Documentation
¶
Overview ¶
Package scan manages the scan process to image scanning service
Index ¶
- type Bom
- type Handler
- func (h *Handler) AttachSBOMBuildStepAndNamespace(bom *Bom, buildStep, namespace string)
- func (h Handler) GetImageAnalysisStatus(digest string) (Status, error)
- func (h Handler) GetImageVulnerability(digest string) (*image.ScannedImage, error)
- func (h Handler) GetResponseFromScanAPI(digest string) (*image.ScannedImage, error)
- func (h Handler) HealthCheck() error
- func (h Handler) PutBomToAnalysisAPI(opts Option) (Status, error)
- func (h *Handler) Scan(opts Option) (*image.ScannedImage, error)
- func (h Handler) SendCancelSignal(digest string) error
- type Option
- type RegistryHandler
- type Status
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Bom ¶
type Bom struct {
// FullTag is the full tag of the bom
FullTag string
// ManifestDigest is the sha256 of this image manifest json
ManifestDigest string
// Packages enumerates the packages in the bill of materials
Packages bom.JSONDocument
}
Bom contains the full bill of materials for an image, along with some additional helpful metadata.
type Handler ¶
type Handler struct {
// contains filtered or unexported fields
}
Handler has all the fields for sending request to scanning service.
func NewScanHandler ¶
NewScanHandler will create a handler for scan cmd.
func (*Handler) AttachSBOMBuildStepAndNamespace ¶
AttachSBOMBuildStepAndNamespace will attach sbom & policy to the handler.
func (Handler) GetImageAnalysisStatus ¶
GetImageAnalysisStatus will fetch the current analysis result of an image.
func (Handler) GetImageVulnerability ¶
func (h Handler) GetImageVulnerability(digest string) (*image.ScannedImage, error)
GetImageVulnerability will fetch the vulnerability result via image digest.
func (Handler) GetResponseFromScanAPI ¶
func (h Handler) GetResponseFromScanAPI(digest string) (*image.ScannedImage, error)
GetResponseFromScanAPI will call the status API from image scanning service periodically, once the status is "FINISHED", it will fetch the real result from vuln API.
func (Handler) HealthCheck ¶
HealthCheck will check the health of the service backend.
func (Handler) PutBomToAnalysisAPI ¶
PutBomToAnalysisAPI will call the PUT API and upload sbom to image scanning service.
func (*Handler) Scan ¶
func (h *Handler) Scan(opts Option) (*image.ScannedImage, error)
Scan will send payload to image scanning service and fetch the result back.
func (Handler) SendCancelSignal ¶
SendCancelSignal will send a cancel signal to backend, will be called when timeout or manual interruption.
type Option ¶
type Option struct {
// ForceScan is the option whether to force scan an image no matter it is scanned or not.
ForceScan bool
// UseDockerDaemon is whether to use docker daemon to pull the image
UseDockerDaemon bool
// Credential is the auth string used for login to registry, format: USERNAME[:PASSWORD]
Credential string
// ShouldCleanup is whether to delete the docker image pulled by docker
ShouldCleanup bool
// FullTag is the tag set to override in the image
FullTag string
// Timeout is the duration (second) for the scan process
Timeout int
}
Option is the option used for image related cmd.
type RegistryHandler ¶
type RegistryHandler struct {
// contains filtered or unexported fields
}
RegistryHandler coordinates with OCI registry APIs in order to retrieve container images as needed.
func NewRegistryHandler ¶
func NewRegistryHandler() RegistryHandler
NewRegistryHandler constructs a new RegistryHandler instance.
Source Files