Documentation
¶
Index ¶
- Constants
- Variables
- func IsEmptyLayer(blobSum digest.Digest) bool
- func Log(format string, args ...interface{})
- func Quiet(format string, args ...interface{})
- type Clair
- func (c *Clair) Close() error
- func (c *Clair) DeleteLayer(ctx context.Context, name string) error
- func (c *Clair) GetAncestry(ctx context.Context, name string) (*clairpb.GetAncestryResponse_Ancestry, error)
- func (c *Clair) GetLayer(ctx context.Context, name string, features, vulnerabilities bool) (*Layer, error)
- func (c *Clair) NewClairLayer(ctx context.Context, r *registry.Registry, image string, ...) (*Layer, error)
- func (c *Clair) NewClairV3Layer(ctx context.Context, r *registry.Registry, image string, ...) (*clairpb.PostAncestryRequest_PostLayer, error)
- func (c *Clair) PostAncestry(ctx context.Context, name string, ...) error
- func (c *Clair) PostLayer(ctx context.Context, layer *Layer) (*Layer, error)
- func (c *Clair) Vulnerabilities(ctx context.Context, r *registry.Registry, repo, tag string) (VulnerabilityReport, error)
- func (c *Clair) VulnerabilitiesV3(ctx context.Context, r *registry.Registry, repo, tag string) (VulnerabilityReport, error)
- type Error
- type ErrorTransport
- type Layer
- type LogfCallback
- type Opt
- type Vulnerability
- type VulnerabilityReport
Constants ¶
View Source
const ( // EmptyLayerBlobSum is the blob sum of empty layers. EmptyLayerBlobSum = "sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4" // LegacyEmptyLayerBlobSum is the blob sum of empty layers used by docker // before it could support a truly empty layer. LegacyEmptyLayerBlobSum = "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef" )
Variables ¶
View Source
var ( // ErrNilGRPCConn holds the error for when the grpc connection is nil. ErrNilGRPCConn = errors.New("grpcConn cannot be nil") )
View Source
var ( // Priorities are the vulnerability priority labels. Priorities = []string{"Unknown", "Negligible", "Low", "Medium", "High", "Critical", "Defcon1", "Fixable"} )
Functions ¶
func IsEmptyLayer ¶
IsEmptyLayer determines whether the blob sum is one of the known empty layers.
Types ¶
type Clair ¶
type Clair struct {
URL string
Client *http.Client
Logf LogfCallback
// contains filtered or unexported fields
}
Clair defines the client for retrieving information from the clair API.
func (*Clair) DeleteLayer ¶
DeleteLayer removes a layer reference from clair.
func (*Clair) GetAncestry ¶ added in v0.13.2
func (c *Clair) GetAncestry(ctx context.Context, name string) (*clairpb.GetAncestryResponse_Ancestry, error)
GetAncestry displays an ancestry and all of its features and vulnerabilities.
func (*Clair) GetLayer ¶
func (c *Clair) GetLayer(ctx context.Context, name string, features, vulnerabilities bool) (*Layer, error)
GetLayer displays a Layer and optionally all of its features and vulnerabilities.
func (*Clair) NewClairLayer ¶
func (c *Clair) NewClairLayer(ctx context.Context, r *registry.Registry, image string, fsLayers map[int]distribution.Descriptor, index int) (*Layer, error)
NewClairLayer will form a layer struct required for a clair scan.
func (*Clair) NewClairV3Layer ¶ added in v0.13.2
func (c *Clair) NewClairV3Layer(ctx context.Context, r *registry.Registry, image string, fsLayer distribution.Descriptor) (*clairpb.PostAncestryRequest_PostLayer, error)
NewClairV3Layer will form a layer struct required for a clair scan.
func (*Clair) PostAncestry ¶ added in v0.13.2
func (c *Clair) PostAncestry(ctx context.Context, name string, layers []*clairpb.PostAncestryRequest_PostLayer) error
PostAncestry performs the analysis of all layers from the provided path.
func (*Clair) Vulnerabilities ¶
func (c *Clair) Vulnerabilities(ctx context.Context, r *registry.Registry, repo, tag string) (VulnerabilityReport, error)
Vulnerabilities scans the given repo and tag.
func (*Clair) VulnerabilitiesV3 ¶ added in v0.13.2
func (c *Clair) VulnerabilitiesV3(ctx context.Context, r *registry.Registry, repo, tag string) (VulnerabilityReport, error)
VulnerabilitiesV3 scans the given repo and tag using the clair v3 API.
type Error ¶
type Error struct {
Message string `json:"Message,omitempty"`
}
Error describes the structure of a clair error.
type ErrorTransport ¶
type ErrorTransport struct {
Transport http.RoundTripper
}
ErrorTransport defines the data structure for returning errors from the round tripper.
type Layer ¶
type Layer struct {
Name string `json:"Name,omitempty"`
NamespaceName string `json:"NamespaceName,omitempty"`
Path string `json:"Path,omitempty"`
Headers map[string]string `json:"Headers,omitempty"`
ParentName string `json:"ParentName,omitempty"`
Format string `json:"Format,omitempty"`
IndexedByVersion int `json:"IndexedByVersion,omitempty"`
Features []feature `json:"Features,omitempty"`
}
Layer represents an image layer.
type LogfCallback ¶
type LogfCallback func(format string, args ...interface{})
LogfCallback is the callback for formatting logs.
type Vulnerability ¶
type Vulnerability struct {
Name string `json:"Name,omitempty"`
NamespaceName string `json:"NamespaceName,omitempty"`
Description string `json:"Description,omitempty"`
Link string `json:"Link,omitempty"`
Severity string `json:"Severity,omitempty"`
Metadata map[string]interface{} `json:"Metadata,omitempty"`
FixedBy string `json:"FixedBy,omitempty"`
FixedIn []feature `json:"FixedIn,omitempty"`
}
Vulnerability represents vulnerability entity returned by Clair.
type VulnerabilityReport ¶
type VulnerabilityReport struct {
Name string
RegistryURL string
Repo string
Tag string
Date string
Vulns []Vulnerability
VulnsBySeverity map[string][]Vulnerability
BadVulns int
}
VulnerabilityReport represents the result of a vulnerability scan of a repo.
Source Files
Click to show internal directories.
Click to hide internal directories.