" // EnvAPIKey sets the api key for the Dependency-Track API EnvAPIKey string = "DEPENDENCY_TRACK_API_KEY" )
Variables ¶
var ( // PolicyViolationStates are the possible states for a violation PolicyViolationStates = []string{ "INFO", "WARN", "FAIL", } // PolicyViolationTypes are the possible types for a violation PolicyViolationTypes = []string{ "LICENSE", "OPERATIONAL", "SECURITY", } // ViolationAnalysisStates are the possible states for a violation // analysis ViolationAnalysisStates = []string{ "APPROVED", "REJECTED", "NOT_SET", } )
var ( // ErrNotFound is a not found error ErrNotFound = errors.New("not found") )
Functions ¶
This section is empty.
Types ¶
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
Client interacts with Dependency-Track via the API
func (*Client) GetCurrentPortfolioMetrics ¶
func (c *Client) GetCurrentPortfolioMetrics() (*PortfolioMetrics, error)
GetCurrentPortfolioMetrics returns the current metrics for the whole portfolio
func (*Client) GetProjects ¶
GetProjects returns a list of all projects
func (*Client) GetViolations ¶
func (c *Client) GetViolations(suppressed bool) ([]*PolicyViolation, error)
GetViolations returns violations for the entire portfolio. Suppressed violations are omitted unless suppressed is true
type Policy ¶
type Policy struct {
ViolationState string `json:"violationState,omitempty"`
}
Policy is a policy
type PolicyCondition ¶
type PolicyCondition struct {
Policy Policy `json:"policy"`
}
PolicyCondition contains the policy
type PolicyViolation ¶
type PolicyViolation struct {
Analysis *ViolationAnalysis `json:"analysis,omitempty"`
PolicyCondition PolicyCondition `json:"policyCondition"`
Project Project `json:"project"`
Type string `json:"type"`
}
PolicyViolation is a violation
type PortfolioMetrics ¶
type PortfolioMetrics struct {
Critical int32 `json:"critical"`
High int32 `json:"high"`
Low int32 `json:"low"`
Medium int32 `json:"medium"`
Unassigned int32 `json:"unassigned"`
InheritedRiskScore float64 `json:"inheritedRiskScore"`
FindingsAudited int32 `json:"findingsAudited"`
FindingsUnaudited int32 `json:"findingsUnaudited"`
}
PortfolioMetrics are metrics for the whole portfolio
type Project ¶
type Project struct {
Name string `json:"name"`
Version string `json:"version"`
Classifier string `json:"classifier"`
Active bool `json:"active"`
LastBomImport Time `json:"lastBomImport"`
Metrics ProjectMetrics `json:"metrics"`
Tags []ProjectTag `json:"tags"`
UUID string `json:"uuid"`
}
Project is a project in Dependency-Track
type ProjectMetrics ¶
type ProjectMetrics struct {
Critical int32 `json:"critical"`
High int32 `json:"high"`
Low int32 `json:"low"`
Medium int32 `json:"medium"`
Unassigned int32 `json:"unassigned"`
InheritedRiskScore float64 `json:"inheritedRiskScore"`
}
ProjectMetrics are metrics for the project
type ProjectTag ¶
type ProjectTag struct {
Name string `json:"name"`
}
ProjectTag is a project's tag
type Time ¶
Time is a custom time type that supports unmarshalling from a unix timestamp
func (*Time) UnmarshalJSON ¶
UnmarshalJSON converts a unix timestamp to a time.Time
type ViolationAnalysis ¶
type ViolationAnalysis struct {
AnalysisState string `json:"analysisState"`
IsSuppressed bool `json:"isSuppressed,omitempty"`
}
ViolationAnalysis is the analysis decisions that have been made for the violation
Source Files