Documentation
¶
Index ¶
Constants ¶
const MAX_TOP_RESULTS_IN_PAGE_OF_ARG = 1000
MAX_TOP_RESULTS_IN_PAGE_OF_ARG is the maximum. please see more information in https://docs.microsoft.com/en-us/azure/governance/resource-graph/concepts/work-with-data#paging-results
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ARGClient ¶
type ARGClient struct {
// contains filtered or unexported fields
}
ARGClient is our implementation for ARG client
func NewARGClient ¶
func NewARGClient(instrumentationProvider instrumentation.IInstrumentationProvider, argBaseClientWrapper wrappers.IARGBaseClientWrapper, configuration *ARGClientConfiguration, retryPolicy retrypolicy.IRetryPolicy) *ARGClient
NewARGClient Constructor
func (*ARGClient) QueryResources ¶
QueryResources gets a query and return an array object as a result
type ARGClientConfiguration ¶
type ARGClientConfiguration struct {
// Subscriptions is array of subscriptions that will be the scope of the query to ARG.
Subscriptions []string
}
type ARGDataProvider ¶
type ARGDataProvider struct {
// contains filtered or unexported fields
}
ARGDataProvider is a IARGDataProvider implementation
func NewARGDataProvider ¶
func NewARGDataProvider(instrumentationProvider instrumentation.IInstrumentationProvider, argClient IARGClient, queryGenerator queries.IARGQueryGenerator, cacheClient IARGDataProviderCacheClient, configuration *ARGDataProviderConfiguration) *ARGDataProvider
NewARGDataProvider Constructor
func (*ARGDataProvider) GetImageVulnerabilityScanResults ¶
func (provider *ARGDataProvider) GetImageVulnerabilityScanResults(registry string, repository string, digest string) (contracts.ScanStatus, []*contracts.ScanFinding, error)
GetImageVulnerabilityScanResults fetch ARG based scan data information on image if exists from ARG scanStatus to represent it stores a scan on image, and if so if it's healthy or not If scanStatus is Unscanned, nil scan findings array If scan status is Healthy, empty scan findings array If scan status is Unhealthy, findings presented in scan findings array
type ARGDataProviderCacheClient ¶
type ARGDataProviderCacheClient struct {
// contains filtered or unexported fields
}
ARGDataProviderCacheClient is a cache client designated for ARGDataProvider It wraps ICache client
func NewARGDataProviderCacheClient ¶
func NewARGDataProviderCacheClient(instrumentationProvider instrumentation.IInstrumentationProvider, cacheClient cache.ICacheClient, argDataProviderConfiguration *ARGDataProviderConfiguration) *ARGDataProviderCacheClient
NewARGDataProviderCacheClient - ARGDataProviderCacheClient Ctor
func (*ARGDataProviderCacheClient) GetResultsFromCache ¶
func (client *ARGDataProviderCacheClient) GetResultsFromCache(digest string) (contracts.ScanStatus, []*contracts.ScanFinding, error)
GetResultsFromCache try to get ImageVulnerabilityScanResults from cache. The cache mapping digest to scan results or to known errors. If the digest exist in cache - return the value (scan results or error) and a flag _gotResultsFromCache If the digest dont exist in cache or any other unknown error occurred - return "", nil, nil and _didntGotResultsFromCache
func (*ARGDataProviderCacheClient) SetScanFindingsInCache ¶
func (client *ARGDataProviderCacheClient) SetScanFindingsInCache(scanFindings []*contracts.ScanFinding, scanStatus contracts.ScanStatus, digest string) error
SetScanFindingsInCache map digest to scan results
type ARGDataProviderConfiguration ¶
type ARGDataProviderConfiguration struct {
// CacheExpirationTimeUnscannedResults is the expiration time **IN MINUTES** for unscanned results in the cache client
CacheExpirationTimeUnscannedResults int
// CacheExpirationTimeScannedResults is the expiration time **IN HOURS** for scan results in the cache client
CacheExpirationTimeScannedResults int
}
ARGDataProviderConfiguration is configuration data for ARGDataProvider
type IARGClient ¶
type IARGClient interface {
// QueryResources gets a query and return an array object as a result
QueryResources(query string) ([]interface{}, error)
}
IARGClient is an interface for our arg client implementation
type IARGDataProvider ¶
type IARGDataProvider interface {
// GetImageVulnerabilityScanResults fetch ARG based scan data information on image if exists from ARG
// scanStatus to represent it stores a scan on image, and if so if it's healthy or not
// If scanStatus is Unscanned, nil scan findings array
// If scan status is Healthy, empty scan findings array
// If scan status is Unhealthy, findings presented in scan findings array
GetImageVulnerabilityScanResults(registry string, repository string, digest string) (scanStatus contracts.ScanStatus, scanFindings []*contracts.ScanFinding, err error)
}
IARGDataProvider is a provider for any ARG data
type IARGDataProviderCacheClient ¶
type IARGDataProviderCacheClient interface {
// GetResultsFromCache try to get ImageVulnerabilityScanResults from cache.
// The cache mapping digest to scan results or to known errors.
// If the digest exist in cache - return the value (scan results or error) and a flag _gotResultsFromCache
// If the digest dont exist in cache or any other unknown error occurred - return "", nil, nil and _didntGotResultsFromCache
GetResultsFromCache(digest string) (contracts.ScanStatus, []*contracts.ScanFinding, error)
// SetScanFindingsInCache map digest to scan results
SetScanFindingsInCache(scanFindings []*contracts.ScanFinding, scanStatus contracts.ScanStatus, digest string) error
}
IARGDataProviderCacheClient is a cache client designated for ARGDataProvider
type ScanFindingsInCache ¶
type ScanFindingsInCache struct {
//ScanStatus vulnerability scan status for image
ScanStatus contracts.ScanStatus `json:"scanStatus"`
// ScanFindings vulnerability scan findings for image
ScanFindings []*contracts.ScanFinding `json:"scanFindings"`
}
ScanFindingsInCache represents findings of image vulnerability scan with its scan status
Source Files
Directories