scan

package
v0.11.14 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 26, 2024 License: MIT Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var Command *cli.Command = &cli.Command{
	Name:    "scan",
	Aliases: []string{"s"},
	Usage:   "Scan image using Trivy",
	Flags: []cli.Flag{
		&cli.StringFlag{
			Name:    "severity",
			Aliases: []string{"S"},
			Usage:   "The severity to use when scanning the image: can be any combination of CRITICAL, HIGH, MEDIUM, LOW, or UNKNOWN separated by commas",
			Value:   "CRITICAL,HIGH",
			EnvVars: []string{"3LV_SEVERITY"},
		},
		&cli.StringSliceFlag{
			Name:    "formats",
			Aliases: []string{"F"},
			Usage:   "The formats to use when outputting the scan results: can be table, json, sarif or markdown.",
			Value:   cli.NewStringSlice("table"),
			Action: func(c *cli.Context, formats []string) error {
				for _, format := range formats {
					if format != "table" && format != "json" && format != "sarif" && format != "markdown" {
						return cli.Exit("Invalid format provided", 1)
					}
				}

				return nil
			},
			EnvVars: []string{"3LV_FORMATS"},
		},
		&cli.BoolFlag{
			Name:    "disable-error",
			Aliases: []string{"D"},
			Usage:   "Disable error exit code on vulnerabilities found",
			Value:   false,
			EnvVars: []string{"3LV_DISABLE_ERROR"},
		},
		&cli.BoolFlag{
			Name:    "skip-db-update",
			Usage:   "Skip update Trivy vulnerability database",
			Value:   false,
			EnvVars: []string{"3LV_SKIP_DB_UPDATE"},
		},
	},
	Action: Scan,
}

Functions

func Scan

func Scan(c *cli.Context) error

func ScanImage

func ScanImage(
	imageName string,
	severity string,
	formats []string,
	disableError bool,
	skipDBUpdate bool,
) error

Types

type TrivyResult added in v0.9.0

type TrivyResult struct {
	SchemaVersion int    `json:"SchemaVersion"`
	CreatedAt     string `json:"CreatedAt"`
	ArtifactName  string `json:"ArtifactName"`
	ArtifactType  string `json:"ArtifactType"`
	Metadata      struct {
		OS struct {
			Family string `json:"Family"`
			Name   string `json:"Name"`
			EOSL   bool   `json:"EOSL"`
		} `json:"OS"`
		ImageID     string   `json:"ImageID"`
		DiffIDs     []string `json:"DiffIDs"`
		RepoTags    []string `json:"RepoTags"`
		RepoDigests []string `json:"RepoDigests"`
		ImageConfig struct {
			Architecture  string `json:"architecture"`
			Container     string `json:"container"`
			Created       string `json:"created"`
			DockerVersion string `json:"docker_version"`
			History       []struct {
				Created    string `json:"created"`
				CreatedBy  string `json:"created_by"`
				EmptyLayer bool   `json:"empty_layer"`
			} `json:"history"`
			OS     string `json:"os"`
			Rootfs struct {
				Type    string   `json:"type"`
				DiffIDs []string `json:"diff_ids"`
			} `json:"rootfs"`
			Config struct {
				Cmd   []string `json:"Cmd"`
				Env   []string `json:"Env"`
				Image string   `json:"Image"`
			} `json:"config"`
		} `json:"ImageConfig"`
	} `json:"Metadata"`
	Results []struct {
		Target          string `json:"Target"`
		Class           string `json:"Class"`
		Type            string `json:"Type"`
		Vulnerabilities []struct {
			VulnerabilityID string `json:"VulnerabilityID"`
			PkgID           string `json:"PkgID"`
			PkgName         string `json:"PkgName"`
			PkgIdentifier   struct {
				PURL string `json:"PURL"`
				UID  string `json:"UID"`
			} `json:"PkgIdentifier"`
			InstalledVersion string `json:"InstalledVersion"`
			Status           string `json:"Status"`
			Layer            struct {
				Digest string `json:"Digest"`
				DiffID string `json:"DiffID"`
			} `json:"Layer"`
			SeveritySource string `json:"SeveritySource"`
			PrimaryURL     string `json:"PrimaryURL"`
			DataSource     struct {
				ID   string `json:"ID"`
				Name string `json:"Name"`
				URL  string `json:"URL"`
			} `json:"DataSource"`
			Title          string   `json:"Title"`
			Description    string   `json:"Description"`
			Severity       string   `json:"Severity"`
			CweIDs         []string `json:"CweIDs"`
			VendorSeverity struct {
				Azure      int `json:"azure"`
				Nvd        int `json:"nvd"`
				OracleOval int `json:"oracle-oval"`
				Photon     int `json:"photon"`
				Redhat     int `json:"redhat"`
				Ubuntu     int `json:"ubuntu"`
			} `json:"VendorSeverity"`
			CVSS struct {
				Nvd struct {
					V2Vector string  `json:"V2Vector"`
					V3Vector string  `json:"V3Vector"`
					V2Score  float64 `json:"V2Score"`
					V3Score  float64 `json:"V3Score"`
				} `json:"nvd"`
				Redhat struct {
					V3Vector string  `json:"V3Vector"`
					V3Score  float64 `json:"V3Score"`
				} `json:"redhat"`
			} `json:"CVSS"`
			References       []string `json:"References"`
			PublishedDate    string   `json:"PublishedDate"`
			LastModifiedDate string   `json:"LastModifiedDate"`
		} `json:"Vulnerabilities"`
	} `json:"Results"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL