Documentation
¶
Index ¶
- func DumpScanResponseToFileIfNeeded(results services.ScanResponse, scanResultsOutputDir string, ...) (err error)
- func GetScaScansStatusCode(err error, results ...services.ScanResponse) int
- func RunScaScan(strategy SbomScanStrategy, params ScaScanParams) (generalError error)
- type SbomScanOption
- type SbomScanStrategy
- type ScaScanParams
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DumpScanResponseToFileIfNeeded ¶ added in v1.26.1
func DumpScanResponseToFileIfNeeded(results services.ScanResponse, scanResultsOutputDir string, scanType utils.SubScanType, threadId int) (err error)
If an output dir was provided through --output-dir flag, we create in the provided path new file containing the scan results TODO: remove this function once the new flow is fully implemented.
func GetScaScansStatusCode ¶
func GetScaScansStatusCode(err error, results ...services.ScanResponse) int
Infer the status code of SCA Xray scan, if err occurred or any of the results is `failed` return 1, otherwise return 0.
func RunScaScan ¶
func RunScaScan(strategy SbomScanStrategy, params ScaScanParams) (generalError error)
Types ¶
type SbomScanOption ¶
type SbomScanOption func(sss SbomScanStrategy)
type SbomScanStrategy ¶
type SbomScanStrategy interface {
// WithOptions allows to set options for the SBOM scan strategy.
WithOptions(options ...SbomScanOption) SbomScanStrategy
// PrepareStrategy prepares the strategy for SBOM scanning, should be called once before scanning SBOMs.
PrepareStrategy() error
// DeprecatedScanTask scans the given SBOM using the specified technology returning the scan response.
// TODO: This method is deprecated and only used for backward compatibility until the new BOM can contain all the information scanResponse contains.
// Missing attributes:
// - ExtendedInformation (JfrogResearchInformation): ShortDescription, FullDescription, frogResearchSeverityReasons, Remediation
// - Binary (Docker) indexer attributes (needed for Scan Graph)
DeprecatedScanTask(target *cyclonedx.BOM) (services.ScanResponse, error)
// Perform a Scan on the given SBOM and return the enriched CycloneDX BOM and calculated violations.
SbomEnrichTask(target *cyclonedx.BOM) (*cyclonedx.BOM, error)
}
SbomScanStrategy is an interface for scanning SBOMs using different strategies.
type ScaScanParams ¶
type ScaScanParams struct {
// The TargetResults contains the Sbom target for scan.
ScanResults *results.TargetResults
// Params to decide if the scan should be performed.
ScansToPerform []utils.SubScanType
ConfigProfile *xscServices.ConfigProfile
// If true and error occur, the error will not end the scan.
AllowPartialResults bool
// If provided, the raw scan results will be saved to this directory.
ResultsOutputDir string
// For Source-Code (Audit), scans are performed in parallel, thus we need to pass the security parallel runner.
Runner *utils.SecurityParallelRunner
ThreadId int
TargetCount int
// TODO: remove this field once the new flow is fully implemented. (in all commands)
IsNewFlow bool
}
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.