Documentation ¶
Index ¶
- Constants
- Variables
- type AccessLog
- type Actor
- type AuthModel
- type BaseProjectCollection
- type ClairError
- type ClairFeature
- type ClairLayer
- type ClairLayerEnvelope
- type ClairNamespace
- type ClairNamespaceEnvelope
- type ClairNamespaceTimestamp
- type ClairNotification
- type ClairNotificationEnvelope
- type ClairOrderedLayerName
- type ClairVulnTimestamp
- type ClairVulnerability
- type ClairVulnerabilityStatus
- type ClairVulnerabilityWithLayers
- type ComponentsOverview
- type ComponentsOverviewEntry
- type ConfigEntry
- type Database
- type Email
- type Event
- type ImageScanReq
- type ImgScanOverview
- type LdapConf
- type LdapFailedImportUser
- type LdapImportUser
- type LdapUser
- type LogQueryParam
- type Member
- type MemberQuery
- type MySQL
- type Notification
- type Pagination
- type PostGreSQL
- type Project
- func (p *Project) AutoScan() bool
- func (p *Project) ContentTrustEnabled() bool
- func (p *Project) GetMetadata(key string) (string, bool)
- func (p *Project) IsPublic() bool
- func (p *Project) SetMetadata(key, value string)
- func (p *Project) Severity() string
- func (p *Project) TableName() string
- func (p *Project) VulPrevented() bool
- type ProjectMetadata
- type ProjectQueryParam
- type ProjectQueryResult
- type ProjectRequest
- type ProjectSorter
- type RepJob
- type RepPolicy
- type RepTarget
- type RepoRecord
- type Request
- type Role
- type SQLite
- type ScanAllPolicy
- type ScanJob
- type SchemaVersion
- type Severity
- type Target
- type Token
- type UAASettings
- type User
- type UserQuery
- type VulnerabilityItem
- type WatchItem
Constants ¶
const ( //JobPending ... JobPending string = "pending" //JobRunning ... JobRunning string = "running" //JobError ... JobError string = "error" //JobStopped ... JobStopped string = "stopped" //JobFinished ... JobFinished string = "finished" //JobCanceled ... JobCanceled string = "canceled" //JobRetrying indicate the job needs to be retried, it will be scheduled to the end of job queue by statemachine after an interval. JobRetrying string = "retrying" //JobContinue is the status returned by statehandler to tell statemachine to move to next possible state based on trasition table. JobContinue string = "_continue" )
const ( ProMetaPublic = "public" ProMetaEnableContentTrust = "enable_content_trust" ProMetaPreventVul = "prevent_vul" //prevent vulnerable images from being pulled ProMetaSeverity = "severity" ProMetaAutoScan = "auto_scan" SeverityNone = "negligible" SeverityLow = "low" SeverityMedium = "medium" SeverityHigh = "high" )
keys of project metadata and severity values
const ( //RepOpTransfer represents the operation of a job to transfer repository to a remote registry/harbor instance. RepOpTransfer string = "transfer" //RepOpDelete represents the operation of a job to remove repository from a remote registry/harbor instance. RepOpDelete string = "delete" //UISecretCookie is the cookie name to contain the UI secret UISecretCookie string = "secret" //RepTargetTable is the table name for replication targets RepTargetTable = "replication_target" //RepJobTable is the table name for replication jobs RepJobTable = "replication_job" //RepPolicyTable is table name for replication policies RepPolicyTable = "replication_policy" )
const ( //PROJECTADMIN project administrator PROJECTADMIN = 1 //DEVELOPER developer DEVELOPER = 2 //GUEST guest GUEST = 3 )
const ( // ScanAllNone "none" for not doing any scan all ScanAllNone = "none" // ScanAllDaily for doing scan all daily ScanAllDaily = "daily" // ScanAllOnRefresh for doing scan all when the Clair DB is refreshed. ScanAllOnRefresh = "on_refresh" // ScanAllDailyTime the key for parm of daily scan all policy. ScanAllDailyTime = "daily_time" )
const ClairVulnTimestampTable = "clair_vuln_timestamp"
ClairVulnTimestampTable is the name of the table that tracks the timestamp of vulnerability in Clair.
const ProjectTable = "project"
ProjectTable is the table name for project
const RepoTable = "repository"
RepoTable is the table name for repository
const ScanJobTable = "img_scan_job"
ScanJobTable is the name of the table whose data is mapped by ScanJob struct.
const ScanOverviewTable = "img_scan_overview"
ScanOverviewTable is the name of the table whose data is mapped by ImgScanOverview struct.
const UserTable = "user"
UserTable is the name of table in DB that holds the user object
Variables ¶
var DefaultScanAllPolicy = ScanAllPolicy{ Type: ScanAllDaily, Parm: map[string]interface{}{ ScanAllDailyTime: 0, }, }
DefaultScanAllPolicy ...
Functions ¶
This section is empty.
Types ¶
type AccessLog ¶
type AccessLog struct { LogID int `orm:"pk;auto;column(log_id)" json:"log_id"` Username string `orm:"column(username)" json:"username"` ProjectID int64 `orm:"column(project_id)" json:"project_id"` RepoName string `orm:"column(repo_name)" json:"repo_name"` RepoTag string `orm:"column(repo_tag)" json:"repo_tag"` GUID string `orm:"column(GUID)" json:"guid"` Operation string `orm:"column(operation)" json:"operation"` OpTime time.Time `orm:"column(op_time)" json:"op_time"` }
AccessLog holds information about logs which are used to record the actions that user take to the resourses.
type BaseProjectCollection ¶
BaseProjectCollection contains the query conditions which can be used to get a project collection. The collection can be used as the base to do other filter
type ClairError ¶
type ClairError struct {
Message string `json:"Message,omitempty"`
}
ClairError ...
type ClairFeature ¶
type ClairFeature struct { Name string `json:"Name,omitempty"` NamespaceName string `json:"NamespaceName,omitempty"` VersionFormat string `json:"VersionFormat,omitempty"` Version string `json:"Version,omitempty"` Vulnerabilities []ClairVulnerability `json:"Vulnerabilities,omitempty"` AddedBy string `json:"AddedBy,omitempty"` }
ClairFeature ...
type ClairLayer ¶
type ClairLayer struct { Name string `json:"Name,omitempty"` NamespaceNames []string `json:"NamespaceNames,omitempty"` Path string `json:"Path,omitempty"` Headers map[string]string `json:"Headers,omitempty"` ParentName string `json:"ParentName,omitempty"` Format string `json:"Format,omitempty"` Features []ClairFeature `json:"Features,omitempty"` }
ClairLayer ...
type ClairLayerEnvelope ¶
type ClairLayerEnvelope struct { Layer *ClairLayer `json:"Layer,omitempty"` Error *ClairError `json:"Error,omitempty"` }
ClairLayerEnvelope ...
type ClairNamespace ¶
type ClairNamespace struct { Name string `json:"Name,omitempty"` VersionFormat string `json:"VersionFormat,omitempty"` }
ClairNamespace ...
type ClairNamespaceEnvelope ¶
type ClairNamespaceEnvelope struct { Namespaces *[]ClairNamespace `json:"Namespaces,omitempty"` Error *ClairError `json:"Error,omitempty"` }
ClairNamespaceEnvelope ...
type ClairNamespaceTimestamp ¶
type ClairNamespaceTimestamp struct { Namespace string `json:"namespace"` Timestamp int64 `json:"last_update"` }
ClairNamespaceTimestamp is a record to store the clairname space and the timestamp, in practice different namespace in Clair maybe merged into one, e.g. ubuntu:14.04 and ubuntu:16.4 maybe merged into ubuntu and put into response.
type ClairNotification ¶
type ClairNotification struct { Name string `json:"Name,omitempty"` Created string `json:"Created,omitempty"` Notified string `json:"Notified,omitempty"` Deleted string `json:"Deleted,omitempty"` Limit int `json:"Limit,omitempty"` Page string `json:"Page,omitempty"` NextPage string `json:"NextPage,omitempty"` Old *ClairVulnerabilityWithLayers `json:"Old,omitempty"` New *ClairVulnerabilityWithLayers `json:"New,omitempty"` }
ClairNotification ...
type ClairNotificationEnvelope ¶
type ClairNotificationEnvelope struct { Notification *ClairNotification `json:"Notification,omitempty"` Error *ClairError `json:"Error,omitempty"` }
ClairNotificationEnvelope ...
type ClairOrderedLayerName ¶
ClairOrderedLayerName ...
type ClairVulnTimestamp ¶
type ClairVulnTimestamp struct { ID int64 `orm:"pk;auto;column(id)" json:"-"` Namespace string `orm:"column(namespace)" json:"namespace"` LastUpdate time.Time `orm:"column(last_update)" json:"-"` LastUpdateUTC int64 `orm:"-" json:"last_update"` }
ClairVulnTimestamp represents a record in DB that tracks the timestamp of vulnerability in Clair.
func (*ClairVulnTimestamp) TableName ¶
func (ct *ClairVulnTimestamp) TableName() string
TableName is required by beego to map struct to table.
type ClairVulnerability ¶
type ClairVulnerability struct { Name string `json:"Name,omitempty"` NamespaceName string `json:"NamespaceName,omitempty"` Description string `json:"Description,omitempty"` Link string `json:"Link,omitempty"` Severity string `json:"Severity,omitempty"` Metadata map[string]interface{} `json:"Metadata,omitempty"` FixedBy string `json:"FixedBy,omitempty"` FixedIn []ClairFeature `json:"FixedIn,omitempty"` }
ClairVulnerability ...
type ClairVulnerabilityStatus ¶
type ClairVulnerabilityStatus struct { OverallUTC int64 `json:"overall_last_update,omitempty"` Details []ClairNamespaceTimestamp `json:"details,omitempty"` }
ClairVulnerabilityStatus reflects the readiness and freshness of vulnerability data in Clair, which will be returned in response of systeminfo API.
type ClairVulnerabilityWithLayers ¶
type ClairVulnerabilityWithLayers struct { Vulnerability *ClairVulnerability `json:"Vulnerability,omitempty"` OrderedLayersIntroducingVulnerability []ClairOrderedLayerName `json:"OrderedLayersIntroducingVulnerability,omitempty"` }
ClairVulnerabilityWithLayers ...
type ComponentsOverview ¶
type ComponentsOverview struct { Total int `json:"total"` Summary []*ComponentsOverviewEntry `json:"summary"` }
ComponentsOverview has the total number and a list of components number of different serverity level.
type ComponentsOverviewEntry ¶
ComponentsOverviewEntry ...
type ConfigEntry ¶
type ConfigEntry struct { ID int64 `orm:"pk;auto;column(id)" json:"-"` Key string `orm:"column(k)" json:"k"` Value string `orm:"column(v)" json:"v"` }
ConfigEntry ...
type Database ¶
type Database struct { Type string `json:"type"` MySQL *MySQL `json:"mysql,omitempty"` SQLite *SQLite `json:"sqlite,omitempty"` }
Database ...
type Email ¶
type Email struct { Host string `json:"host"` Port int `json:"port"` Username string `json:"username"` Password string `json:"password"` SSL bool `json:"ssl"` Identity string `json:"identity"` From string `json:"from"` Insecure bool `json:"insecure"` }
Email ...
type Event ¶
type Event struct { ID string `json:"Id"` TimeStamp time.Time Action string Target *Target Request *Request Actor *Actor }
Event holds the details of a event.
type ImageScanReq ¶
ImageScanReq represents the request body to send to job service for image scan
type ImgScanOverview ¶
type ImgScanOverview struct { ID int64 `orm:"pk;auto;column(id)" json:"-"` Digest string `orm:"column(image_digest)" json:"image_digest"` Status string `orm:"-" json:"scan_status"` JobID int64 `orm:"column(scan_job_id)" json:"job_id"` Sev int `orm:"column(severity)" json:"severity"` CompOverviewStr string `orm:"column(components_overview)" json:"-"` CompOverview *ComponentsOverview `orm:"-" json:"components,omitempty"` DetailsKey string `orm:"column(details_key)" json:"details_key"` CreationTime time.Time `orm:"column(creation_time);auto_now_add" json:"creation_time,omitempty"` UpdateTime time.Time `orm:"column(update_time);auto_now" json:"update_time,omitempty"` }
ImgScanOverview mapped to a record of image scan overview.
type LdapConf ¶
type LdapConf struct { LdapURL string `json:"ldap_url"` LdapSearchDn string `json:"ldap_search_dn"` LdapSearchPassword string `json:"ldap_search_password"` LdapBaseDn string `json:"ldap_base_dn"` LdapFilter string `json:"ldap_filter"` LdapUID string `json:"ldap_uid"` LdapScope int `json:"ldap_scope"` LdapConnectionTimeout int `json:"ldap_connection_timeout"` LdapVerifyCert bool `json:"ldap_verify_cert"` }
LdapConf holds information about ldap configuration
type LdapFailedImportUser ¶
LdapFailedImportUser ...
type LdapImportUser ¶
type LdapImportUser struct {
LdapUIDList []string `json:"ldap_uid_list"`
}
LdapImportUser ...
type LdapUser ¶
type LdapUser struct { Username string `json:"ldap_username"` Email string `json:"ldap_email"` Realname string `json:"ldap_realname"` DN string `json:"-"` }
LdapUser ...
type LogQueryParam ¶
type LogQueryParam struct { ProjectIDs []int64 // the IDs of projects to which the operation is done Username string // the operator's username of the log Repository string // repository name Tag string // tag name Operations []string // operations BeginTime *time.Time // the time after which the operation is done EndTime *time.Time // the time before which the operation is doen Pagination *Pagination // pagination information }
LogQueryParam is used to set query conditions when listing access logs.
type Member ¶
type Member struct { ID int `orm:"pk;column(user_id)" json:"user_id"` Username string `json:"username"` Rolename string `json:"role_name"` Role int `json:"role_id"` }
Member holds the details of a member.
type MemberQuery ¶
type MemberQuery struct { Name string // the username of member Role int // the role of the member has to the project }
MemberQuery fitler by member's username and role
type MySQL ¶
type MySQL struct { Host string `json:"host"` Port int `json:"port"` Username string `json:"username"` Password string `json:"password,omitempty"` Database string `json:"database"` }
MySQL ...
type PostGreSQL ¶
type PostGreSQL struct { Host string `json:"host"` Port int `json:"port"` Username string `json:"username"` Password string `json:"password,omitempty"` Database string `json:"database"` }
PostGreSQL ...
type Project ¶
type Project struct { ProjectID int64 `orm:"pk;auto;column(project_id)" json:"project_id"` OwnerID int `orm:"column(owner_id)" json:"owner_id"` Name string `orm:"column(name)" json:"name"` CreationTime time.Time `orm:"column(creation_time)" json:"creation_time"` UpdateTime time.Time `orm:"update_time" json:"update_time"` Deleted int `orm:"column(deleted)" json:"deleted"` OwnerName string `orm:"-" json:"owner_name"` Togglable bool `orm:"-" json:"togglable"` Role int `orm:"-" json:"current_user_role_id"` RepoCount int `orm:"-" json:"repo_count"` Metadata map[string]string `orm:"-" json:"metadata"` }
Project holds the details of a project.
func (*Project) ContentTrustEnabled ¶
ContentTrustEnabled ...
func (*Project) GetMetadata ¶
GetMetadata ...
type ProjectMetadata ¶
type ProjectMetadata struct { ID int64 `orm:"pk;auto;column(id)" json:"id"` ProjectID int64 `orm:"column(project_id)" json:"project_id"` Name string `orm:"column(name)" json:"name"` Value string `orm:"column(value)" json:"value"` CreationTime time.Time `orm:"column(creation_time)" json:"creation_time"` UpdateTime time.Time `orm:"column(update_time)" json:"update_time"` Deleted int `orm:"column(deleted)" json:"deleted"` }
ProjectMetadata holds the metadata of a project.
type ProjectQueryParam ¶
type ProjectQueryParam struct { Name string // the name of project Owner string // the username of project owner Public *bool // the project is public or not, can be ture, false and nil Member *MemberQuery // the member of project Pagination *Pagination // pagination information ProjectIDs []int64 // project ID list }
ProjectQueryParam can be used to set query parameters when listing projects. The query condition will be set in the query if its corresponding field is not nil. Leave it empty if you don't want to apply this condition.
e.g. List all projects: query := nil List all public projects: query := &QueryParam{Public: true} List projects the owner of which is user1: query := &QueryParam{Owner:"user1"} List all public projects the owner of which is user1: query := &QueryParam{Owner:"user1",Public:true} List projects which user1 is member of: query := &QueryParam{Member:&Member{Name:"user1"}} List projects which user1 is the project admin : query := &QueryParam{Memeber:&Member{Name:"user1",Role:1}}
type ProjectQueryResult ¶
ProjectQueryResult ...
type ProjectRequest ¶
type ProjectRequest struct { Name string `json:"project_name"` Public *int `json:"public"` //deprecated, reserved for project creation in replication Metadata map[string]string `json:"metadata"` }
ProjectRequest holds informations that need for creating project API
type ProjectSorter ¶
type ProjectSorter struct {
Projects []*Project
}
ProjectSorter holds an array of projects
func (*ProjectSorter) Len ¶
func (ps *ProjectSorter) Len() int
Len returns the length of array in ProjectSorter
func (*ProjectSorter) Less ¶
func (ps *ProjectSorter) Less(i, j int) bool
Less defines the comparison rules of project
func (*ProjectSorter) Swap ¶
func (ps *ProjectSorter) Swap(i, j int)
Swap swaps the position of i and j
type RepJob ¶
type RepJob struct { ID int64 `orm:"pk;auto;column(id)" json:"id"` Status string `orm:"column(status)" json:"status"` Repository string `orm:"column(repository)" json:"repository"` PolicyID int64 `orm:"column(policy_id)" json:"policy_id"` Operation string `orm:"column(operation)" json:"operation"` Tags string `orm:"column(tags)" json:"-"` TagList []string `orm:"-" json:"tags"` // Policy RepPolicy `orm:"-" json:"policy"` CreationTime time.Time `orm:"column(creation_time);auto_now_add" json:"creation_time"` UpdateTime time.Time `orm:"column(update_time);auto_now" json:"update_time"` }
RepJob is the model for a replication job, which is the execution unit on job service, currently it is used to transfer/remove a repository to/from a remote registry instance.
type RepPolicy ¶
type RepPolicy struct { ID int64 `orm:"pk;auto;column(id)"` ProjectID int64 `orm:"column(project_id)" ` TargetID int64 `orm:"column(target_id)"` Name string `orm:"column(name)"` Description string `orm:"column(description)"` Trigger string `orm:"column(cron_str)"` Filters string `orm:"column(filters)"` ReplicateDeletion bool `orm:"column(replicate_deletion)"` CreationTime time.Time `orm:"column(creation_time);auto_now_add"` UpdateTime time.Time `orm:"column(update_time);auto_now"` Deleted int `orm:"column(deleted)"` }
RepPolicy is the model for a replication policy, which associate to a project and a target (destination)
type RepTarget ¶
type RepTarget struct { ID int64 `orm:"pk;auto;column(id)" json:"id"` URL string `orm:"column(url)" json:"endpoint"` Name string `orm:"column(name)" json:"name"` Username string `orm:"column(username)" json:"username"` Password string `orm:"column(password)" json:"password"` Type int `orm:"column(target_type)" json:"type"` Insecure bool `orm:"column(insecure)" json:"insecure"` CreationTime time.Time `orm:"column(creation_time);auto_now_add" json:"creation_time"` UpdateTime time.Time `orm:"column(update_time);auto_now" json:"update_time"` }
RepTarget is the model for a replication targe, i.e. destination, which wraps the endpoint URL and username/password of a remote registry.
type RepoRecord ¶
type RepoRecord struct { RepositoryID int64 `orm:"pk;auto;column(repository_id)" json:"repository_id"` Name string `orm:"column(name)" json:"name"` ProjectID int64 `orm:"column(project_id)" json:"project_id"` Description string `orm:"column(description)" json:"description"` PullCount int64 `orm:"column(pull_count)" json:"pull_count"` StarCount int64 `orm:"column(star_count)" json:"star_count"` CreationTime time.Time `orm:"column(creation_time);auto_now_add" json:"creation_time"` UpdateTime time.Time `orm:"column(update_time);auto_now" json:"update_time"` }
RepoRecord holds the record of an repository in DB, all the infors are from the registry notification event.
func (*RepoRecord) TableName ¶
func (rp *RepoRecord) TableName() string
TableName is required by by beego orm to map RepoRecord to table repository
type Role ¶
type Role struct { RoleID int `orm:"pk;auto;column(role_id)" json:"role_id"` RoleCode string `orm:"column(role_code)" json:"role_code"` Name string `orm:"column(name)" json:"role_name"` RoleMask int `orm:"role_mask" json:"role_mask"` }
Role holds the details of a role.
type ScanAllPolicy ¶
type ScanAllPolicy struct { Type string `json:"type"` Parm map[string]interface{} `json:"parameter, omitempty"` }
ScanAllPolicy is represent the json request and object for scan all policy, the parm is het
type ScanJob ¶
type ScanJob struct { ID int64 `orm:"pk;auto;column(id)" json:"id"` Status string `orm:"column(status)" json:"status"` Repository string `orm:"column(repository)" json:"repository"` Tag string `orm:"column(tag)" json:"tag"` Digest string `orm:"column(digest)" json:"digest"` CreationTime time.Time `orm:"column(creation_time);auto_now_add" json:"creation_time"` UpdateTime time.Time `orm:"column(update_time);auto_now" json:"update_time"` }
ScanJob is the model to represent a job for image scan in DB.
type SchemaVersion ¶
type SchemaVersion struct {
Version string `json:"version" orm:"column(version_num)"`
}
SchemaVersion is the version of database schema
type Severity ¶
type Severity int64
Severity represents the severity of a image/component in terms of vulnerability.
const ( SevNone Severity SevUnknown SevLow SevMedium SevHigh )
Sevxxx is the list of severity of image after scanning.
type Target ¶
type Target struct { MediaType string Digest string Repository string URL string `json:"Url"` Tag string }
Target holds information about the target of a event.
type Token ¶
type Token struct { Token string `json:"token"` ExpiresIn int `json:"expires_in"` IssuedAt string `json:"issued_at"` }
Token represents the json returned by registry token service
type UAASettings ¶
UAASettings wraps the configuraations to access UAA service
type User ¶
type User struct { UserID int `orm:"pk;auto;column(user_id)" json:"user_id"` Username string `orm:"column(username)" json:"username"` Email string `orm:"column(email)" json:"email"` Password string `orm:"column(password)" json:"password"` Realname string `orm:"column(realname)" json:"realname"` Comment string `orm:"column(comment)" json:"comment"` Deleted int `orm:"column(deleted)" json:"deleted"` Rolename string `orm:"-" json:"role_name"` //if this field is named as "RoleID", beego orm can not map role_id //to it. Role int `orm:"-" json:"role_id"` // RoleList []Role `json:"role_list"` HasAdminRole int `orm:"column(sysadmin_flag)" json:"has_admin_role"` ResetUUID string `orm:"column(reset_uuid)" json:"reset_uuid"` Salt string `orm:"column(salt)" json:"-"` CreationTime time.Time `orm:"creation_time" json:"creation_time"` UpdateTime time.Time `orm:"update_time" json:"update_time"` }
User holds the details of a user.
type UserQuery ¶
type UserQuery struct { Username string Email string Pagination *Pagination }
UserQuery ...
type VulnerabilityItem ¶
type VulnerabilityItem struct { ID string `json:"id"` Severity Severity `json:"severity"` Pkg string `json:"package"` Version string `json:"version"` Description string `json:"description"` Link string `json:"link"` Fixed string `json:"fixedVersion,omitempty"` }
VulnerabilityItem is an item in the vulnerability result returned by vulnerability details API.
type WatchItem ¶
type WatchItem struct { ID int64 `orm:"pk;auto;column(id)" json:"id"` PolicyID int64 `orm:"column(policy_id)" json:"policy_id"` Namespace string `orm:"column(namespace)" json:"namespace"` OnDeletion bool `orm:"column(on_deletion)" json:"on_deletion"` OnPush bool `orm:"column(on_push)" json:"on_push"` CreationTime time.Time `orm:"column(creation_time)" json:"creation_time"` UpdateTime time.Time `orm:"column(update_time)" json:"update_time"` }
WatchItem ...